A curated list of cloud pentesting resource, contains AWS, Azure, Google Cloud
☆148May 24, 2022Updated 4 years ago
Alternatives and similar repositories for cloud-penetration-testing
Users that are interested in cloud-penetration-testing are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Cloud Pentesting Resource Collection☆38Apr 18, 2026Updated last month
- Resources to learn cloud environment and pentesting the same, contains AWS, Azure, Google Cloud☆56Mar 7, 2022Updated 4 years ago
- This repository mainly focuses on various techniques, tools, frameworks and approach to perform offensive exploitation of AWS infrastruct…☆12Jun 12, 2019Updated 6 years ago
- A tool to keep AWS pentests and red teams efficient, organized, and stealthy.☆96Dec 29, 2025Updated 4 months ago
- Offensive security and Penetration Testing TTP for Cloud based environment (AWS / Azure / GCP)☆349Mar 4, 2025Updated last year
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- ☆11Jan 24, 2023Updated 3 years ago
- A collection of resources, tools and more for penetration testing and securing Microsofts cloud platform Azure.☆1,199Dec 27, 2023Updated 2 years ago
- Collection of fuzzing payloads and corpus from all around added as sub modules☆15Mar 26, 2026Updated 2 months ago
- ☆760Aug 26, 2022Updated 3 years ago
- This Repo serves as a collection of shared security and penetration testing resources for the cloud.☆300Jul 21, 2024Updated last year
- Automatically deploy Nemesis☆21Jun 14, 2024Updated last year
- Here are some common interview questions for an application security position you can review for your own interview, along with example a…☆32Apr 17, 2022Updated 4 years ago
- ☆244Jan 23, 2025Updated last year
- AzureGoat : A Damn Vulnerable Azure Infrastructure☆937Oct 30, 2024Updated last year
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Exploit for CVE-2024-5009☆13Jul 8, 2024Updated last year
- Exploits with pwntools library in Python3. ROP, BOF, SHELLCODE.☆20Feb 2, 2024Updated 2 years ago
- ☆35Nov 14, 2024Updated last year
- Wounty is a simple web enumeration script that makes use of other popular tools to automate the early stages of recognition in Bug Bounty…☆14Feb 6, 2022Updated 4 years ago
- Pentesting lab with a Kali Linux instance accessible via ssh & wireguard VPN and with vulnerable instances in a private subnet☆194Jul 4, 2024Updated last year
- Azure and AWS Attacks☆1,121Nov 25, 2022Updated 3 years ago
- bash script for automating subdomain enumeration process either passive or active☆30Feb 24, 2026Updated 3 months ago
- top usernames from azure survey 2025☆16Apr 25, 2025Updated last year
- ☆753Updated this week
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Automating situational awareness for cloud penetration tests.☆2,406May 19, 2026Updated last week
- ☆33Aug 25, 2021Updated 4 years ago
- A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.☆402Jan 10, 2025Updated last year
- Scan websites CSP policies and visualise their vunlnerabilities from a dashboard☆13Mar 11, 2025Updated last year
- Simple website to guess API Key / OAuth Token☆49Aug 29, 2022Updated 3 years ago
- ☆19Apr 28, 2025Updated last year
- Awesome free cloud native security learning labs. Includes CTF, self-hosted workshops, guided vulnerability labs, and research labs.☆1,965Oct 1, 2025Updated 7 months ago
- All the code snippets from my Secure Code Review series on youtube (youtube.com/@muqsitbaig)!☆25Jul 28, 2024Updated last year
- Gouge is a simple Burp extension to extract or gouge all URLs which are seen in JS files as you visit different websites/webpages in Burp…☆29Jul 21, 2024Updated last year
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Collection of offensive tools targeting Microsoft Azure☆223Apr 1, 2026Updated last month
- This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage clou…☆2,818Apr 6, 2026Updated last month
- ☆20May 18, 2022Updated 4 years ago
- The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.☆5,194May 19, 2026Updated last week
- exfiltration/infiltration toolkit☆23Dec 20, 2023Updated 2 years ago
- Beacon Object Files used for Cobalt Strike☆19Jul 18, 2023Updated 2 years ago
- Exploit for CVE-2024-3273, supports single and multiple hosts☆13Apr 7, 2024Updated 2 years ago