mxm0z / awesome-sec-s3

Related projects ⓘ

Alternatives and complementary repositories for awesome-sec-s3

• koenrh / s3enum
  Fast and stealthy Amazon S3 bucket enumeration tool for pentesters.
  ☆229Updated 2 weeks ago
• gwen001 / s3-buckets-finder
  Find AWS S3 buckets and test their permissions.
  ☆368Updated last year
• sansatart / scrapts
  Scrapts Scrapts Scrapts
  ☆235Updated 7 months ago
• codingo / DNSCewl
  A DNS Bruteforcing Wordlist Generator
  ☆350Updated last year
• hakluke / haktrails
  Golang client for querying SecurityTrails API data
  ☆539Updated last year
• BishopFox / smogcloud
  Find cloud assets that no one wants exposed 🔎 ☁️
  ☆332Updated 4 years ago
• 0xsha / CloudBrute
  Awesome cloud enumerator
  ☆895Updated 3 months ago
• Static-Flow / gofingerprint
  GoFingerprint is a Go tool for taking a list of target web servers and matching their HTTP responses against a user defined list of fing…
  ☆201Updated last year
• gsmith257-cyber / GraphCrawler
  GraphQL automated security testing toolkit
  ☆303Updated 9 months ago
• BountyStrike / Bountystrike-sh
  Poor (rich?) man's bug bounty pipeline https://dubell.io
  ☆271Updated last year
• hakluke / hakcheckurl
  Takes a list of URLs and returns their HTTP response codes
  ☆391Updated last year
• PortSwigger / autowasp
  BurpSuite Extension: A one-stop pen testing checklist and logger tool
  ☆263Updated last year
• ameenmaali / wordlistgen
  Quickly generate context-specific wordlists for content discovery from lists of URLs or paths
  ☆217Updated 2 years ago
• detectify / ugly-duckling
  Ugly Duckling is a lightweight scanner built specifically for our Crowdsource community to submit proof-of-concept modules
  ☆188Updated 3 years ago
• vortexau / dnsvalidator
  Maintains a list of IPv4 DNS servers by verifying them against baseline servers, and ensuring accurate responses.
  ☆656Updated 10 months ago
• projectdiscovery / nuclei-action
  Vulnerability Scan with Nuclei
  ☆242Updated this week
• Josue87 / AnalyticsRelationships
  Get related domains / subdomains by looking at Google Analytics IDs
  ☆228Updated 2 years ago
• trufflesecurity / Trufflehog-Chrome-Extension
  ☆365Updated 3 years ago
• attacksurge / awesome-attack-surface-monitoring
  Curated list of open-source & paid Attack Surface Monitoring (ASM) tools.
  ☆354Updated last month
• honoki / bbrf-server
  The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices
  ☆295Updated this week
• raverrr / plution
  Prototype pollution scanner using headless chrome
  ☆197Updated 2 years ago
• m6a-UdS / dvca
  Damn Vulnerable Cloud Application
  ☆187Updated 6 years ago
• tomnomnom / fff
  The Fairly Fast Fetcher. Requests a bunch of URLs provided on stdin fairly quickly.
  ☆387Updated 7 months ago
• redhuntlabs / BucketLoot
  BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for c…
  ☆381Updated 3 months ago
• andresriancho / enumerate-iam
  Enumerate the permissions associated with AWS credential set
  ☆1,098Updated 9 months ago
• mhmdiaa / second-order
  Second-order subdomain takeover scanner
  ☆377Updated last year
• WeAreCloudar / s3-account-search
  S3 Account Search
  ☆246Updated last month
• shabarkin / aws-enumerator
  The AWS Enumerator was created for service enumeration and info dumping for investigations of penetration testers during Black-Box testin…
  ☆181Updated 2 years ago
• Cgboal / SonarSearch
  A rapid API for the Project Sonar dataset
  ☆641Updated last year
• Josue87 / gotator
  Gotator is a tool to generate DNS wordlists through permutations.
  ☆457Updated 2 years ago