Tooling Index

Useful tools I've come across

Tool NameDescriptionWrite UpReferenceTags

dsnap

Use to locally download AWS EBS volumes.

aws, ebs

Pacu

AWS exploitation framework.

aws, exploitation, pentest

cloud_enum

Enumerate public cloud resources on AWS, Azure, GCP.

aws, azure, gcp, s3, awsapps

EC2userDataDumper

Enumerates and dumps EC2 user data.

aws, ec2

s3BucketVersionDumper

Enumerates and dumps all S3 object versions.

aws, s3

Prowler

Open-source multi-cloud CSPM solution for conducting security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness.

aws, cspm

CloudFox

Automating situational awareness for cloud penetration tests.

aws, pentest

Trufflehog

Find secrets in local files, git, docker images, CI/CD, S3 buckets, etc.

aws, secrets, ci/cd, git

gitsecrets

AWS created solution for discovering and preventing committing secrets and credentials into git repositories.

aws, secrets, ci/cd, git

tfsec

Terraform scanning solution.

terraform, ci/cd

trivy

Vulnerability, misconfiguration, and secrets scanning solution for Terraform, AWS, Containers, and more

aws, terraform, containers, kubernetes, secrets, ci/cd

Last updated