Offensive Security for Aws

Ethical hacking tools and resources for penetration testing and red team operations. Task: AwsExplore 21 curated tools and resources

Search by name, description, or purpose... (⌘+K)

PINNED

Promoted • 6 tools

Proton Pass

Commercial

Data Protection

NordVPN

Commercial

Network Security

Mandos

Commercial

Consulting

Checkmarx SCA

Commercial

Application Security

Orca Security

Commercial

Cloud Security

DryRun

Commercial

Application Security

Want your tool featured here?

Get maximum visibility with pinned placement

LATEST ADDITIONS

s3reverse
A format conversion tool for S3 buckets designed to assist bug bounty hunters and security testers in standardizing bucket data during reconnaissance activities.
0
Free
Offensive Security
S3
Aws
Cloud Security
Bug Bounty
Reconnaissance
Penetration Testing
Offensive Security
Enumeration
Security Testing
Aws Security
s3reverse
A format conversion tool for S3 buckets designed to assist bug bounty hunters and security testers in standardizing bucket data during reconnaissance activities.
0
Free
Offensive Security
S3
Aws
Cloud Security
+7
AWSBucketDump
A security tool for discovering and analyzing interesting files in AWS S3 buckets across multiple regions and bucket types.
0
Free
Offensive Security
Aws
S3
Penetration Testing
Reconnaissance
Cloud Security
Security Testing
Enumeration
Aws Security
Offensive Security
Cloud
AWSBucketDump
A security tool for discovering and analyzing interesting files in AWS S3 buckets across multiple regions and bucket types.
0
Free
Offensive Security
Aws
S3
Penetration Testing
+7
Redboto
A Python-based red team toolkit that leverages AWS boto3 SDK to perform offensive operations including credential extraction and file exfiltration from EC2 instances.
0
Free
Offensive Security
Red Team
Aws
Offensive Security
Penetration Testing
Python
Ec2
S3
Data Extraction
Cloud Security
Redboto
A Python-based red team toolkit that leverages AWS boto3 SDK to perform offensive operations including credential extraction and file exfiltration from EC2 instances.
0
Free
Offensive Security
Red Team
Aws
Offensive Security
+6
CloudBrute
A black-box reconnaissance tool that discovers cloud infrastructure, files, and applications across major cloud providers for security testing purposes.
0
Free
Offensive Security
Reconnaissance
Cloud Security
Penetration Testing
Bug Bounty
Red Team
Aws
Azure
Gcp
Asset Discovery
Offensive Security
CloudBrute
A black-box reconnaissance tool that discovers cloud infrastructure, files, and applications across major cloud providers for security testing purposes.
0
Free
Offensive Security
Reconnaissance
Cloud Security
Penetration Testing
+7
Cloud_enum
Cloud_enum is a multi-cloud OSINT tool that enumerates publicly accessible resources across AWS, Azure, and Google Cloud platforms for security assessment purposes.
0
Free
Offensive Security
Osint
Cloud Security
Enumeration
Aws
Azure
Gcp
Reconnaissance
Penetration Testing
Security Assessment
Attack Surface
Cloud_enum
Cloud_enum is a multi-cloud OSINT tool that enumerates publicly accessible resources across AWS, Azure, and Google Cloud platforms for security assessment purposes.
0
Free
Offensive Security
Osint
Cloud Security
Enumeration
+7
barq
A post-exploitation framework for attacking AWS infrastructure, enabling attacks on EC2 instances without SSH keypairs and extraction of AWS secrets and parameters.
0
Free
Offensive Security
Post Exploitation
Aws
Aws Security
Ec2
Penetration Testing
Red Team
Metasploit
Empire
Enumeration
Python
barq
A post-exploitation framework for attacking AWS infrastructure, enabling attacks on EC2 instances without SSH keypairs and extraction of AWS secrets and parameters.
0
Free
Offensive Security
Post Exploitation
Aws
Aws Security
+7
CloudCopy
CloudCopy implements a cloud version of the Shadow Copy attack to extract domain user hashes from AWS-hosted domain controllers by creating and mounting volume snapshots.
0
Free
Offensive Security
Offensive Security
Aws
Active Directory
Cloud Security
Penetration Testing
Privilege Escalation
Ec2
Hash Cracking
Post Exploitation
Red Team
CloudCopy
CloudCopy implements a cloud version of the Shadow Copy attack to extract domain user hashes from AWS-hosted domain controllers by creating and mounting volume snapshots.
0
Free
Offensive Security
Offensive Security
Aws
Active Directory
+7
CloudFox
