Add new section for Cloud Platform Attack Tools with new tools.

This commit is contained in:
fabacab 2021-10-27 16:58:27 -04:00
parent f48c11cdce
commit f00f7e2487
No known key found for this signature in database
GPG Key ID: B0303BF6BA36A560

View File

@ -17,6 +17,7 @@ Your contributions and suggestions are heartily♥ welcome. (✿◕‿◕). Plea
* [Books](#books)
* [Malware Analysis Books](#malware-analysis-books)
* [CTF Tools](#ctf-tools)
* [Cloud Platform Attack Tools](#cloud-platform-attack-tools)
* [Collaboration Tools](#collaboration-tools)
* [Conferences and Events](#conferences-and-events)
* [Asia](#asia)
@ -163,6 +164,16 @@ See [awesome-malware-analysis § Books](https://github.com/rshipp/awesome-malwar
* [ctf-tools](https://github.com/zardus/ctf-tools) - Collection of setup scripts to install various security research tools easily and quickly deployable to new machines.
* [shellpop](https://github.com/0x00-0x00/shellpop) - Easily generate sophisticated reverse or bind shell commands to help you save time during penetration tests.
## Cloud Platform Attack Tools
See also *[HackingThe.cloud](https://hackingthe.cloud/)*.
* [Cloud Container Attack Tool (CCAT)](https://rhinosecuritylabs.com/aws/cloud-container-attack-tool/) - Tool for testing security of container environments.
* [CloudHunter](https://github.com/belane/CloudHunter) - Looks for AWS, Azure and Google cloud storage buckets and lists permissions for vulnerable buckets.
* [Cloudsplaining](https://cloudsplaining.readthedocs.io/) - Identifies violations of least privilege in AWS IAM policies and generates a pretty HTML report with a triage worksheet.
* [Endgame](https://endgame.readthedocs.io/) - AWS Pentesting tool that lets you use one-liner commands to backdoor an AWS account's resources with a rogue AWS account.
* [GCPBucketBrute](https://github.com/RhinoSecurityLabs/GCPBucketBrute) - Script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated.
## Collaboration Tools
* [Dradis](https://dradisframework.com) - Open-source reporting and collaboration tool for IT security professionals.