A tool for scanning public or private AMIs for sensitive files and secrets. The tool follows the research made on AWS CloudQuarry where we scanned 20k+ public AMIs.
☆113Nov 13, 2024Updated last year
Alternatives and similar repositories for CloudShovel
Users that are interested in CloudShovel are comparing it to the libraries listed below
Sorting:
- ☆18Jul 30, 2024Updated last year
- Halberd : Multi-Cloud Agentic Attack Tool☆335Jan 12, 2026Updated last month
- Ansible/Vagrant/Packer files to create a virtual machine with the tooling needed to perform cloud security assessments☆142Jan 2, 2025Updated last year
- AWS honey token manager☆89Aug 1, 2024Updated last year
- A Golang program to rotate AWS & GCP account keys☆67May 12, 2025Updated 9 months ago
- This tool analyzes a given Gitlab repository and searches for dangling or force-pushed commits containing potential secret or interesting…☆47Aug 16, 2024Updated last year
- ☆40Aug 2, 2024Updated last year
- Sniff and attack networks that use IP-in-IP or VXLAN encapsulation protocols.☆23Aug 30, 2024Updated last year
- Convert cloudtrail data to MITRE ATT&CK Sightings☆82Jul 25, 2022Updated 3 years ago
- Cloud Commotion intends to cause chaos to simulate security incidents☆146Jun 18, 2024Updated last year
- A PoC to Simulate Ransomware Attack on AWS Environment☆33Oct 14, 2024Updated last year
- ☆16Jul 17, 2024Updated last year
- A simple script which implements different Cognito attacks such as Account Oracle or Priviledge Escalation☆109Feb 16, 2024Updated 2 years ago
- Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.☆41Dec 12, 2023Updated 2 years ago
- An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and secur…☆174Feb 22, 2026Updated 2 weeks ago
- Scalable integrity framework for ABAC on AWS☆56Mar 14, 2025Updated 11 months ago
- Given a list of domains and known IP and buckets that are owned, which might be susceptible to domain hijacking?☆15Sep 20, 2024Updated last year
- Repository to archive GCP Documentation for local use☆16Feb 11, 2025Updated last year
- Safer AWS SCP deployments via real-time monitoring☆56Sep 30, 2023Updated 2 years ago
- An IAM Simulator that outputs detailed explains of how a request was evaluated.☆98Updated this week
- This GitHub Action sends a reverse shell from a runner via Azure Storage Account blobs☆39Sep 25, 2024Updated last year
- Clean accounts over permissions in GCP infra at scale☆71May 9, 2023Updated 2 years ago
- Go library for mapping IP address ranges to cloud provider regions (currently: AWS and GCP)☆23Updated this week
- An AWS IAM policy statement parser and query tool.☆198Feb 10, 2026Updated 3 weeks ago
- To clean up your AWS AMIs: First, include AMIs by name or tag. Second, exclude AMIs in use, younger than N days, or the newest N images. …☆36Feb 24, 2026Updated last week
- A simple mitmproxy blueprint to intercept HTTPS traffic from app running on Kubernetes☆75Apr 14, 2025Updated 10 months ago
- Common Golang Packages for use by the Various Cloud Nuke Tools☆55Updated this week
- ☆52Dec 13, 2025Updated 2 months ago
- A tool to uncover undocumented APIs from the AWS Console.☆116Apr 29, 2025Updated 10 months ago
- AWS Attack Path Management Tool - Walking on the Moon☆262Dec 5, 2024Updated last year
- AHHHZURE is an automated deployment script that creates a vulnerable Azure cloud lab for offensive security practitioners and enthusiasts…☆104Apr 22, 2024Updated last year
- A fully-undetectable ransomware that utilizes OneDrive & Google Drive to encrypt target local files☆127May 28, 2024Updated last year
- Create tar/zip archives that try to exploit zipslip vulnerability.☆48Sep 20, 2024Updated last year
- Recon tool to query cloud prefixes for services associated with an IP address☆23Oct 2, 2024Updated last year
- Autonomous AI C2☆33Jul 23, 2024Updated last year
- A tool to scrape the AWS ranges looking for a keyword in SSL certificate data.☆238Jan 10, 2024Updated 2 years ago
- Official code for the paper entitled "Toward Intelligent and Secure Cloud: Large Language Model Empowered Proactive Defense"☆15Apr 10, 2025Updated 11 months ago
- vBrowser is a secure, containerized browser platform designed for covert web investigations. Originally created to support deep and dark …☆20Feb 24, 2026Updated 2 weeks ago
- Unauthenticated enumeration of AWS, Azure, and GCP Principals☆283Nov 27, 2025Updated 3 months ago