mirror of
https://github.com/The-Art-of-Hacking/h4cker
synced 2024-11-25 20:30:17 +00:00
4.2 KiB
4.2 KiB
Cloud Security Resources
- Cloud Security Resources from AWS
- Penetration Testing in Microsoft Azure
- Penetration Testing in AWS
- Penetration Testing in Google Cloud Platform
- Google Cloud Security Center
Additional AWS Pen Testing References
- PENETRATION TESTING AWS STORAGE: KICKING THE S3 BUCKET - Written by Dwight Hohnstein from Rhino Security Labs.
- AWS PENETRATION TESTING PART 1. S3 BUCKETS - Written by @VirtueSecurity.
- AWS PENETRATION TESTING PART 2. S3, IAM, EC2 - Written by @VirtueSecurity.
Vulnerables
Additional Tools
- Taken - Takeover AWS Ips And Have A Working POC For Subdomain Takeover
- Autovpn - Create On Demand Disposable OpenVPN Endpoints On AWS
- SpaceSiren - A Honey Token Manager And Alert System For AWS
- AWS Recon - Multi-threaded AWS Inventory Collection Tool With A Focus On Security-Relevant Resources And Metadata
- DAGOBAH - Open Source Tool To Generate Internal Threat Intelligence, Inventory & Compliance Data From AWS Resources
- AWS Report - A Tool For Analyzing Amazon Resources
- SkyArk - Helps To Discover, Assess And Secure The Most Privileged Entities In Azure And AWS
- Cloudsplaining - An AWS IAM Security Assessment Tool That Identifies Violations Of Least Privilege And Generates A Risk-Prioritized Report
- SkyWrapper - Tool That Helps To Discover Suspicious Creation Forms And Uses Of Temporary Tokens In AWS
- Sandcastle - A Python Script For AWS S3 Bucket Enumeration
- Awspx - A Graph-Based Tool For Visualizing Effective Access And Resource Relationships In AWS Environments
- AWSGen.py - Generates Permutations, Alterations And Mutations Of AWS S3 Buckets Names
- AlertResponder - Automatic Security Alert Response Framework By AWS Serverless Application Model
- Aaia - AWS Identity And Access Management Visualizer And Anomaly Finder
- FireProx - AWS API Gateway Management Tool For Creating On The Fly HTTP Pass-Through Proxies For Unique IP Rotation