From 2fe0f697d92eb4f794689b52c3f9fc005cc861f8 Mon Sep 17 00:00:00 2001 From: Omar Santos Date: Wed, 31 Mar 2021 11:52:08 -0400 Subject: [PATCH] Adding cloud security tools --- cloud_resources/README.md | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/cloud_resources/README.md b/cloud_resources/README.md index 3e96081..2565ae5 100644 --- a/cloud_resources/README.md +++ b/cloud_resources/README.md @@ -14,3 +14,22 @@ ## Vulnerables - [CloudGoat](https://github.com/RhinoSecurityLabs/cloudgoat) - [Damn Vulnerable Cloud Application(DVCA)](https://github.com/m6a-UdS/dvca) + +## Additional Tools +- [Taken - Takeover AWS Ips And Have A Working POC For Subdomain Takeover](http://feedproxy.google.com/~r/PentestTools/~3/bOdrVajU9Ns/taken-takeover-aws-ips-and-have-working.html) +- [Autovpn - Create On Demand Disposable OpenVPN Endpoints On AWS](http://feedproxy.google.com/~r/PentestTools/~3/lxGVU3oWwCE/autovpn-create-on-demand-disposable.html) +- [SpaceSiren - A Honey Token Manager And Alert System For AWS](http://feedproxy.google.com/~r/PentestTools/~3/SIBlEXl2Mhc/spacesiren-honey-token-manager-and.html) +- [AWS Recon - Multi-threaded AWS Inventory Collection Tool With A Focus On Security-Relevant Resources And Metadata](http://feedproxy.google.com/~r/PentestTools/~3/mCRMljaSu2w/aws-recon-multi-threaded-aws-inventory.html) +- [DAGOBAH - Open Source Tool To Generate Internal Threat Intelligence, Inventory & Compliance Data From AWS Resources](http://feedproxy.google.com/~r/PentestTools/~3/heCluXrDIA0/dagobah-open-source-tool-to-generate.html) +- [AWS Report - A Tool For Analyzing Amazon Resources](http://feedproxy.google.com/~r/PentestTools/~3/pKUBrpmSvbE/aws-report-tool-for-analyzing-amazon.html) +- [SkyArk - Helps To Discover, Assess And Secure The Most Privileged Entities In Azure And AWS](http://feedproxy.google.com/~r/PentestTools/~3/fA1njXZatyo/skyark-helps-to-discover-assess-and.html) +- [Cloudsplaining - An AWS IAM Security Assessment Tool That Identifies Violations Of Least Privilege And Generates A Risk-Prioritized Report](http://feedproxy.google.com/~r/PentestTools/~3/-7enjmYyTw8/cloudsplaining-aws-iam-security.html) +- [SkyWrapper - Tool That Helps To Discover Suspicious Creation Forms And Uses Of Temporary Tokens In AWS](http://feedproxy.google.com/~r/PentestTools/~3/w0otGurmXTY/skywrapper-tool-that-helps-to-discover.html) +- [Sandcastle - A Python Script For AWS S3 Bucket Enumeration](http://feedproxy.google.com/~r/PentestTools/~3/e2xzlmFDtaE/sandcastle-python-script-for-aws-s3.html) +- [Awspx - A Graph-Based Tool For Visualizing Effective Access And Resource Relationships In AWS Environments](http://feedproxy.google.com/~r/PentestTools/~3/S_VHOWSjPYM/awspx-graph-based-tool-for-visualizing.html) +- [AWSGen.py - Generates Permutations, Alterations And Mutations Of AWS S3 Buckets Names](http://feedproxy.google.com/~r/PentestTools/~3/SagQLMEKNHs/awsgenpy-generates-permutations.html) +- [AlertResponder - Automatic Security Alert Response Framework By AWS Serverless Application Model](http://feedproxy.google.com/~r/PentestTools/~3/Wz_C66kvWFE/alertresponder-automatic-security-alert.html) +- [Aaia - AWS Identity And Access Management Visualizer And Anomaly Finder](http://feedproxy.google.com/~r/PentestTools/~3/2yvKL6xqlqM/aaia-aws-identity-and-access-management.html) +- [FireProx - AWS API Gateway Management Tool For Creating On The Fly HTTP Pass-Through Proxies For Unique IP Rotation](http://feedproxy.google.com/~r/PentestTools/~3/TkQaYYrkjO8/fireprox-aws-api-gateway-management.html) + +