Cloud

AHHHZURE is an automated deployment script that creates vulnerable Azure cloud lab environments for offensive security training and cloud penetration testing practice.

A userland implementation of the Network Block Device protocol that enables remote block device access over network connections for distributed storage and virtualization use cases.

CloudGoat is a vulnerable-by-design AWS deployment tool that creates intentionally insecure cloud environments for hands-on cybersecurity training through capture-the-flag scenarios.

A forensics toolkit for collecting digital evidence from Google Cloud Platform, Microsoft Azure, and Amazon Web Services during incident response investigations.

Ice is an AWS cloud cost management tool that provides multi-level visibility into cloud spending and resource utilization to support informed reservation purchases and resource optimization decisions.

CobaltBus integrates Cobalt Strike with Azure Service Bus to create covert C2 communication channels for red team operations.

FestIn discovers open S3 buckets associated with a domain using crawling and DNS reconnaissance techniques.

A multi-cloud DNS security tool that detects dangling DNS records and potential subdomain takeover vulnerabilities by scanning cloud infrastructure and DNS zones.

A Go-based tool for discovering and inventorying internet-facing AWS assets across single or multiple accounts to help maintain comprehensive cloud attack surface visibility.

A training program that teaches security professionals how to conduct penetration testing and attack simulations against AWS and Azure cloud infrastructure.

Metabadger automates the upgrade of AWS EC2 instances to use the more secure Instance Metadata Service v2 (IMDSv2) to prevent SSRF attacks and reduce attack surface.

A PowerShell toolkit for penetration testing Microsoft Azure environments, providing discovery, configuration auditing, and post-exploitation capabilities.

Cloudmarker is a configurable cloud monitoring tool and framework that audits Azure and GCP environments by retrieving, analyzing, and alerting on cloud security data.

Shuffle Automation is an accessible automation platform that provides workflow automation capabilities for security operations with both self-hosted and cloud deployment options.

SkyArk is a cloud security scanning tool that identifies privileged entities in AWS and Azure environments to help mitigate Cloud Shadow Admin threats.

A NodeJS/TypeScript library that generates IAM Policy Actions Statements for AWS services with predefined constants and factory classes for AWS CDK integration.

SkyWrapper analyzes temporary token behaviors in AWS accounts to detect suspicious activities and generates Excel reports with findings summaries.

Teller is a command-line secret management tool that integrates with various cloud providers and vaults to securely populate environment variables during development workflows.

A collection of Python scripts for conducting penetration testing activities against Amazon Web Services (AWS) environments.

A multi-cloud asset enumeration tool that helps blue teams centralize and inventory assets across multiple cloud providers with minimal configuration.

Advanced threat prevention and detection platform leveraging Deep CDR, Multiscanning, and Sandbox technologies to protect against data breaches and ransom attacks.

Security Monkey monitors AWS, GCP, and OpenStack environments for policy changes and insecure configurations, providing historical tracking and alerting capabilities through a centralized interface.

A proof-of-concept toolkit for fingerprinting and exploiting Amazon Web Services cloud infrastructures using the boto library.

A command line tool that counts and inventories AWS resources across multiple regions, providing visibility into cloud infrastructure with efficient API querying.