mxm0z / awesome-sec-s3
A collection of awesome AWS S3 tools that collects and enumerates exposed S3 buckets
☆289Updated 3 months ago
Related projects: ⓘ
- BurpSuite Extension: A one-stop pen testing checklist and logger tool☆258Updated last year
- Find AWS S3 buckets and test their permissions.☆366Updated last year
- Awesome cloud enumerator☆856Updated last month
- Golang client for querying SecurityTrails API data☆529Updated last year
- Fast and stealthy Amazon S3 bucket enumeration tool for pentesters.☆215Updated 3 months ago
- Find cloud assets that no one wants exposed 🔎 ☁️☆330Updated 4 years ago
- Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …☆524Updated 9 months ago
- mx-takeover focuses DNS MX records and detects misconfigured MX records.☆333Updated last year
- A DNS Bruteforcing Wordlist Generator☆346Updated last year
- Turns any junk text into a usable wordlist for brute-forcing.☆214Updated 6 months ago
- GoFingerprint is a Go tool for taking a list of target web servers and matching their HTTP responses against a user defined list of fing…☆198Updated last year
- BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for c…☆371Updated last month
- Misconfig Mapper is a fast tool to help you uncover security misconfigurations on popular third-party services used by your company and/o…☆333Updated 2 weeks ago
- The AWS Enumerator was created for service enumeration and info dumping for investigations of penetration testers during Black-Box testin…☆172Updated 2 years ago
- A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated.☆476Updated last year
- Cloudlist is a tool for listing Assets from multiple Cloud Providers.☆840Updated this week
- ☆424Updated 4 months ago
- Small tool to Grab subdomains using Shodan api.☆336Updated 2 months ago
- A tool to scrape the AWS ranges looking for a keyword in SSL certificate data.☆223Updated 8 months ago
- CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.☆493Updated 2 years ago
- GraphQL automated security testing toolkit☆296Updated 7 months ago
- This is an offensive guide to securing AWS infrastructures. The hope is that by knowing how to take advantage of various types of AWS wea…☆166Updated 5 years ago
- Amazon S3 bucket finder and crawler.☆144Updated 2 years ago
- Scrapts Scrapts Scrapts☆232Updated 5 months ago
- Damn Vulnerable Cloud Application☆183Updated 6 years ago
- openrisk is a tool that generates a risk score based on the results of a Nuclei scan.☆162Updated 4 months ago
- Simple shell script for automated domain recognition with some tools☆298Updated 3 years ago
- Fast and customizable vulnerability scanner For JIRA written in Python☆318Updated 7 months ago
- An automated target reconnaissance pipeline.☆424Updated last year
- ☆332Updated 4 months ago