Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.
☆78Mar 4, 2022Updated 4 years ago
Alternatives and similar repositories for s3_objects_check
Users that are interested in s3_objects_check are comparing it to the libraries listed below
Sorting:
- Simple python script to check against hypothetical JWT vulnerability.☆51Nov 29, 2020Updated 5 years ago
- take a list of resolved subdomains and output any corresponding CNAMES en masse.☆18Jan 29, 2026Updated last month
- Salesforce Policy Deviation Checker☆30Sep 30, 2020Updated 5 years ago
- FestIn - Open S3 Bucket Scanner☆230Dec 4, 2020Updated 5 years ago
- A bash script that automates the scanning of a target network for HTTP resources through XXE☆37Dec 2, 2020Updated 5 years ago
- An implementation of infrastructure-as-code scanning using dynamic tooling.☆56Jan 18, 2022Updated 4 years ago
- IAMFinder enumerates and finds users and IAM roles in a target AWS account.☆110Nov 19, 2020Updated 5 years ago
- rpCheckup is an AWS resource policy security checkup tool that identifies public, external account access, intra-org account access, …☆163Apr 22, 2021Updated 4 years ago
- All-in-One WP Migration-Backup-Finder☆15Nov 5, 2025Updated 4 months ago
- ☆16May 3, 2021Updated 4 years ago
- sgCheckup generates nmap output based on scanning your AWS Security Groups for unexpected open ports.☆81Sep 2, 2021Updated 4 years ago
- Burp Extension for copying requests safely. It redacts headers like Cookie, Authorization and X-CSRF-Token for now. More support can be a…☆18May 17, 2020Updated 5 years ago
- Burp extension that performs a passive scan to identify cloud buckets and then test them for publicly accessible vulnerabilities☆48Jan 11, 2023Updated 3 years ago
- ☆11Jul 28, 2020Updated 5 years ago
- Search exposed EBS volumes for secrets☆302Apr 24, 2023Updated 2 years ago
- CVE-2020-25223☆11Sep 13, 2021Updated 4 years ago
- ☆33Aug 14, 2020Updated 5 years ago
- Research on the enumeration of IAM permissions without logging to CloudTrail☆60Jun 11, 2021Updated 4 years ago
- This tests a list of s3 buckets to see if they have dir listings enabled or if they are uploadable☆55Dec 10, 2025Updated 3 months ago
- ☆159Jul 8, 2023Updated 2 years ago
- ☆24Aug 9, 2022Updated 3 years ago
- Grepify the GUI Regex Text Scanner for Code Reviewers☆23Apr 15, 2013Updated 12 years ago
- Exactly what it sounds like, which is something rad☆22Oct 12, 2022Updated 3 years ago
- Monitors Github for leaked secrets☆206Oct 25, 2024Updated last year
- Scripts to quickly fix security and compliance issues☆28Mar 10, 2026Updated last week
- ☆30Jul 17, 2018Updated 7 years ago
- ☆83Dec 5, 2019Updated 6 years ago
- Unauthenticated enumeration of AWS, Azure, and GCP Principals☆283Nov 27, 2025Updated 3 months ago
- BlueKeep scanner supporting NLA☆167Jul 18, 2019Updated 6 years ago
- A simple Toolkit to BF and decrypt Windows EntraId CacheData☆20Jun 20, 2024Updated last year
- A centralized source of all AWS IAM privilege escalation methods released by Rhino Security Labs.☆923Jul 25, 2019Updated 6 years ago
- S3 bucket finder from html,js and bucket misconfiguration testing tool☆34Feb 10, 2020Updated 6 years ago
- Finds Directory Listings or open S3 buckets from a list of URLs☆52Dec 1, 2021Updated 4 years ago
- An easy to navigate list of unicode characters that have risky transformations 💥☆25Mar 22, 2022Updated 3 years ago
- Powershell script to exfiltrate large files quickly and securely☆125May 4, 2022Updated 3 years ago
- Yar is a tool for plunderin' organizations, users and/or repositories.☆239Jan 3, 2021Updated 5 years ago
- Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"☆356Oct 14, 2020Updated 5 years ago
- Automated Attack Simulation in the Cloud, complete with detection use cases.☆608Nov 28, 2024Updated last year
- A MITRE ATT&CK Navigator export for AWS GuardDuty Findings☆139Jul 23, 2021Updated 4 years ago