Cloud

CloudFox is an open source command line tool that helps penetration testers and offensive security professionals identify exploitable attack paths and gain situational awareness in cloud infrastructure environments.

An all-in-one email outreach platform for finding and connecting with professionals, with features for lead discovery, email verification, and cold email campaigns.

SIFT is a digital forensics toolkit that provides installation management, task execution, and machine image building capabilities for forensic investigations on Ubuntu systems.

A dynamic multi-cloud infrastructure framework that enables rapid deployment of disposable instances pre-loaded with security tools for distributed offensive and defensive security operations.

A collection of hands-on workshops and educational content focused on AWS security services, techniques, and best practices through practical scenarios.

Dufflebag searches through public AWS EBS snapshots to identify accidentally exposed secrets and sensitive information.

StackStorm is an open-source automation platform that connects and automates DevOps workflows and integrates with existing infrastructure.

A comprehensive library documenting Amazon S3 attack scenarios and risk-based mitigation strategies for cloud storage security.

OWASP WrongSecrets is an educational game that teaches proper secrets management by demonstrating common mistakes through interactive challenges across various deployment platforms.

An archived community-driven collection of open source cloud security tools that provided monitoring and compliance capabilities for cloud infrastructure.

Open-source set of libraries and drivers to accelerate network performance.

aws-allowlister automatically generates AWS Service Control Policies that restrict access to only compliance-framework-approved AWS services.

A command-line tool that discovers and catalogs all AWS resources across an account using botocore, outputting results in JSON format.

A Ruby-based tool that enumerates all public IPv4 and IPv6 addresses associated with an AWS account across multiple services including EC2, CloudFront, ELB, RDS, and others.

CloudTrail Partitioner automates the creation and management of partitioned Athena tables for AWS CloudTrail logs with nightly partition updates.

AHHHZURE is an automated deployment script that creates vulnerable Azure cloud lab environments for offensive security training and cloud penetration testing practice.

A userland implementation of the Network Block Device protocol that enables remote block device access over network connections for distributed storage and virtualization use cases.

CloudGoat is a vulnerable-by-design AWS deployment tool that creates intentionally insecure cloud environments for hands-on cybersecurity training through capture-the-flag scenarios.

A forensics toolkit for collecting digital evidence from Google Cloud Platform, Microsoft Azure, and Amazon Web Services during incident response investigations.

Ice is an AWS cloud cost management tool that provides multi-level visibility into cloud spending and resource utilization to support informed reservation purchases and resource optimization decisions.

CobaltBus integrates Cobalt Strike with Azure Service Bus to create covert C2 communication channels for red team operations.

FestIn discovers open S3 buckets associated with a domain using crawling and DNS reconnaissance techniques.

A multi-cloud DNS security tool that detects dangling DNS records and potential subdomain takeover vulnerabilities by scanning cloud infrastructure and DNS zones.

A Go-based tool for discovering and inventorying internet-facing AWS assets across single or multiple accounts to help maintain comprehensive cloud attack surface visibility.