CloudFox is an open source command line tool that helps penetration testers and offensive security professionals identify exploitable attack paths and gain situational awareness in cloud infrastructure environments.
0
Free
Offensive Security
Offensive Security
Penetration Testing
Cloud Security
Aws
Reconnaissance
Attack Surface
Command Line Tool
Open Source
Enumeration
Cloud
CloudFox
CloudFox is an open source command line tool that helps penetration testers and offensive security professionals identify exploitable attack paths and gain situational awareness in cloud infrastructure environments.
0
Free
Offensive Security
Offensive Security
Penetration Testing
Cloud Security
+7
Pacu
Pacu is an open-source AWS exploitation framework designed for offensive security testing against cloud environments through modular attack capabilities.
0
Free
Offensive Security
Aws
Cloud Security
Penetration Testing
Offensive Security
Exploitation
Privilege Escalation
Iam
Lambda
Python
Framework
Pacu
Pacu is an open-source AWS exploitation framework designed for offensive security testing against cloud environments through modular attack capabilities.
0
Free
Offensive Security
Aws
Cloud Security
Penetration Testing
+7
MadKing Amazon Web Services Attack Platform
A project for demonstrating AWS attack techniques with a focus on ethical hacking practices.
0
Free
Offensive Security
Aws
Serverless
Persistence
Ethical Hacking
Security
MadKing Amazon Web Services Attack Platform
A project for demonstrating AWS attack techniques with a focus on ethical hacking practices.
0
Free
Offensive Security
Aws
Serverless
Persistence
+2
Simulator
A distributed systems simulator that creates intentionally vulnerable Kubernetes clusters in AWS for security training and attack scenario practice.
0
Free
Offensive Security
Kubernetes
Kubernetes Security
Aws
Container Security
Offensive Security
Penetration Testing
Vulnerability Assessment
Training
Simulation
Educational
Simulator
A distributed systems simulator that creates intentionally vulnerable Kubernetes clusters in AWS for security training and attack scenario practice.
0
Free
Offensive Security
Kubernetes
Kubernetes Security
Aws
+7
Payloads All The Things
A comprehensive repository of payloads and bypass techniques for web application security testing and penetration testing across multiple platforms and attack vectors.
0
Free
Offensive Security
Offensive Security
Penetration Testing
Web Application Security
Payloads
Burp Suite
Active Directory
Aws
Azure
Linux
Metasploit
Windows
Subdomain Enumeration
Reverse Shell
Exploitation
Vulnerability Assessment
Security Testing
Pentesting
Web Security
Cloud Security
Payloads All The Things
A comprehensive repository of payloads and bypass techniques for web application security testing and penetration testing across multiple platforms and attack vectors.
0
Free
Offensive Security
Offensive Security
Penetration Testing
Web Application Security
+16
Cognito Scanner
A Python script that performs security testing attacks against AWS Cognito services including account creation, user enumeration, and privilege escalation vulnerabilities.
0
Free
Offensive Security
Aws
Aws Security
Offensive Security
Penetration Testing
Vulnerability Assessment
Enumeration
Privilege Escalation
Python
Security Testing
Cognito Scanner
A Python script that performs security testing attacks against AWS Cognito services including account creation, user enumeration, and privilege escalation vulnerabilities.
0
Free
Offensive Security
Aws
Aws Security
Offensive Security
+6
CloudGoat
CloudGoat is a vulnerable-by-design AWS deployment tool that creates intentionally insecure cloud environments for hands-on cybersecurity training through capture-the-flag scenarios.
0
Free
Offensive Security
Aws
Cloud Security
Penetration Testing
Ctf
Educational
Vulnerable Apps
Training
Offensive Security
Aws Security
Cloud
CloudGoat
CloudGoat is a vulnerable-by-design AWS deployment tool that creates intentionally insecure cloud environments for hands-on cybersecurity training through capture-the-flag scenarios.
0
Free
Offensive Security
Aws
Cloud Security
Penetration Testing
+7
AWS IAM Privilege Escalation Methods
Documentation of an AWS IAM privilege escalation technique that exploits the iam:CreatePolicyVersion permission to gain elevated access through policy manipulation.
0
Free
Offensive Security
Aws
Iam
Privilege Escalation
Aws Security
Cloud Security
Offensive Security
Exploitation
Aws Iam
Penetration Testing
