A vast collection of security tools for bug bounty, pentest and red teaming

#cloud

67 results
cloudlist on offsec.tools
Sponsor
cloudlist

Cloudlist is a tool for listing Assets from multiple Cloud Providers.

#aws   #azure   #cloud   #google  

DVCA on offsec.tools
DVCA

Damn vulnerable cloud application.

#aws   #cloud   #training   #vulnerabilities  

AzureGoat on offsec.tools
AzureGoat

A damn vulnerable Azure infrastructure.

#azure   #cloud   #training   #vulunerabilities  

AWSGoat on offsec.tools
AWSGoat

A damn vulnerable AWS infrastructure.

#aws   #cloud   #training   #vulunerabilities  

GCPBucketBrute on offsec.tools
GCPBucketBrute

Enumerate Google Storage buckets, check the access and if they can be privilege escalated.

#buckets   #cloud   #google  

NetWitness on offsec.tools
NetWitness

Rapidly detect and respond to any threat, anywhere. See Everything. Fear Nothing.

#cloud   #logs   #monitoring   #reports  

Splunk on offsec.tools
Splunk

The unified security and observability platform.

#aws   #azure   #cloud   #logs   #monitoring   #reports  

AWSloot on offsec.tools
AWSloot

Pull secrets from an AWS environment.

#aws   #cloud   #secrets  

AzureADLateralMovement on offsec.tools
AzureADLateralMovement

Lateral movement graph for Azure Active Directory.

#activedirectory   #azure   #cloud   #privesc  

Vajra on offsec.tools
Vajra

UI-based tool with multiple techniques for attacking and enumerating Azure and AWS environment.

#aws   #azure   #cloud   #passwords   #subdomains  

Offensive-Azure on offsec.tools
Offensive-Azure

Collection of offensive tools targeting Microsoft Azure written in Python to be platform agnostic.

#azure   #cloud  

s3recon on offsec.tools
s3recon

Amazon S3 bucket finder and crawler.

#aws   #buckets   #cloud  

bucket_finder on offsec.tools
bucket_finder

DigiNinja's bucket_finder utility.

#aws   #buckets   #cloud  

CloudMapper on offsec.tools
CloudMapper

CloudMapper helps you analyze your Amazon Web Services environments.

#aws   #cloud  

CloudJack on offsec.tools
CloudJack

Route53/CloudFront Vulnerability assessment utility.

#aws   #cloud   #cloudfront   #dns  

CloudFrunt on offsec.tools
CloudFrunt

A tool for identifying misconfigured CloudFront domains.

#aws   #cloud   #cloudfront   #domains  

Bucket Stream on offsec.tools
Bucket Stream

Find interesting Amazon S3 Buckets by watching certificate transparency logs.

#aws   #buckets   #certificates   #cloud  

Nimbostratus on offsec.tools
Nimbostratus

Tool for fingerprinting and exploiting Amazon cloud infrastructures.

#aws   #cloud   #fingerprint   #pivot  

Oculus on offsec.tools
Oculus

OSINT tool used to discover environments, directories, and subdomains of a particular domain.

#aws   #azure   #cloud   #directories   #emails   #firebase   #fuzzing   #osint   #subdomains  

ScoutSuite on offsec.tools
ScoutSuite

Multi-cloud security auditing tool.

#alibaba   #aws   #azure   #cloud   #google   #oracle   #reports  

s3reverse on offsec.tools
s3reverse

The format of various S3 buckets is convert in one format.

#aws   #buckets   #cloud   #utils  

MagicRecon on offsec.tools
MagicRecon

A powerful shell script to maximize the recon and data collection process.

#allinone   #cloud   #emails   #recon   #screenshots   #subdomains   #vulnerabilities  

NSDetect on offsec.tools
NSDetect

Utility to detect AWS NS Takeover.

#aws   #cloud   #nameserver  

GrayhatWarfare on offsec.tools
GrayhatWarfare

Search for buckets and URL shorteners.

#aws   #azure   #buckets   #cloud   #digitalocean   #endpoints   #google   #online   #shorteners  

Covenant on offsec.tools
Covenant

Collaborative C2 framework for red teamers.

#api   #aws   #cloud   #framework   #google   #gui  

WeirdAAL on offsec.tools
WeirdAAL

AWS Attack Library.

#aws   #buckets   #cloud   #cloudfront  

barq on offsec.tools
barq

The AWS Cloud Post Exploitation framework!

#aws   #cloud   #exploits   #framework  

Mass3 on offsec.tools
Mass3

Enumerate through a pre-compiled list of AWS S3 buckets using DNS instead of HTTP.

#aws   #buckets   #cloud  

GyoiThon on offsec.tools
GyoiThon

Growing penetration test tool using Machine Learning.

#cloud   #crawler   #dorks   #exploits   #ssl   #subdomains  

SubDomainizer on offsec.tools
SubDomainizer

A tool to find subdomains and interesting things hidden inside.

#aws   #azure   #buckets   #cloud   #digitalocean   #endpoints   #github   #subto  

AWS Extender CLI on offsec.tools
AWS Extender CLI

Command-line script to test cloud storage for common misconfiguration issues.

#aws   #azure   #cloud   #google  

Smogcloud on offsec.tools
Smogcloud

Find cloud assets that no one wants exposed.

#aws   #buckets   #cloud  

Pacu on offsec.tools
Pacu

The exploitation framework designed for testing the security of AWS environments.

