A curated list of cloud pentesting resource, contains AWS, Azure, Google Cloud
☆143May 24, 2022Updated 3 years ago
Alternatives and similar repositories for cloud-penetration-testing
Users that are interested in cloud-penetration-testing are comparing it to the libraries listed below
Sorting:
- Cloud Pentesting Resource Collection☆35Jan 10, 2024Updated 2 years ago
- This repository mainly focuses on various techniques, tools, frameworks and approach to perform offensive exploitation of AWS infrastruct…☆12Jun 12, 2019Updated 6 years ago
- ☆11Jan 24, 2023Updated 3 years ago
- Resources to learn cloud environment and pentesting the same, contains AWS, Azure, Google Cloud☆55Mar 7, 2022Updated 3 years ago
- Offensive security and Penetration Testing TTP for Cloud based environment (AWS / Azure / GCP)☆346Mar 4, 2025Updated last year
- A collection of resources, tools and more for penetration testing and securing Microsofts cloud platform Azure.☆1,178Dec 27, 2023Updated 2 years ago
- A tool to keep AWS pentests and red teams efficient, organized, and stealthy.☆96Dec 29, 2025Updated 2 months ago
- Collection of fuzzing payloads and corpus from all around added as sub modules☆15May 17, 2025Updated 9 months ago
- Here are some common interview questions for an application security position you can review for your own interview, along with example a…☆31Apr 17, 2022Updated 3 years ago
- ☆755Aug 26, 2022Updated 3 years ago
- bash script for automating subdomain enumeration process either passive or active☆29Feb 24, 2026Updated last week
- Gouge is a simple Burp extension to extract or gouge all URLs which are seen in JS files as you visit different websites/webpages in Burp…☆28Jul 21, 2024Updated last year
- Exploit for CVE-2024-3273, supports single and multiple hosts☆13Apr 7, 2024Updated last year
- Scan websites CSP policies and visualise their vunlnerabilities from a dashboard☆13Mar 11, 2025Updated 11 months ago
- All the code snippets from my Secure Code Review series on youtube (youtube.com/@muqsitbaig)!☆25Jul 28, 2024Updated last year
- Exploits with pwntools library in Python3. ROP, BOF, SHELLCODE.☆20Feb 2, 2024Updated 2 years ago
- Nuclei template for CVE-2024-23897 (Jenkins LFI Vulnerability)☆21Feb 5, 2024Updated 2 years ago
- Automatically deploy Nemesis☆21Jun 14, 2024Updated last year
- Wounty is a simple web enumeration script that makes use of other popular tools to automate the early stages of recognition in Bug Bounty…☆14Feb 6, 2022Updated 4 years ago
- Exploit for CVE-2024-5009☆13Jul 8, 2024Updated last year
- Powershell Scripts for Blue Team members☆11Dec 1, 2023Updated 2 years ago
- aiohttp LFI (CVE-2024-23334)☆27Mar 19, 2024Updated last year
- Awesome list for cloud security related projects☆150Oct 4, 2022Updated 3 years ago
- ☆16Mar 29, 2024Updated last year
- ☆244Jan 23, 2025Updated last year
- Collection of offensive tools targeting Microsoft Azure☆218Jan 18, 2023Updated 3 years ago
- AzureGoat : A Damn Vulnerable Azure Infrastructure☆917Oct 30, 2024Updated last year
- Deploy multiple instances of Nessus in docker containers easily☆20Mar 31, 2021Updated 4 years ago
- ☆19Apr 28, 2025Updated 10 months ago
- Log4Shell IOCs from CERT Orange Cyberdefense Threat Intelligence Datalake☆18Nov 25, 2022Updated 3 years ago
- Unauthorized Access to Metadata and User Data like CTF☆28Nov 30, 2024Updated last year
- ☆33Aug 25, 2021Updated 4 years ago
- exfiltration/infiltration toolkit☆23Dec 20, 2023Updated 2 years ago
- A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.☆401Jan 10, 2025Updated last year
- A OWASP Based Checklist With 80+ Test Cases☆156Oct 26, 2022Updated 3 years ago
- Awesome Mobile Application Penetration Testing Cheat Sheet☆14May 29, 2021Updated 4 years ago
- Python 3 script for interacting with Shodan API☆20Nov 4, 2024Updated last year
- Converts Half-WPA handshake to hashcat☆19Oct 29, 2018Updated 7 years ago
- Beacon Object Files used for Cobalt Strike☆19Jul 18, 2023Updated 2 years ago