securisec / cliamLinks
Cloud agnostic IAM permissions enumerator
☆157Updated 5 months ago
Alternatives and similar repositories for cliam
Users that are interested in cliam are comparing it to the libraries listed below
Sorting:
- A utility to convert your AWS CLI credentials into AWS console access.☆243Updated 5 years ago
- Tools to assess DNS security.☆152Updated last year
- The AWS Enumerator was created for service enumeration and info dumping for investigations of penetration testers during Black-Box testin…☆228Updated 3 years ago
- ☆126Updated last year
- Burp Suite Extension useful to verify OAUTHv2 and OpenID security☆191Updated 10 months ago
- Nuclear Pond is a utility leveraging Nuclei to perform internet wide scans for the cost of a cup of coffee.☆185Updated last year
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams☆105Updated 8 months ago
- S3 Account Search☆19Updated 2 months ago
- A GraphQL enumeration and extraction tool☆133Updated 2 years ago
- Determine privileges from cloud credentials via brute-force testing.☆69Updated last year
- FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application a…☆163Updated last week
- EC2StepShell is an AWS post-exploitation tool for getting high privileges reverse shells in public or private EC2 instances.☆67Updated last year
- CoWitness is a powerful web application testing tool that enhances the accuracy and efficiency of your testing efforts. It allows you to …☆125Updated last year
- Enumerate AWS permissions and resources.☆70Updated 3 years ago
- openrisk is a tool that generates a risk score based on the results of a Nuclei scan.☆176Updated this week
- A tool for scanning public or private AMIs for sensitive files and secrets. The tool follows the research made on AWS CloudQuarry where w…☆109Updated 10 months ago
- Find authentication (authn) and authorization (authz) security bugs in web application routes.☆274Updated 3 weeks ago
- ☆113Updated 2 years ago
- Find CVE PoCs on GitHub☆153Updated 2 months ago
- ☆90Updated 2 months ago
- Scan DockerHub images that match a keyword to find secrets.☆60Updated 4 years ago
- truffleproc — hunt secrets in process memory (TruffleHog & gdb mashup)☆119Updated 2 years ago
- Eliminate dangling elastic IPs by performing analysis on your resources within all your AWS accounts.☆278Updated last year
- Blogpost series showcasing interesting cloud - web app security bugs☆49Updated 2 years ago
- A projectdiscovery driven attack surface monitoring bot powered by axiom☆190Updated 3 years ago
- Burp Extension to add additional functionality for pentesting websocket based applications☆99Updated last month
- Burp Suite Extension useful to verify OAUTHv2 and OpenID security☆175Updated 11 months ago
- boostsecurityio/lotp☆134Updated 5 months ago
- A simple script which implements different Cognito attacks such as Account Oracle or Priviledge Escalation☆108Updated last year
- Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @Webbi…☆263Updated 4 months ago