Vulnerability Management for Aws
Vulnerability management tools for security scanning, penetration testing, bug bounty programs, and vulnerability assessment. Task: Aws
Browse 24 security tools
FEATURED
USE CASES
Agentless cloud vulnerability management with unified context and prioritization
Network vulnerability scanning with human validation and risk-based scoring
Suite of VRM tools for vulnerability scanning, compliance, and risk mgmt.
IaC security scanner with 500+ policies for cloud infrastructure misconfigurations
Risk-based vulnerability mgmt for networks & cloud with threat intel scoring
AI agents investigate cloud vulnerabilities in context and automate remediation
Assesses AWS accounts for subdomain hijacking via Route53/CloudFront
A Python utility that identifies and exploits domains vulnerable to AWS name server takeover attacks by detecting misconfigured DNS settings.
S3cario is an AWS S3 bucket security testing tool that validates permissions and identifies potential vulnerabilities through scenario simulation.
A security tool for discovering S3 bucket references in web content and testing buckets for misconfigurations.
A Python tool that tests multiple AWS S3 buckets for security misconfigurations including directory listing and upload permissions.
A security tool for discovering and analyzing interesting files in AWS S3 buckets across multiple regions and bucket types.
Lambda-Proxy is a utility that enables SQL injection testing of AWS Lambda functions by converting SQLMap HTTP attacks into Lambda invoke calls through a local proxy.
WeirdAAL is an open-source framework that provides tools and libraries for simulating attacks and testing security vulnerabilities in AWS environments.
Pacu is an open-source AWS exploitation framework designed for offensive security testing against cloud environments through modular attack capabilities.
A security assessment tool that identifies AWS IAM permissions by systematically testing API calls to determine the actual scope of access granted to specific credentials.
Dufflebag searches through public AWS EBS snapshots to identify accidentally exposed secrets and sensitive information.
MetaHub is an open-source vulnerability management tool that provides impact-contextual analysis of security findings in AWS environments through automated contextualization, ownership identification, and prioritization scoring.
A proof-of-concept toolkit for fingerprinting and exploiting Amazon Web Services cloud infrastructures using the boto library.
A collection of Python scripts for conducting penetration testing activities against Amazon Web Services (AWS) environments.
A comprehensive repository of payloads and bypass techniques for web application security testing and penetration testing across multiple platforms and attack vectors.
A Python script that performs security testing attacks against AWS Cognito services including account creation, user enumeration, and privilege escalation vulnerabilities.
Principal Mapper is a Python tool that models AWS IAM configurations as directed graphs to identify privilege escalation risks and alternative attack paths in AWS environments.
S3Scanner is an open-source tool that scans S3 buckets across S3-compatible APIs to identify misconfigurations and security vulnerabilities.