Cloud Security Resources

Support Cloud Security Office Hours
All Cloud Security Resources
Analyzing Malicious Documents

This cheat sheet outlines tips and tools for analyzing malicious documents, such as Microsoft Office, RTF, and PDF files.

Awesome Malware Analysis

A curated list of awesome malware analysis tools and resources.

Binary Edge

Binary Edge scans the entire public internet, create real-time threat intelligence streams, and reports that show the exposure of what is connected to the Internet.

Breaching the Cloud with Beau Bullock

This course provides comprehensive insights into cloud-based attack surfaces, a step-by-step methodology for compromising cloud environments, and practical guidance on leveraging open-source tools for effective cloud assessments.

CloudSec Tidbits

CloudSec Tidbits is a blogpost series showcasing interesting bugs found by Doyensec during cloud security testing activities.

cloudvulndb

An open project to list all known cloud vulnerabilities and CSP security issues

Dehashed

Leaked Credentials

DNSDumpster

DNS recon & research, find & lookup DNS records

Dorksearch

Google dorks are special search terms that are used to access specific sets of information that are not available with normal queries.

exploit-db

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers

grayhat warfare

displays thousands of publicly accessible S3 buckets

grep.app

Search across a half million git repos

LeakiX

LeakIX is a red-team search engine indexing mis-configurations and vulnerabilities online.

Offensive Security Bookmarks

A security bookmarks collection. All that things needed to pass OSCP, maybe

Packet Storm

Packet Storm provides around-the-clock information and tools in order to help mitigate both personal data and fiscal loss on a global scale.

Pentest Monkey

Taking the monkey work out of pentesting

Pivot Atlas

An educational pivoting handbook for cyber threat intelligence analysts developed by Amitai Cohen.

Pulsedive

Search any domain, IP, or URL and enrich on-demand with passive and active scans to inform your investigation.

Security Trails

DNS data lookup

Shodan

Shodan is the world's first search engine for Internet-connected devices.

T-Pot - The All In One Multi Honeypot Platform

T-Pot is the all in one, optionally distributed, multiarch (amd64, arm64) honeypot plattform, supporting 20+ honeypots and countless visualization options using the Elastic Stack, animated live attack maps and lots of security tools to further improve the deception experience.

URL Scan

A sandbox for the web

vulhub

Vulhub is an open-source collection of pre-built vulnerable docker environments.

Vulnhub

This cheatsheet is aimed at CTF players and beginners to help them understand the fundamentals of privilege escalation with examples.

Way Back Machine

Explore more than 916 billion web pages saved over time

Wigle

Wireless Networks Database

Wiz Cloud Threat Landscape

A comprehensive threat intelligence database of cloud security incidents, actors, tools and techniques.

ZoomEye

Target search engine

Topics