Search exposed EBS volumes for secrets

Automating situational awareness for cloud penetration tests.

SkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS

all paths lead to clouds

Identify privilege escalation paths within and across different clouds

Audit program for AzureAD

Azure Security Resources and Notes

A collection of Azure AD/Entra tools for offensive and defensive security purposes

AADInternals PowerShell module for administering Azure AD and Office 365

A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, i…

retrieve information via O365 and AzureAD with a valid cred

Spray365 makes spraying Microsoft accounts (Office 365 / Azure AD) easy through its customizable two-step password spraying approach. The built-in execution plan features options that attempt to by…

Azure Data Exporter for BloodHound

A collection of scripts for assessing Microsoft Azure security

Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.

The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

Adam Raffe and Tom Wilde's Azure Security Lab

Find exposed data in Azure with this public blob scanner

This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.

PowerShell framework to assess Azure security