Cloud
Discover tools and resources dedicated to hacking cloud platforms.
AWS
Organization | Description | Directory |
---|---|---|
Cloudsplaining | Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report. | last-commit ![]() |
Greyhat Warfare | Search scanned archived AWS buckets. | ![]() ![]() |
pacu | The AWS exploitation framework, designed for testing the security of Amazon Web Services environments. | ![]() |
Prowler | Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. | ![]() |
ScoutSuite | Multi-Cloud Security Auditing Tool. | ![]() |
WeirdAAL | WeirdAAL (AWS Attack Library) | ![]() |
Azure
Organization | Description | Directory |
---|---|---|
Azurcar | Security auditing tool for Azure environments | ![]() |
Greyhat Warfare | Search scanned archived AWS buckets. | ![]() ![]() |
ScoutSuite | Multi-Cloud Security Auditing Tool ) | ![]() |
Docker
Organization | Description | Directory |
---|---|---|
Dacker Daemon Attack Surface | There are four major areas to consider when reviewing Docker security | N/A |
GitHub
Organization | Description | Directory |
---|---|---|
gitleaks | Scan git repos (or files) for secrets using regex and entropy. | ![]() |
gitrob | Reconnaissance tool for GitHub organizations | ![]() ![]() ![]() |
GitRoller | GitRoller: A Git Recon Tools | ![]() |
go-gitaudit | Git audit is a go package which can be used to audit git repository to find issues. | ![]() |
shhgit | Find secrets in your code. Secrets detection for your GitHub, GitLab and Bitbucket repositories. | ![]() |
truffleHog | Searches through git repositories for high entropy strings and secrets, digging deep into commit history. | ![]() |
Yar | Yar is a tool for plunderin’ organizations, users and/or repositories. | ![]() |