awspx
pacu
| awspx | pacu | |
|---|---|---|
| 1 | 10 | |
| 865 | 4,050 | |
| 0.0% | 1.8% | |
| 10.0 | 8.6 | |
| over 1 year ago | 8 days ago | |
| Python | Python | |
| GNU General Public License v3.0 only | BSD 3-clause "New" or "Revised" License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
awspx
-
Open-source IAM Access Visualizer
Looks similar to awspx. Always good to have more visualisation tools
pacu
-
De um mimo até a elevação de privilégios na Cloud
Pra isso, usei a belíssima ferramenta Pacu https://github.com/RhinoSecurityLabs/pacu.
-
Should I be afraid of aws cloud as a security analyst?
ScoutSuite and Pacu (or Lava for Azure) are great tools and it's worth learning what they can do.
-
How do I build a network on AWS to capture flow data?
Not related to your original question, but you might want to take a look at pacu for simulating attacks.
- Pacu: The Open Source AWS Exploitation Framework
-
New Tools in Kali Linux 2021.2
CloudBrute - To find company(mostly cloud hence the name) infrastructure files and arch to a certain extent Dirsearch - Yet another web app path scanner like Gobuster/Dirbuster FeroxBuster - Rust based tool to perform forced browsing(read about it on GitHub Ghidra - Binary disassembler and decompiler (alternatives are gdb and ISA) Pacu - AWS exploitation framework GitHub Pirates - Kali package tracker(maybe like yay or pacman,not too sure on that one) quark-engine - android malware analysis system here Viscose - very popular and good code editor
- 🏹 Pacu: Framework de explotación de AWS #SeguridadOfensiva
-
Conducting a vulnerability scan on an AWS VPC
We're starting to work with Pacu for AWS testing. It's a bit more targeted to exploitation than vulnerability testing. https://rhinosecuritylabs.com/aws/pacu-open-source-aws-exploitation-framework/
- RhinoSecurityLabs/pacu - The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
What are some alternatives?
policy_sentry - IAM Least Privilege Policy Generator
ScoutSuite - Multi-Cloud Security Auditing Tool
checkov - Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
feroxbuster - A fast, simple, recursive content discovery tool written in Rust.
AWSXenos - AWSXenos will list all the trust relationships in all the IAM roles and S3 buckets
AirIAM - Least privilege AWS IAM Terraformer
lava - Microsoft Azure Exploitation Framework
aws-security-reference-architecture-examples - Example solutions demonstrating how to implement patterns within the AWS Security Reference Architecture guide using CloudFormation (including Customizations for AWS Control Tower) and Terraform.
quark-engine - Dig Vulnerabilities in the BlackBox