cyber-security-resources/cloud_resources
2023-08-20 17:56:30 -04:00
..
high_level_best_practices_pen_testing.md Create high_level_best_practices_pen_testing.md 2023-08-20 17:55:28 -04:00
README.md Update README.md 2023-08-20 17:56:30 -04:00

Cloud Security Resources

Additional AWS Pen Testing References

Vulnerables

Additional Tools

Azure

Enumeration Tools

Email and Username Enumeration

Cloud Infrastructure Enumeration

  • CloudBrute - Find a cloud infrastructure of a company
  • cloud_enum - Multi-cloud OSINT tool
  • Azucar - Security auditing tool for Azure environments

Azure Specific Enumeration

Information Gathering Tools

Azure Information Gathering

Multi-Cloud Security Auditing

  • ScoutSuite - Multi-cloud security auditing tool
  • Prowler - AWS and Azure security assessments

Lateral Movement Tools

Exploitation Tools

Azure Exploitation

Credential Attacks

  • MSOLSpray - Password spraying tool for Microsoft Online accounts
  • MFASweep - Check if MFA is enabled on multiple Microsoft Services Resources
  • adconnectdump - Dump Azure AD Connect credentials

Resources

Articles

Lists and Cheat Sheets

Lab Exercises

Talks and Videos