• https://github.com/carnal0wnage/weirdAAL
• https://github.com/RhinoSecurityLabs/pacu
• https://github.com/disruptops/cred_scanner
• https://github.com/dagrz/aws_pwn
• https://github.com/MindPointGroup/cloudfrunt
• https://github.com/prevade/cloudjack
• https://github.com/andresriancho/nimbostratus
• https://github.com/zricethezav/gitleaks
• https://github.com/dxa4481/truffleHog
• https://github.com/securing/DumpsterDiver
• https://github.com/gruntwork-io/cloud-nuke
• https://github.com/ThreatResponse/mad-king
• https://github.com/mozilla/MozDef
• https://github.com/puresec/lambda-proxy
• https://github.com/Static-Flow/CloudCopy
• https://github.com/andresriancho/enumerate-iam
• https://github.com/Voulnet/barq
• https://github.com/RhinoSecurityLabs/ccat
• https://github.com/bishopfox/dufflebag
• https://github.com/splunk/attack_range
• https://github.com/elitest/Redboto
• https://github.com/Skyscanner/whispers
• https://github.com/0xsha/cloudbrute
• https://github.com/Parasimpaticki/sandcastle
• https://github.com/smiegles/mass3
• https://github.com/koenrh/s3enum
• https://github.com/tomdev/teh_s3_bucketeers
• https://github.com/eth0izzle/bucket-stream
• https://github.com/gwen001/s3-buckets-finder
• https://github.com/aaparmeggiani/s3find
• https://github.com/random-robbie/slurp
• https://github.com/clario-tech/s3-inspector
• https://github.com/pbnj/s3-fuzzer
• https://github.com/jordanpotti/AWSBucketDump
• https://github.com/bear/s3scan
• https://github.com/sa7mon/S3Scanner
• https://github.com/magisterquis/s3finder
• https://github.com/abhn/S3Scan
• https://github.com/whitfin/s3-meta
• https://github.com/whitfin/s3-meta
• https://github.com/vr00n/Amazon-Web-Shenanigans
• https://github.com/FishermansEnemy/bucket_finder
• https://github.com/brianwarehime/inSp3ctor
• https://github.com/Atticuss/bucketcat
• https://github.com/nahamsec/lazys3
• https://github.com/Ucnt/aws-s3-data-finder
• https://github.com/securing/BucketScanner
• https://github.com/VirtueSecurity/aws-extender-cli
• https://github.com/cr0hn/festin
• https://github.com/kurmiashish/S3Insights
• https://github.com/nccgroup/s3_objects_check
• https://github.com/toniblyx/my-arsenal-of-aws-security-tools
• https://rhinosecuritylabs.com/aws/aws-essentials-top-5-tests-penetration-testing-aws/
• https://rhinosecuritylabs.com/aws/pacu-open-source-aws-exploitation-framework/
• https://github.com/eth0izzle/shhgit
• https://www.getastra.com/blog/security-audit/aws-penetration-testing/
• https://owasp.org/www-pdf-archive/Aws_security_joel_leino.pdf
• https://rhinosecuritylabs.com/penetration-testing/penetration-testing-aws-cloud-need-know/
• https://github.com/PacktPublishing/Hands-On-AWS-Penetration-Testing-with-Kali-Linux
• https://github.com/lamkeysing92/aws-pentest-inventory
• https://github.com/dagrz/aws_pwn
• https://github.com/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training

• https://github.com/nccgroup/ScoutSuite
• https://github.com/toniblyx/prowler
• https://github.com/cloudsploit/scans
• https://github.com/duo-labs/cloudmapper
• https://github.com/duo-labs/cloudtracker
• https://github.com/awslabs/aws-security-benchmark
• https://github.com/arkadiyt/aws_public_ips
• https://github.com/nccgroup/PMapper
• https://github.com/nccgroup/aws-inventory
• https://github.com/disruptops/resource-counter
• https://github.com/Teevity/ice
• https://github.com/cyberark/SkyArk
• https://github.com/willbengtson/trailblazer-aws
• https://github.com/lateralblast/lunar
• https://github.com/tensult/cloud-reports
• https://github.com/tmobile/pacbot
• https://github.com/SecurityFTW/cs-suite
• https://github.com/te-papa/aws-key-disabler
• https://github.com/turnerlabs/antiope
• https://github.com/lyft/cartography
• https://github.com/mlabouardy/komiser
• https://github.com/darkarnium/perimeterator
• https://github.com/DenizParlak/Zeus
• https://github.com/darkbitio/aws-recon
• https://github.com/mhlabs/iam-policies-cli
• https://github.com/toniblyx/my-arsenal-of-aws-security-tools
• https://github.com/jassics/awesome-aws-security

• o365creeper - Enumerate valid email addresses
• CloudBrute - Tool to find a cloud infrastructure of a company on top Cloud providers
• cloud_enum - Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud
• Azucar - Security auditing tool for Azure environments
• CrowdStrike Reporting Tool for Azure (CRT) - Query Azure AD/O365 tenants for hard to find permissions and configuration settings
• ScoutSuite - Multi-cloud security auditing tool. Security posture assessment of different cloud environments.
• BlobHunter - A tool for scanning Azure blob storage accounts for publicly opened blobs
• Grayhat Warfare - Open Azure blobs and AWS bucket search

• o365recon - Information gathering with valid credentials to Azure
• Get-MsolRolesAndMembers.ps1 - Retrieve list of roles and associated role members
• ROADtools - Framework to interact with Azure AD
• PowerZure - PowerShell framework to assess Azure security
• Azurite - Enumeration and reconnaissance activities in the Microsoft Azure Cloud
• Sparrow.ps1 - Helps to detect possible compromised accounts and applications in the Azure/M365 environment
• Hawk - Powershell based tool for gathering information related to O365 intrusions and potential breaches
• Microsoft Azure AD Assessment - Tooling for assessing an Azure AD tenant state and configuration

• Stormspotter - Azure Red Team tool for graphing Azure and Azure Active Directory objects
• AzureADLateralMovement - Lateral Movement graph for Azure Active Directory
• SkyArk - Discover, assess and secure the most privileged entities in Azure and AWS

• MicroBurst - A collection of scripts for assessing Microsoft Azure security

• azuread_decrypt_msol_v2.ps1 - Decrypt Azure AD MSOL service account

• Credential Attacks

  • MSOLSpray - A password spraying tool for Microsoft Online accounts (Azure/O365)
  • MFASweep - A tool for checking if MFA is enabled on multiple Microsoft Services Resources
  • adconnectdump - Dump Azure AD Connect credentials for Azure AD and Active Directory

XMind - Evaluation Version