Enumeration
Browse 34 enumeration tools
FEATURED
An automated reconnaissance tool that crawls domains to discover URLs and scan for exposed secrets, API keys, and sensitive files during security assessments.
A tool for enumerating and analyzing Amazon S3 buckets associated with specific targets to identify potential security misconfigurations.
A Chrome extension that automatically detects and lists Amazon S3 buckets while browsing websites.
A format conversion tool for S3 buckets designed to assist bug bounty hunters and security testers in standardizing bucket data during reconnaissance activities.
CloudScraper is an enumeration tool that discovers cloud storage resources including S3 buckets, Azure blobs, and DigitalOcean Spaces across target environments.
A security tool for discovering and analyzing interesting files in AWS S3 buckets across multiple regions and bucket types.
Yar is a reconnaissance tool for scanning organizations, users, and repositories to identify vulnerabilities and security risks during security assessments.
ESC is an interactive .NET SQL console client with enhanced SQL Server discovery and data exfiltration features designed for penetration testing and red team engagements.
Scripts to automate the process of enumerating a Linux system through a Local File Inclusion (LFI) vulnerability.
A brute force parameter discovery tool for identifying hidden GET and POST parameters in web applications during security assessments.
A Python-based tool for external attack surface discovery and reconnaissance across large-scale networks, focusing on IP address and subdomain enumeration.
An information gathering tool for DNS, subdomains, ports, and directories enumeration.
A command-line tool for discovering domains and subdomains related to a target domain during reconnaissance activities.
A subdomain enumeration tool for penetration testers and security researchers.
A script to extract subdomains/emails for a given domain using SSL/TLS certificate dataset on Censys.
A Ruby-based tool that enumerates all public IPv4 and IPv6 addresses associated with an AWS account across multiple services including EC2, CloudFront, ELB, RDS, and others.
TrailBlazer analyzes AWS CloudTrail logging behavior by systematically testing API calls across services to determine what gets logged and how it appears in CloudTrail.
A command-line tool that discovers and catalogs all AWS resources across an account using botocore, outputting results in JSON format.
CloudFox is an open source command line tool that helps penetration testers and offensive security professionals identify exploitable attack paths and gain situational awareness in cloud infrastructure environments.
A security assessment tool that identifies AWS IAM permissions by systematically testing API calls to determine the actual scope of access granted to specific credentials.
A post-exploitation framework for attacking AWS infrastructure, enabling attacks on EC2 instances without SSH keypairs and extraction of AWS secrets and parameters.
A Python tool that uses AWS Cloud Control API to enumerate and catalog AWS resources across specified accounts and regions, outputting results in JSON format.
Stay Updated with Mandos Brief
Get strategic cybersecurity insights in your inbox