Red Team
AWS IAM Privilege Escalation Methods
Documentation of an AWS IAM privilege escalation technique that exploits the iam:CreatePolicyVersion permission to gain elevated access through policy manipulation.
0
Free
Offensive Security
Aws
Iam
Privilege Escalation
+7
WeirdAAL (AWS Attack Library)
WeirdAAL is an open-source framework that provides tools and libraries for simulating attacks and testing security vulnerabilities in AWS environments.
0
Free
Offensive Security
Aws
Aws Security
Cloud Security
Penetration Testing
Security Testing
Vulnerability Assessment
Framework
Open Source
Red Team
Offensive Security
WeirdAAL (AWS Attack Library)
WeirdAAL is an open-source framework that provides tools and libraries for simulating attacks and testing security vulnerabilities in AWS environments.
0
Free
Offensive Security
Aws
Aws Security
Cloud Security
+7
Breaking and Pwning Apps and Servers on AWS and Azure
A training program that teaches security professionals how to conduct penetration testing and attack simulations against AWS and Azure cloud infrastructure.
0
Free
Offensive Security
Aws
Azure
Cloud Security
Penetration Testing
Offensive Security
Training
Hands On
Devsecops
Cloud
Security Testing
Breaking and Pwning Apps and Servers on AWS and Azure
A training program that teaches security professionals how to conduct penetration testing and attack simulations against AWS and Azure cloud infrastructure.
0
Free
Offensive Security
Aws
Azure
Cloud Security
+7
AWS pwn
A collection of Python scripts for conducting penetration testing activities against Amazon Web Services (AWS) environments.
0
Free
Offensive Security
Aws
Penetration Testing
Offensive Security
Cloud Security
Python
Security Testing
Aws Security
Pentest
Cloud
Hacking Tool
AWS pwn
A collection of Python scripts for conducting penetration testing activities against Amazon Web Services (AWS) environments.
0
Free
Offensive Security
Aws
Penetration Testing
Offensive Security
+7
NSBrute
A Python utility that identifies and exploits domains vulnerable to AWS name server takeover attacks by detecting misconfigured DNS settings.
0
Free
Offensive Security
Python
Aws
Dns
Subdomain Takeover
Offensive Security
Penetration Testing
Vulnerability Scanner
Domain Enumeration
Reconnaissance
Security Testing
NSBrute
A Python utility that identifies and exploits domains vulnerable to AWS name server takeover attacks by detecting misconfigured DNS settings.
0
Free
Offensive Security
Python
Aws
Dns
+7
Leonidas
A framework for executing cloud attacker tactics, techniques, and procedures (TTPs) that can generate APIs, Sigma detection rules, and documentation from YAML-based definitions.
0
Free
Offensive Security
Offensive Security
Cloud Security
Attack Simulation
Sigma
Api
Aws
Yaml
Mitre Attack
Red Team
Detection Rules
Leonidas
A framework for executing cloud attacker tactics, techniques, and procedures (TTPs) that can generate APIs, Sigma detection rules, and documentation from YAML-based definitions.
0
Free
Offensive Security
Offensive Security
Cloud Security
Attack Simulation
+7
Cloud Container Attack Tool (CCAT)
A security testing framework for assessing container environment security across AWS and GCP cloud platforms.
0
Free
Offensive Security
Offensive Security
Container Security
Cloud Security
Penetration Testing
Aws
Gcp
Docker
Security Testing
Python
Pentesting
Cloud Container Attack Tool (CCAT)
A security testing framework for assessing container environment security across AWS and GCP cloud platforms.
0
Free
Offensive Security
Offensive Security
Container Security
Cloud Security
+7

Offensive Security for Aws

RELATED TASKS

PINNED

LATEST ADDITIONS

s3reverse

s3reverse

AWSBucketDump

AWSBucketDump

Redboto

Redboto

CloudBrute

CloudBrute

Cloud_enum

Cloud_enum

barq

barq

CloudCopy

CloudCopy

CloudFox

CloudFox

Pacu

Pacu

MadKing Amazon Web Services Attack Platform

MadKing Amazon Web Services Attack Platform

Simulator

Simulator

Payloads All The Things

Payloads All The Things

Cognito Scanner

Cognito Scanner

CloudGoat

CloudGoat

AWS IAM Privilege Escalation Methods

AWS IAM Privilege Escalation Methods

WeirdAAL (AWS Attack Library)

WeirdAAL (AWS Attack Library)

Breaking and Pwning Apps and Servers on AWS and Azure

Breaking and Pwning Apps and Servers on AWS and Azure

AWS pwn

AWS pwn

NSBrute

NSBrute

Leonidas

Leonidas

Cloud Container Attack Tool (CCAT)

Cloud Container Attack Tool (CCAT)