ENNAENNA
☁️

Cloud Recon

19 tools indexed

Cloud security assessment tools for auditing AWS, Azure, and GCP environments. These tools scan for misconfigured S3 buckets, overly permissive IAM policies, exposed cloud resources, and compliance violations across cloud infrastructure.

ScoutSuite

Python

Multi-cloud security auditing tool for AWS, Azure, GCP, Alibaba Cloud, and Oracle Cloud.

awsazuregcpcloud-audit
7.6k1.2k7mo ago

CloudMapper

Python

Analyze AWS environments to create network diagrams and identify security risks.

awsnetwork-diagramvisualizationsecurity
6.3k8331y ago

S3Scanner

Go

Scan for misconfigured S3 buckets across AWS regions and dump accessible contents.

s3awsbucketmisconfiguration
3.1k40425d ago

CloudBrute

Go

Cloud infrastructure enumerator to find company assets across multiple cloud providers.

cloudenumerationassetsmulti-cloud
1.1k1591y ago

MicroBurst

PowerShell

PowerShell toolkit for attacking Azure services including storage, key vaults, and automation.

azurepowershellstoragekey-vault
2.4k3362mo ago

ROADtools

Python

Framework for Azure AD enumeration and exploitation via the internal ROADrecon and ROADlib modules.

azure-adenumerationactive-directoryexploitation
2.6k3683mo ago

CloudFox

Go

Find exploitable attack paths in cloud infrastructure by enumerating IAM permissions, secrets, and network exposure.

cloud-attack-pathsiam-enumerationawsazure
2.4k22829d ago

enumerate-iam

Python

Enumerate AWS IAM permissions for a given set of credentials by brute-forcing API calls.

awsiampermission-enumcredential-testing
1.2k1932y ago

CloudSploit

JavaScript

Open-source cloud security configuration scanner for AWS, Azure, GCP, and Oracle Cloud Infrastructure.

cloud-securitymisconfigurationawsazure
3.7k7392mo ago

Cartography

Python

Intel graph of cloud infrastructure. Maps relationships between AWS, GCP, Azure, and other services into a Neo4j graph.

cloud-graphneo4jawsgcp
3.8k51023d ago

Steampipe

Go

Query cloud APIs with SQL. Zero-ETL approach to infrastructure visibility across AWS, Azure, GCP, and 140+ plugins.

sqlcloud-auditcompliancemulti-cloud
7.8k33326d ago

cloud_enum

Python

Multi-cloud OSINT enumeration. Discovers public resources across AWS, Azure, and GCP from keyword input.

cloud-osints3azure-blobsgcp-buckets
2.1k29710mo ago

CloudFlair

Python

Find origin servers behind Cloudflare. Uses Censys to discover the real IP address of Cloudflare-protected websites.

cloudflareorigin-ipcensysbypass
2.9k3821y ago

WeirdAAL

Python

AWS Attack Library. Enumerate, exploit, and backdoor AWS services with organized modules for cloud penetration testing.

awscloud-pentestenumerationexploitation
841941y ago

Stratus Red Team

Go

Datadog's adversary emulation for cloud environments (AWS, Azure, GCP, K8s) mapped to MITRE ATT&CK.

cloud-attackadversary-emulationawsazure
2.3k29624d ago

Checkov

Python

Static analysis for infrastructure-as-code scanning Terraform, CloudFormation, and K8s.

iacterraformcloudformationcompliance
8.7k1.3k24d ago

aws-vault

Go

Securely stores and accesses AWS credentials in your operating system's keystore, never writing them to disk.

awscredential-managementsecurityiam
9.0k8344mo ago

CloudGoat

Python

Rhino Security's 'vulnerable by design' AWS deployment tool for practicing cloud penetration testing techniques.

awsvulnerable-by-designtrainingcloud-security
3.6k75323d ago

KICS

Go

Infrastructure-as-Code security scanner supporting Terraform, CloudFormation, Kubernetes, Docker, Ansible, and more.

iac-securityterraformkubernetescompliance
2.6k36428d ago

Related Categories

🌐

Network Recon

40 tools

Vulnerability Scanning

22 tools

🔍

Subdomain Enumeration

14 tools