# Tooling Index

<table data-full-width="true"><thead><tr><th>Tool Name</th><th>Description</th><th data-type="content-ref">Write Up</th><th data-type="content-ref">Reference</th><th>Tags</th></tr></thead><tbody><tr><td>dsnap</td><td>Use to locally download AWS EBS volumes.</td><td><a href="dsnap">dsnap</a></td><td><a href="https://github.com/RhinoSecurityLabs/dsnap">https://github.com/RhinoSecurityLabs/dsnap</a></td><td>aws, ebs</td></tr><tr><td>Pacu</td><td>AWS exploitation framework.</td><td><a href="pacu">pacu</a></td><td><a href="https://github.com/RhinoSecurityLabs/pacu">https://github.com/RhinoSecurityLabs/pacu</a></td><td>aws, exploitation, pentest</td></tr><tr><td>cloud_enum</td><td>Enumerate public cloud resources on AWS, Azure, GCP.</td><td><a href="broken-reference">Broken link</a></td><td><a href="https://github.com/initstring/cloud_enum/tree/master">https://github.com/initstring/cloud_enum/tree/master</a></td><td>aws, azure, gcp, s3, awsapps</td></tr><tr><td>EC2userDataDumper</td><td>Enumerates and dumps EC2 user data.</td><td><a href="../../aws/aws/compute/ec2#get-user-data">#get-user-data</a></td><td><a href="https://github.com/cloudbreach/CloudBreach_AWSScripts/blob/master/EC2userDataDumper.sh">https://github.com/cloudbreach/CloudBreach_AWSScripts/blob/master/EC2userDataDumper.sh</a></td><td>aws, ec2</td></tr><tr><td>s3BucketVersionDumper</td><td>Enumerates and dumps all S3 object versions.</td><td></td><td><a href="https://github.com/cloudbreach/CloudBreach_AWSScripts/blob/master/s3BucketVersionDumper.sh">https://github.com/cloudbreach/CloudBreach_AWSScripts/blob/master/s3BucketVersionDumper.sh</a></td><td>aws, s3</td></tr><tr><td>Prowler</td><td>Open-source multi-cloud CSPM solution for conducting security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness.</td><td><a href="broken-reference">Broken link</a></td><td><a href="https://github.com/prowler-cloud/prowler">https://github.com/prowler-cloud/prowler</a></td><td>aws, cspm</td></tr><tr><td>CloudFox</td><td>Automating situational awareness for cloud penetration tests.</td><td><a href="broken-reference">Broken link</a></td><td><a href="https://github.com/BishopFox/cloudfox">https://github.com/BishopFox/cloudfox</a></td><td>aws, pentest</td></tr><tr><td>Trufflehog</td><td>Find secrets in local files, git, docker images, CI/CD, S3 buckets, etc. </td><td><a href="../capture-the-flags-ctfs/pwnedlabs/hunt-for-secrets-in-git-repos">hunt-for-secrets-in-git-repos</a></td><td><a href="https://github.com/trufflesecurity/trufflehog">https://github.com/trufflesecurity/trufflehog</a></td><td>aws, secrets, ci/cd, git</td></tr><tr><td>gitsecrets</td><td>AWS created solution for discovering and preventing committing secrets and credentials into git repositories.</td><td></td><td><a href="https://github.com/awslabs/git-secrets">https://github.com/awslabs/git-secrets</a></td><td>aws, secrets, ci/cd, git</td></tr><tr><td>tfsec</td><td>Terraform scanning solution.</td><td><a href="../../devsecops/iac-scanning/tfsec">tfsec</a></td><td><a href="https://github.com/aquasecurity/tfsec">https://github.com/aquasecurity/tfsec</a></td><td>terraform, ci/cd</td></tr><tr><td>trivy</td><td>Vulnerability, misconfiguration, and secrets scanning solution for Terraform, AWS, Containers, and more</td><td></td><td><a href="https://aquasecurity.github.io/trivy/v0.53/docs/">https://aquasecurity.github.io/trivy/v0.53/docs/</a></td><td>aws, terraform, containers, kubernetes, secrets, ci/cd</td></tr></tbody></table>