Cloud
Discover tools and resources dedicated to hacking cloud platforms.
AWS
| Organization | Description | Directory |
|---|---|---|
| Cloudsplaining | Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report. | last-commit  |
| Greyhat Warfare | Search scanned archived AWS buckets. |   |
| pacu | The AWS exploitation framework, designed for testing the security of Amazon Web Services environments. |  |
| Prowler | Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. |  |
| ScoutSuite | Multi-Cloud Security Auditing Tool. |  |
| WeirdAAL | WeirdAAL (AWS Attack Library) |  |
Azure
| Organization | Description | Directory |
|---|---|---|
| Azurcar | Security auditing tool for Azure environments |  |
| Greyhat Warfare | Search scanned archived AWS buckets. | |
| ScoutSuite | Multi-Cloud Security Auditing Tool ) | |
Docker
| Organization | Description | Directory |
|---|---|---|
| Dacker Daemon Attack Surface | There are four major areas to consider when reviewing Docker security | N/A |
GitHub
| Organization | Description | Directory |
|---|---|---|
| gitleaks | Scan git repos (or files) for secrets using regex and entropy. |  |
| gitrob | Reconnaissance tool for GitHub organizations |    |
| GitRoller | GitRoller: A Git Recon Tools |  |
| go-gitaudit | Git audit is a go package which can be used to audit git repository to find issues. |  |
| shhgit | Find secrets in your code. Secrets detection for your GitHub, GitLab and Bitbucket repositories. |  |
| truffleHog | Searches through git repositories for high entropy strings and secrets, digging deep into commit history. |  |
| Yar | Yar is a tool for plunderin’ organizations, users and/or repositories. |  |