opendevsecops / guide-aws-hackingLinks
This is an offensive guide to securing AWS infrastructures. The hope is that by knowing how to take advantage of various types of AWS weaknesses you will be verse enough to provide the correct countermeasures.
☆172Updated 6 years ago
Alternatives and similar repositories for guide-aws-hacking
Users that are interested in guide-aws-hacking are comparing it to the libraries listed below
Sorting:
- A step-by-step walkthrough of CloudGoat 2.0 scenarios.☆134Updated 5 years ago
- Hands-On AWS Penetration Testing with Kali Linux published by Packt☆131Updated 2 years ago
- Damn Vulnerable Cloud Application☆192Updated 6 years ago
- A tool geared towards pentesting APIs using OpenAPI definitions.☆176Updated 2 years ago
- Corsair_scan is a security tool to test Cross-Origin Resource Sharing (CORS).☆122Updated 2 years ago
- ☆275Updated 3 years ago
- AWS S3 Bucket/Object Finder☆120Updated 3 years ago
- Cloud-related research releases from the Rhino Security Labs team.☆388Updated 5 years ago
- Search exposed EBS volumes for secrets☆298Updated 2 years ago
- Fast and stealthy Amazon S3 bucket enumeration tool for pentesters.☆249Updated 3 weeks ago
- Pentesting/Bugbounty Dockerfiles.☆176Updated 4 years ago
- Route53/CloudFront Vulnerability Assessment Utility☆86Updated last year
- A collection of awesome AWS S3 tools that collects and enumerates exposed S3 buckets☆365Updated 11 months ago
- Find cloud assets that no one wants exposed 🔎 ☁️☆345Updated 4 years ago
- The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters☆103Updated last year
- A place to store my own wordlists, and link to others that are useful☆108Updated last year
- ☆249Updated 11 months ago
- Amazon bucket brute force tool☆101Updated 11 years ago
- Some good resources for getting started with application security☆142Updated 4 years ago
- Dr. Watson is a simple Burp Suite extension that helps find assets, keys, subdomains, IP addresses, and other useful information! It's yo…☆215Updated 5 years ago
- ☆126Updated 10 months ago
- Fetch the details of assets hosted on AWS.☆88Updated last year
- A script to extract subdomains/emails for a given domain using SSL/TLS certificate dataset on Censys☆152Updated 2 years ago
- A simple file-based scanner to look for potential AWS access and secret keys in files☆91Updated last year
- Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures t…☆211Updated 5 years ago
- A tool for identifying misconfigured CloudFront domains☆357Updated 4 years ago
- A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated.☆519Updated 2 years ago
- Red Team Scripts for AWS.☆169Updated 4 years ago
- Curated list of public penetration testing reports released by several consulting firms☆48Updated 7 years ago
- ☆137Updated 2 years ago