riskprofiler / CloudFrontier
Monitor the internet attack surface of various public cloud environments. Currently supports AWS, GCP, Azure, DigitalOcean and Oracle Cloud.
☆119Updated 5 months ago
Related projects: ⓘ
- IAMFinder enumerates and finds users and IAM roles in a target AWS account.☆107Updated 3 years ago
- A step-by-step walkthrough of CloudGoat 2.0 scenarios.☆132Updated 4 years ago
- Find cloud assets that no one wants exposed 🔎 ☁️☆330Updated 4 years ago
- Awesome list for cloud security related projects☆70Updated last year
- 🖇️ STRIDE vs. ASVS equivalence table☆74Updated 3 weeks ago
- 'Continuous' AWS perimeter monitoring: Periodically scan internet facing AWS resources to detect misconfigured services.☆61Updated 5 years ago
- sgCheckup generates nmap output based on scanning your AWS Security Groups for unexpected open ports.☆81Updated 3 years ago
- A Docker container for remote penetration testing.☆132Updated 3 years ago
- Fetch the details of assets hosted on AWS.☆85Updated 9 months ago
- DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raider☆138Updated 3 years ago
- Lightspin AWS IAM Vulnerability Scanner☆96Updated 3 years ago
- ☆133Updated last year
- All-in-one tool for managing vulnerability reports from AppSec pipelines☆105Updated last year
- Scan your EC2 instance to find its vulnerabilities using Vuls (https://vuls.io/en/)☆87Updated last year
- Unauthenticated enumeration of AWS, Azure, and GCP Principals☆196Updated 2 months ago
- A simple file-based scanner to look for potential AWS access and secret keys in files☆87Updated 6 months ago
- Holds the public Hacking the Cloud CTFs.☆50Updated 6 months ago
- Prevent SSRF attacks on AWS EC2 via automated upgrades to the more secure Instance Metadata Service v2 (IMDSv2).☆137Updated 6 months ago
- Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.☆74Updated 2 years ago
- Monitoring GitHub for sensitive data shared publicly☆66Updated 2 years ago
- A Cloud Security Posture Manager or CSPM with a focus on security analysis for the modern cloud stack and a focus on the emerging threat …☆169Updated 3 weeks ago
- This is an offensive guide to securing AWS infrastructures. The hope is that by knowing how to take advantage of various types of AWS wea…☆166Updated 5 years ago
- Search exposed EBS volumes for secrets☆278Updated last year
- ☆118Updated 10 months ago
- Clean accounts over permissions in GCP infra at scale☆70Updated last year
- Fast and stealthy Amazon S3 bucket enumeration tool for pentesters.☆215Updated 3 months ago
- Presentations, training modules, and other education materials from Duo Security's Application Security team.☆69Updated 3 years ago
- Cloud Security Dashboard for AWS - based on ScoutSuite☆0Updated last year
- Red Team Scripts for AWS.☆166Updated 4 years ago
- Recon tool for cloud provider attribution. Supports AWS, Azure, Google, Cloudflare, and Digital Ocean.☆155Updated 3 weeks ago