Cloud

Discover tools and resources dedicated to hacking cloud platforms.

asset-count

AWS

Organization Description Directory
Cloudsplaining Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report. last-commit opensource
Greyhat Warfare Search scanned archived AWS buckets. freemium-service register-profile
pacu The AWS exploitation framework, designed for testing the security of Amazon Web Services environments. last-commit opensource
Prowler Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. last-commit opensource
ScoutSuite Multi-Cloud Security Auditing Tool. last-commit opensource
WeirdAAL WeirdAAL (AWS Attack Library) last-commit opensource

Azure

Organization Description Directory
Azurcar Security auditing tool for Azure environments last-commit opensource
Greyhat Warfare Search scanned archived AWS buckets. freemium-service register-profile
ScoutSuite Multi-Cloud Security Auditing Tool ) last-commit opensource

Docker

Organization Description Directory
Dacker Daemon Attack Surface There are four major areas to consider when reviewing Docker security N/A

GitHub

Organization Description Directory
gitleaks Scan git repos (or files) for secrets using regex and entropy. last-commit opensource
gitrob Reconnaissance tool for GitHub organizations last-commit archive no-recent-update opensource
GitRoller GitRoller: A Git Recon Tools last-commit opensource
go-gitaudit Git audit is a go package which can be used to audit git repository to find issues. last-commit opensource
shhgit Find secrets in your code. Secrets detection for your GitHub, GitLab and Bitbucket repositories. last-commit opensource
truffleHog Searches through git repositories for high entropy strings and secrets, digging deep into commit history. last-commit opensource
Yar Yar is a tool for plunderin’ organizations, users and/or repositories. last-commit opensource