mxm0z / awesome-sec-s3
A collection of awesome AWS S3 tools that collects and enumerates exposed S3 buckets
☆356Updated 9 months ago
Alternatives and similar repositories for awesome-sec-s3:
Users that are interested in awesome-sec-s3 are comparing it to the libraries listed below
- Fast and stealthy Amazon S3 bucket enumeration tool for pentesters.☆247Updated this week
- Golang client for querying SecurityTrails API data☆551Updated last year
- Awesome cloud enumerator☆999Updated last month
- BurpSuite Extension: A one-stop pen testing checklist and logger tool☆265Updated 2 years ago
- Find AWS S3 buckets and test their permissions.☆381Updated 2 years ago
- BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for c…☆405Updated 2 months ago
- Vulnerability Scan with Nuclei☆252Updated 5 months ago
- Cloudlist is a tool for listing Assets from multiple Cloud Providers.☆923Updated this week
- ☆479Updated 11 months ago
- ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on sc…☆318Updated 3 weeks ago
- A DNS Bruteforcing Wordlist Generator☆356Updated 2 years ago
- Scrapts Scrapts Scrapts☆236Updated last year
- Takes a list of URLs and returns their HTTP response codes☆393Updated last year
- Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …☆631Updated last year
- Enumerate the permissions associated with AWS credential set☆1,144Updated last year
- CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.☆517Updated 3 years ago
- Fast and customizable vulnerability scanner For JIRA written in Python☆317Updated 3 months ago
- Amazon S3 bucket finder and crawler.☆152Updated 3 years ago
- Small tool to Grab subdomains using Shodan api.☆435Updated 5 months ago
- The AWS Enumerator was created for service enumeration and info dumping for investigations of penetration testers during Black-Box testin…☆200Updated 3 years ago
- Go client to communicate with Chaos DB API.☆705Updated this week
- mx-takeover focuses DNS MX records and detects misconfigured MX records.☆346Updated last year
- ☆582Updated last year
- GoFingerprint is a Go tool for taking a list of target web servers and matching their HTTP responses against a user defined list of fing…☆205Updated last year
- hakip2host takes a list of IP addresses via stdin, then does a series of checks to return associated domain names.☆441Updated 2 years ago
- Leverages publicly available datasets from Google BigQuery to generate content discovery and subdomain wordlists☆723Updated 2 years ago
- Find cloud assets that no one wants exposed 🔎 ☁️☆339Updated 4 years ago
- Blind XSS Scanner is a tool that can be used to scan for blind XSS vulnerabilities in web applications.☆299Updated last month
- S3 Account Search☆2Updated 6 months ago
- Turns any junk text into a usable wordlist for brute-forcing.☆219Updated last year