CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space. CloudScraper is a tool designed to enumerate targets in search of cloud resources. It can be used to scan for S3 Buckets, Azure Blobs, and Digital Ocean Storage Space. This tool is useful for security researchers, penetration testers, and anyone looking to identify potential cloud-based vulnerabilities.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
Anchore Enterprise is a platform that protects and secures software supply chains end-to-end.
In-depth analysis and insights on various cloud security topics by Rhino Security Labs team
Cloudmarker is a cloud monitoring tool and framework that audits Azure and GCP cloud environments.
A tool for pillaging Docker registries to extract image manifests and configurations.
gVisor is an application kernel that provides isolation for running sandboxed containers.
Exploit that launches a process on the host from within a Docker container run with the --privileged flag by abusing the Linux cgroup v1 “notification on release” feature.
Cloud security project focusing on discovering and protecting privileged entities in AWS and Azure environments.
A project exploring minimal set of restrictions for running untrusted code using Linux containers in a concise codebase.
Gatekeeper is a policy management tool for Kubernetes that provides an extensible, parameterized policy library and native Kubernetes CRDs for instantiating and extending the policy library.
PINNED

Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.