#aws   #cloud  

AWS security checks on offsec.tools
AWS security checks

This Burp Suite provides additional Scanner checks for AWS security issues.

#aws   #buckets   #burpsuite   #cloud   #scanner  

Betterscan on offsec.tools
Betterscan

Code Scanning/SAST/static analysis/linting using many tools/scanners with one report.

#cloud   #codeanalysis   #cves   #exploits   #malwares   #reports   #sbom   #scanner   #secrets  

NSBrute on offsec.tools
NSBrute

Python utility to takeover domains vulnerable to AWS NS Takeover.

#aws   #cloud   #subdomains   #subto  

Sandcastle on offsec.tools
Sandcastle

A Python script for AWS S3 bucket enumeration.

#aws   #buckets   #cloud  

S3Cruze on offsec.tools
S3Cruze

All-in-one AWS S3 bucket tool.

#aws   #buckets   #cloud   #cors  

s3cario on offsec.tools
s3cario

Performs buckets checks from a given list of subdomains.

#aws   #bucket   #cloud   #subdomains  

s3tk on offsec.tools
s3tk

A security toolkit for Amazon S3.

#aws   #buckets   #cloud  

S3 Objects Check on offsec.tools
S3 Objects Check

Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.

#aws   #buckets   #cloud  

2tearsinabucket on offsec.tools
2tearsinabucket

Enumerate s3 buckets for a specific target.

#aws   #buckets   #cloud  

kicks3 on offsec.tools
kicks3

S3 bucket finder from html,js and bucket misconfiguration testing tool.

#aws   #buckets   #cloud  

Burp-AnonymousCloud on offsec.tools
Burp-AnonymousCloud

Performs passive scan to identify buckets and test them for publicly accessible vulnerabilities.

#aws   #azure   #buckets   #burpsuite   #cloud   #google   #subdomains   #subto  

dirlstr on offsec.tools
dirlstr

Finds Directory Listings or open S3 buckets from a list of URLs.

#aws   #buckets   #cloud   #directorylisting  

S3BucketList on offsec.tools
S3BucketList

Firefox plugin that lists Amazon S3 Buckets found in requests.

#aws   #browser   #buckets   #cloud   #firefox  

mass-s3-bucket-tester on offsec.tools
mass-s3-bucket-tester

Tests a list of s3 buckets to see if they have dir listings enabled or if they are uploadable.

#aws   #buckets   #cloud  

FestIN on offsec.tools
FestIN

The powered S3 bucket finder and content discover.

#aws   #buckets   #cloud   #crawler  

S3Viewer on offsec.tools
S3Viewer

Publicly open storage viewer.

#aws   #azure   #buckets   #cloud   #directorylisting   #ftp  

AWSBucketDump on offsec.tools
AWSBucketDump

Security Tool to Look For Interesting Files in S3 Buckets.

#aws   #buckets   #cloud  

S3Scanner on offsec.tools
S3Scanner

Scan for open S3 buckets and dump the contents.

#aws   #buckets   #cloud   #scanner  

Prowler on offsec.tools
Prowler

Open Source Security tool to perform Cloud Security best practices

#aws   #azure   #cloud  

dufflebag on offsec.tools
dufflebag

Search exposed EBS volumes for secrets.

#aws   #cloud   #ebs   #elastic   #secrets  

Rusty Hog on offsec.tools
Rusty Hog

A suite of secret scanners built in Rust for performance.

#aws   #buckets   #cloud   #confluence   #git   #google   #jira   #secrets   #slack  

Oh365UserFinder on offsec.tools
Oh365UserFinder

O365 user enumeration and password spraying tool.

#cloud   #enumeration   #office   #osint   #passwords  

grafana-ssrf on offsec.tools
grafana-ssrf

Authenticated SSRF in Grafana.

#azure   #cloud   #exploits   #google   #grafana   #ssrf  

GHunt on offsec.tools
GHunt

Offensive Google framework.

#cloud   #emails   #google   #osint  

GoCloud on offsec.tools
GoCloud

Checks whether a domain is hosted on a cloud service.

#aws   #azure   #cloud   #cloudflare   #ips  

CloudScraper on offsec.tools
CloudScraper

Tool to enumerate targets in search of cloud resources.

#aws   #azure   #cloud   #digitalocean  

dnsReaper on offsec.tools
dnsReaper

Subdomain takeover tool for attackers, bug bounty hunters and the blue team!

#aws   #azure   #cloud   #cloudflare   #digitalocean   #dns   #subdomains   #subto  

cloud_enum on offsec.tools
cloud_enum

Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.

#aws   #azure   #cloud   #google   #osint  

Slurp on offsec.tools
Slurp

A blazing fast & feature rich Amazon S3 bucket enumerator.

#aws   #buckets   #cloud  

Cloudfox on offsec.tools
Cloudfox

Automating situational awareness for cloud penetration tests.

#aws   #azure   #cloud   #google  

s3-buckets-finder on offsec.tools
s3-buckets-finder

Find AWS S3 buckets and test their permissions.

#aws   #buckets   #cloud  

lazys3 on offsec.tools
lazys3

Ruby script to bruteforce for AWS s3 buckets using different permutations.

#aws   #buckets   #cloud  

Teh S3 Bucketeers on offsec.tools
Teh S3 Bucketeers

Security tool to discover S3 buckets on Amazon's AWS platform.

#aws   #buckets   #cloud  

TruffleHog on offsec.tools
TruffleHog

Find credentials all over the place.

#aws   #cloud   #codeanalysis   #digitalocean   #github   #secrets