Cloudlist is a tool for listing Assets from multiple Cloud Providers.
Detect, track and alert on infrastructure drift.
Distribute the workload of many different scanning tools with ease.
Online platform for finding open buckets in cloud storage systems effortlessly.
Six Degrees of Domain Admin.
Azure JWT token manipulation toolset.
Cloud Security Posture Management (CSPM).
PowerShell Cmdlets to interact with BloodHound Data via Neo4j HTTP API.
A password spraying tool for Microsoft Online accounts (Azure/O365).
A collection of scripts for assessing Microsoft Azure security.
Retrieve information via O365 and AzureAD with valid credentials.
A damn vulnerable Azure infrastructure.
The unified security and observability platform.
Lateral movement graph for Azure Active Directory.
UI-based tool with multiple techniques for attacking and enumerating Azure and AWS environment.
Collection of offensive tools targeting Microsoft Azure written in Python to be platform agnostic.
OSINT tool used to discover environments, directories, and subdomains of a particular domain.
Multi-cloud security auditing tool.
Search for buckets and URL shorteners.
A C# MS-SQL toolkit designed for offensive reconnaissance and post-exploitation.
A tool to find subdomains and interesting things hidden inside.
Command-line script to test cloud storage for common misconfiguration issues.
Publicly open storage viewer.
Performs passive scan to identify buckets and test them for publicly accessible vulnerabilities.
Awesome cloud enumerator.
Open Source Security tool to perform Cloud Security best practices
Authenticated SSRF in Grafana.
Checks whether a domain is hosted on a cloud service.
Tool to enumerate targets in search of cloud resources.
Subdomain takeover tool for attackers, bug bounty hunters and the blue team!
Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.
Automating situational awareness for cloud penetration tests.
Tool to search secrets in various filetypes.