Cloud Exploitation Resources

General

Gerenios/AADInternals
- desc: AADInternals PowerShell module for administering Azure AD and Office 365
rvrsh3ll/TokenTactics
- desc: Azure JWT Token Manipulation Toolset
initstring/cloud_enum
- desc: Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.
(dafthack/MFASweep)[https://github.com/dafthack/MFASweep]
- desc: AAD spray/recon
Flangvik/TeamFiltration
- desc: TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts
NetSPI/MicroBurst
- desc: A collection of scripts for assessing Microsoft Azure security
nyxgeek/onedrive_user_enum
- desc: onedrive user enumeration - pentest tool to enumerate valid o365 users
google/gcp_scanner
- desc: gcp recon tool
BishopFox/cloudfox
- desc: Automating situational awareness for cloud penetration tests.
pushsecurity/saas-attacks
- desc: Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face. #nolockdown
kind
- desc: a tool for running local Kubernetes clusters using Docker container “nodes”
peak/s5cmd
- desc: Parallel S3 and local filesystem execution tool.

BishopFox/cloudfoxable
- desc: Create your own vulnerable by design AWS penetration testing playground

Hacking-the-Cloud/hackingthe.cloud
- desc: An encyclopedia for offensive and defensive security knowledge in cloud native technologies.
7 lesser-known AWS SSM Document techniques for code execution – Security Café
- desc: 7 lesser-known AWS SSM Document techniques for code execution – Security Café