Cloud Security

Tools

- https://github.com/nccgroup/ScoutSuite
- https://github.com/initstring/cloud_enum
- https://github.com/aquasecurity/cloudsploit
- https://github.com/prowler-cloud/prowler
- https://github.com/RhinoSecurityLabs/pacu
- https://github.com/carlospolop/aws_iam_review
- https://github.com/Netspi/Microburst
- https://github.com/dirkjanm/ROADtools
- https://github.com/hausec/PowerZure
- https://github.com/sa7mon/S3Scanner
- https://github.com/BishopFox/cloudfox
- https://gitlab.com/gitlab-com/gl-security/threatmanagement/redteam/redteam-public/pocs/gcp_k8s_enum
- https://gitlab.com/gitlab-com/gl-security/threatmanagement/redteam/redteam-public/pocs/gcp_misc/-/tree/master
- https://gitlab.com/gitlab-com/gl-security/threatmanagement/redteam/redteam-public/tools/gcp_firewall_enum
- https://gitlab.com/gitlab-com/gl-security/threatmanagement/redteam/redteam-public/pocs/gcp_enum
- https://github.com/RhinoSecurityLabs/GCPBucketBrute
- https://github.com/RhinoSecurityLabs/GCP-IAM-Privilege-Escalation
- https://github.com/NetSPI/gcpwn
- https://github.com/google/gcp_scanner

Cheatsheets

- https://cloud.hacktricks.xyz/pentesting-cloud/pentesting-cloud-methodology
- https://hackingthe.cloud/
- https://cloudsecdocs.com/
- https://cloudsecwiki.com/
- https://pentestbook.six2dez.com/enumeration/cloud
- https://github.com/dafthack/CloudPentestCheatsheets
- https://reconshell.com/cloud-penetration-testing/
- https://github.com/Kyuu-Ji/Awesome-Azure-Pentest
- https://csbygb.gitbook.io/pentips/cloud-pentest/cloud
- https://github.com/4ndersonLin/awesome-cloud-security
- https://hausec.com/
- https://github.com/CyberSecurityUP/Cloud-Security-Attacks
- https://github.com/CyberSecurityUP/GCP-Pentest-Checklist
- https://0xd4y.com/2022/10/01/GCP-Penetration-Testing-Notes/
- https://0xd4y.com/2022/10/24/GCP-Penetration-Testing-Notes-2/

Last updated