sebastian-mora / AWS-Loot

Related projects ⓘ

Alternatives and complementary repositories for AWS-Loot

• offensive-terraform / offensive-terraform.github.io
  Offensive Terraform Website
  ☆44Updated 4 years ago
• ayushpriya10 / IMDShift
  ☆55Updated last year
• AbstractClass / CloudPrivs
  Determine privileges from cloud credentials via brute-force testing.
  ☆64Updated 2 months ago
• nccgroup / cowcloud
  ☆58Updated last year
• saw-your-packet / EC2StepShell
  EC2StepShell is an AWS post-exploitation tool for getting high privileges reverse shells in public or private EC2 instances.
  ☆60Updated 2 months ago
• RhinoSecurityLabs / CloudScraper
  CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.
  ☆27Updated 2 years ago
• sebastian-mora / awsssome_phish
  AWS SSO serverless phishing API.
  ☆29Updated 3 years ago
• blackbotsecurity / AWS-Attack
  AWSATT&CK adds MITRE ATT&CK context and additional logging capabilities to Rhino Security Labs's open-source AWS exploitation framework, …
  ☆45Updated 3 years ago
• nicolasriverocorvalan / cloud-sniper
  Virtual Security Operations Center
  ☆49Updated last year
• Frichetten / aws_api_shapeshifter
  A small library to alter AWS API requests; Used for fuzzing research
  ☆21Updated last year
• zer1t0 / awsenum
  Enumerate AWS permissions and resources.
  ☆64Updated 2 years ago
• andresriancho / vpc-vpn-pivot
  Pivot into private VPC networks using a VPN connection
  ☆41Updated 5 years ago
• lightspin-tech / red-detector
  Scan your EC2 instance to find its vulnerabilities using Vuls (https://vuls.io/en/)
  ☆87Updated 2 years ago
• hotnops / AWSRoleJuggler
  A toolset to juggle AWS roles for persistent access
  ☆52Updated 3 months ago
• modulexcite / attacking-and-auditing-docker-containers-and-kubernetes-clusters
  Appsecco training course content on Attacking and Auditing Dockers Containers and Kubernetes Clusters
  ☆13Updated 4 years ago
• carlospolop / aws_iam_review
  ☆31Updated last week
• ghostsecurity / waf-btk
  WAF bypass PoC
  ☆43Updated last year
• JOSHUAJEBARAJ / GCP-GOAT
  GCP GOAT is the vulnerable application for learn the GCP Security
  ☆62Updated last year
• grines / scour
  ☆125Updated 4 months ago
• sensepost / steampipe-plugin-projectdiscovery
  A steampipe plugin to query projectdiscovery.io tools.
  ☆26Updated 3 months ago
• iamavu / Slyther
  AWS Security Tool
  ☆29Updated 10 months ago
• StateFarmIns / CLAWS
  This application was built to help reduce the amount of time it takes to review AWS Lambda code.
  ☆60Updated last week
• Macmod / STARS
  A multi-cloud DNS record scanner that aims to help cybersecurity/IT analysts identify dangling CNAME records in their cloud DNS services …
  ☆49Updated last year
• JupiterOne-Archives / j1nuclei
  ☆14Updated last year
• WithSecureLabs / cloud-wiki
  A public cloud security knowledgebase - https://www.secwiki.cloud/
  ☆50Updated last week
• hac01 / gcp-iam-brute
  ☆38Updated 5 months ago
• RedTeamOperations / GoogleWorkspaceDirectoryDump
  ☆16Updated 2 years ago
• nccgroup / s3_objects_check
  Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.
  ☆74Updated 2 years ago
• emgaurav / objectify-s3
  Objectify-s3 is a tool that recursively checks AWS S3 buckets and objects for misconfigured permissions.
  ☆15Updated 3 months ago