A vast collection of security tools for bug bounty, pentest and red teaming

#azure

cloudlist on offsec.tools
Sponsor
cloudlist

Cloudlist is a tool for listing Assets from multiple Cloud Providers.

#aws   #azure   #cloud   #google  

AzureGoat on offsec.tools
AzureGoat

A damn vulnerable Azure infrastructure.

Splunk on offsec.tools
Splunk

The unified security and observability platform.

AzureADLateralMovement on offsec.tools
AzureADLateralMovement

Lateral movement graph for Azure Active Directory.

Vajra on offsec.tools
Vajra

UI-based tool with multiple techniques for attacking and enumerating Azure and AWS environment.

Offensive-Azure on offsec.tools
Offensive-Azure

Collection of offensive tools targeting Microsoft Azure written in Python to be platform agnostic.

#azure   #cloud  

Oculus on offsec.tools
Oculus

OSINT tool used to discover environments, directories, and subdomains of a particular domain.

ScoutSuite on offsec.tools
ScoutSuite

Multi-cloud security auditing tool.

GrayhatWarfare on offsec.tools
GrayhatWarfare

Search for buckets and URL shorteners.

SQLRecon on offsec.tools
SQLRecon

A C# MS-SQL toolkit designed for offensive reconnaissance and post-exploitation.

SubDomainizer on offsec.tools
SubDomainizer

A tool to find subdomains and interesting things hidden inside.

AWS Extender CLI on offsec.tools
AWS Extender CLI

Command-line script to test cloud storage for common misconfiguration issues.

#aws   #azure   #cloud   #google  

CloudBrute on offsec.tools
CloudBrute

Awesome cloud enumerator.

Burp-AnonymousCloud on offsec.tools
Burp-AnonymousCloud

Performs passive scan to identify buckets and test them for publicly accessible vulnerabilities.

S3Viewer on offsec.tools
S3Viewer

Publicly open storage viewer.

Prowler on offsec.tools
Prowler

Open Source Security tool to perform Cloud Security best practices

#aws   #azure   #cloud  

grafana-ssrf on offsec.tools
grafana-ssrf

Authenticated SSRF in Grafana.

GoCloud on offsec.tools
GoCloud

Checks whether a domain is hosted on a cloud service.

CloudScraper on offsec.tools
CloudScraper

Tool to enumerate targets in search of cloud resources.

dnsReaper on offsec.tools
dnsReaper

Subdomain takeover tool for attackers, bug bounty hunters and the blue team!

cloud_enum on offsec.tools
cloud_enum

Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.

#aws   #azure   #cloud   #google   #osint  

Cloudfox on offsec.tools
Cloudfox

Automating situational awareness for cloud penetration tests.

#aws   #azure   #cloud   #google  

DumpsterDiver on offsec.tools
DumpsterDiver

Tool to search secrets in various filetypes.