Cloud

A tool for enumerating and analyzing Amazon S3 buckets associated with specific targets to identify potential security misconfigurations.

A tool for identifying and exploiting SSRF vulnerabilities in modern cloud environments by filtering host lists to find viable attack candidates.

CloudScraper is an enumeration tool that discovers cloud storage resources including S3 buckets, Azure blobs, and DigitalOcean Spaces across target environments.

A security tool that performs whitebox evaluation of S3 object permissions to identify publicly accessible files and generate reports on potential exposure risks.

A Chrome extension that automatically detects and lists Amazon S3 buckets while browsing websites.

A security tool for discovering and analyzing interesting files in AWS S3 buckets across multiple regions and bucket types.

A Burp Suite extension that uses Shodan to discover cloud buckets and tests them for publicly accessible vulnerabilities through passive scanning.

S3cario is an AWS S3 bucket security testing tool that validates permissions and identifies potential vulnerabilities through scenario simulation.

TrailScraper is a command-line tool for extracting information from AWS CloudTrail logs and generating IAM policies based on actual API usage patterns.

Load-balancing solution by Microsoft Azure with global infrastructure and financial guidance.

A command-line tool that shows configuration history and changes of AWS resources using AWS Config service.

A Python script that inventories and lists main AWS account resources to provide visibility into cloud infrastructure components that may impact billing or security.

Enables secure connections to AWS EC2 instances

Cloud Sniper is a centralized cloud security operations platform that provides incident response, threat correlation, and automated security actions for cloud infrastructure protection.

A search engine for open Amazon S3 buckets and their contents, allowing users to search for files using keywords, filename extensions, and full path.

A serverless application that creates and monitors fake HTTP endpoints as honeytokens to detect attackers, malicious insiders, and automated threats.

A Python tool that uses AWS Cloud Control API to enumerate and catalog AWS resources across specified accounts and regions, outputting results in JSON format.

NBD (Network Block Device) is a network protocol implementation that allows clients to access remote block devices over a network as if they were local storage.

AWS Scout2 is a security assessment tool that uses the AWS API to gather configuration data and automatically identify security risks in AWS environments.

Datadog offers a comprehensive suite of cybersecurity tools for various aspects of application and infrastructure monitoring.

Sangfor Technologies is a leading cybersecurity, cloud, and infrastructure vendor providing effective cybersecurity and efficient enterprise cloud solutions.

PacBot is a cloud security platform that provides continuous compliance monitoring, automated policy enforcement, and security reporting through policy-as-code implementation and multi-source data integration.

TerraGoat is a deliberately vulnerable Terraform repository that demonstrates common cloud infrastructure misconfigurations for training and testing security tools.

IAM Zero detects identity and access management issues and automatically suggests least-privilege policies by analyzing application errors and access patterns in cloud environments.