securisec / cliamLinks
Cloud agnostic IAM permissions enumerator
☆149Updated last month
Alternatives and similar repositories for cliam
Users that are interested in cliam are comparing it to the libraries listed below
Sorting:
- The AWS Enumerator was created for service enumeration and info dumping for investigations of penetration testers during Black-Box testin…☆207Updated 3 years ago
- Hide from the InstanceCredentialExfiltration GuardDuty finding by using VPC Endpoints☆116Updated last year
- S3 Account Search☆6Updated 7 months ago
- A utility to convert your AWS CLI credentials into AWS console access.☆239Updated 5 years ago
- truffleproc — hunt secrets in process memory (TruffleHog & gdb mashup)☆118Updated last year
- Tools to assess DNS security.☆152Updated last year
- A GraphQL enumeration and extraction tool☆131Updated 2 years ago
- ☆83Updated last month
- Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @Webbi…☆249Updated 2 weeks ago
- A tool for scanning public or private AMIs for sensitive files and secrets. The tool follows the research made on AWS CloudQuarry where w…☆108Updated 6 months ago
- boostsecurityio/lotp☆126Updated last month
- ☆126Updated 10 months ago
- Burp Suite Extension useful to verify OAUTHv2 and OpenID security☆190Updated 5 months ago
- EC2StepShell is an AWS post-exploitation tool for getting high privileges reverse shells in public or private EC2 instances.☆63Updated 8 months ago
- A projectdiscovery driven attack surface monitoring bot powered by axiom☆183Updated 2 years ago
- Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝☆133Updated 2 months ago
- Nuclear Pond is a utility leveraging Nuclei to perform internet wide scans for the cost of a cup of coffee.☆180Updated last year
- Unauthenticated enumeration of AWS, Azure, and GCP Principals☆231Updated 6 months ago
- Recon tool for cloud provider attribution. Supports AWS, Azure, Google, Cloudflare, and Digital Ocean.☆168Updated 7 months ago
- Protect against subdomain takeover☆92Updated last year
- Burp Suite Extension useful to verify OAUTHv2 and OpenID security☆173Updated 7 months ago
- Determine privileges from cloud credentials via brute-force testing.☆69Updated 9 months ago
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams☆105Updated 4 months ago
- FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application a…☆159Updated 6 months ago
- WAF bypass PoC☆47Updated last year
- CoWitness is a powerful web application testing tool that enhances the accuracy and efficiency of your testing efforts. It allows you to …☆125Updated last year
- Eliminate dangling elastic IPs by performing analysis on your resources within all your AWS accounts.☆271Updated 8 months ago
- ☆110Updated last year
- ☆139Updated last year
- oauth-labs: an intentionally vulnerable set of OAuth 2.0 labs for security training and learning☆68Updated 5 months ago