nagwww / 101-AWS-S3-Hacks
AWS S3 Hacks
☆76Updated 5 years ago
Related projects: ⓘ
- AWS Extender CLI is a command-line script to test S3 buckets as well as Google Storage buckets and Azure Storage containers for common mi…☆81Updated 4 years ago
- A tool to enumerate S3 buckets manually or via certstream☆80Updated last year
- A simple file-based scanner to look for potential AWS access and secret keys in files☆87Updated 6 months ago
- ☆65Updated 7 years ago
- A security testing Slackbot built with a Kubernetes backend on the Google Cloud Platform☆166Updated last week
- A penetration testing tool to enumerate and analyse Amazon S3 Buckets owned by a domain.☆110Updated 5 years ago
- A collection of slides, videos, and proof-of-concept scripts from various Rhino presentations.☆37Updated 6 years ago
- Amazon S3 bucket spelunking!☆84Updated 7 years ago
- Amazon bucket brute force tool☆95Updated 11 years ago
- it-security related scripts and tools☆25Updated 5 years ago
- All Day DevOps - Automated Infrastructure Security Monitoring and Defence (ELK + AWS Lambda)☆22Updated 7 years ago
- AWS Extender (Cloud Storage Tester) is a Burp plugin to assess permissions of cloud storage containers on AWS, Google Cloud and Azure.☆240Updated 2 years ago
- Proof of Concept Zappa Based AWS Persistence and Attack Platform☆37Updated 4 years ago
- Repository for all the workshop content delivered at nullcon X on 1st of March 2019☆80Updated 5 years ago
- badbucket checks your s3 bucket for common misconfigurations☆23Updated 7 years ago
- 🏰 A Python script for AWS S3 bucket enumeration.☆53Updated 4 years ago
- Takes ip range, Scan all open SSL Certs, Grab Cnames☆111Updated 5 years ago
- Scans a list of websites for Cloudfront or S3 Buckets☆104Updated 2 years ago
- An AWS Lambda vulnerable application written in flask.☆48Updated 6 years ago
- Route53/CloudFront Vulnerability Assessment Utility☆83Updated last year
- Serverless Workshop☆16Updated last year
- Hayat is a script for report and analyze Google Cloud Platform resources.☆79Updated 4 years ago
- Application Security Workflow Automation using Docker and Kubernetes☆22Updated last year
- ☆22Updated this week
- The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters☆60Updated last year
- A tool for automatically gathering sensitive information from exposed Jenkins servers☆103Updated last year
- Ruby command-line interface to Burp Suite's REST API☆59Updated 4 years ago
- AppSecPipeline Specification for DevOps automation.☆38Updated last year
- A DB of known Web Application Admin URLS, Username/Password Combos and Exploits☆153Updated 9 years ago