opendevsecops / guide-aws-hackingLinks
This is an offensive guide to securing AWS infrastructures. The hope is that by knowing how to take advantage of various types of AWS weaknesses you will be verse enough to provide the correct countermeasures.
☆172Updated 6 years ago
Alternatives and similar repositories for guide-aws-hacking
Users that are interested in guide-aws-hacking are comparing it to the libraries listed below
Sorting:
- A step-by-step walkthrough of CloudGoat 2.0 scenarios.☆134Updated 5 years ago
- Damn Vulnerable Cloud Application☆197Updated 6 years ago
- Cloud-related research releases from the Rhino Security Labs team.☆391Updated 5 years ago
- Hands-On AWS Penetration Testing with Kali Linux published by Packt☆134Updated 2 years ago
- Find cloud assets that no one wants exposed 🔎 ☁️☆348Updated 5 years ago
- A tool geared towards pentesting APIs using OpenAPI definitions.☆179Updated 2 years ago
- Amazon bucket brute force tool☆102Updated 12 years ago
- Search exposed EBS volumes for secrets☆299Updated 2 years ago
- AWS S3 Bucket/Object Finder☆120Updated 4 years ago
- ☆257Updated last year
- The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters☆104Updated last year
- A simple file-based scanner to look for potential AWS access and secret keys in files☆93Updated last year
- Route53/CloudFront Vulnerability Assessment Utility☆86Updated last year
- Fast and stealthy Amazon S3 bucket enumeration tool for pentesters.☆254Updated 2 weeks ago
- Pentesting/Bugbounty Dockerfiles.☆177Updated 4 years ago
- A tool for identifying misconfigured CloudFront domains☆359Updated 5 years ago
- Intentionally Vulnerable Serverless Functions to understand the specifics of Serverless Security Vulnerabilities☆136Updated 2 years ago
- These are the regexes that power truffleHog☆218Updated 2 years ago
- 🏰 A Python script for AWS S3 bucket enumeration.☆144Updated 2 years ago
- The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.☆49Updated 6 years ago
- FestIn - Open S3 Bucket Scanner☆233Updated 4 years ago
- ☆81Updated 3 years ago
- IAMFinder enumerates and finds users and IAM roles in a target AWS account.☆110Updated 4 years ago
- Collection of links to Security stuff☆115Updated last week
- A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated.☆532Updated 2 years ago
- Methodology for high-quality web application security testing - https://github.com/tprynn/web-methodology/wiki☆210Updated 9 months ago
- A Repository dedicated to creating modular and automated penetration testing frameworks utilizing Jupyter Notebooks☆146Updated 4 years ago
- Corsair_scan is a security tool to test Cross-Origin Resource Sharing (CORS).☆123Updated 2 years ago
- ☆276Updated 3 years ago
- Scripts and tools for AWS Pentest☆53Updated 4 years ago