Other Tools (Catch all) - SethBodine/audit-tools GitHub Wiki
Other Tools
A curated list of external tools that are not included in the container but are relevant to cloud security assessments. These are provided as references — review each project before use and verify they are still actively maintained.
The Last Commit badge gives a quick indication of how recently each project was updated.
Infrastructure as Code (IaC)
| URL |
Last Commit |
Comments |
| TerraformGoat |
 |
TerraformGoat is HXSecurity research lab's "Vulnerable by Design" multi cloud deployment tool. |
| TerraGoat - Vulnerable Terraform Infrastructure |
 |
TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. |
| Kubernetes Goat |
 |
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground. |
| Kube-goat |
 |
A deliberately vulnerable Kubernetes cluster. |
| Bad Pods |
 |
A collection of manifests that will create pods with elevated privileges. |
Open Source Inteligence (OSINT)
| URL |
Last Commit |
Comments |
| OSINT Framework |
 |
OSINT framework focused on gathering information from free tools or resources. |
| Blackbird |
 |
An OSINT tool to search for accounts by username in social networks. |
| ASTERISKS & OBELIX |
 |
Identify the emails hidden behind asterisks. |
| Terra |
 |
OSINT Tool on Twitter and Instagram. |
| Profil3r |
 |
OSINT tool that allows you to find a person's accounts and emails + breached emails. |
| Postal - Email OSINT |
 |
Poastal - the Email OSINT tool |
| TLDHunt |
 |
Domain Availability Checker. |
| KnockKnock |
 |
Enumerate valid users within Microsoft Teams and OneDrive with clean output. |
| Sirius Scan |
 |
The first truly open-source general purpose vulnerability scanner. |
| Spoofy |
 |
Checks if a list of domains can be spoofed based on SPF and DMARC records. |
| EmploLeaks |
 |
An OSINT tool that helps detect members of a company with leaked credentials |
| web-check |
 |
All-in-one OSINT tool for analysing any website Tool Demo |
| CloakQuest3r |
 |
Uncover the true IP address of websites safeguarded by Cloudflare & Others |
| WAF Bypass Tool |
 |
Check your WAF before an attacker does |
| PIP-INTEL |
 |
PIP-INTEL is an OSINT (Open Source Intelligence) tool designed using various open-source tools and pip packages. |
| gitGRAB |
 |
This tool is designed to interact with the GitHub API and retrieve specific user details, repository information, and commit emails for a given user. |
| Octopii |
 |
An AI-powered Personal Identifiable Information (PII) scanner. |
| hardCIDR |
 |
hardCIDR is a Linux Bash script, but also functions under macOS. Your mileage may vary on other distros. The script with no specified options will query ARIN and a pool of BGP route servers. The route server is selected at random at runtime. |
| ExchangeFinder |
 |
Find Microsoft Exchange instance for a given domain and identify the exact version |
| RepoReaper |
 |
RepoReaper is an automated tool crafted to meticulously scan and identify exposed .git repositories within specified domains and their subdomains. |
| OSTE-Web-Log-Analyzer |
 |
OSTE WLA automate the process of analyzing web server logs with the Python Web Log Analyzer. |
M365 Tools
| URL |
Last Commit |
Comments |
| 365 Inspect |
 |
A PowerShell script that automates the security assessment of Microsoft Office 365 environments. |
| ScubaGear |
 |
Automation to assess the state of your M365 tenant against CISA's baselines. (untested) |
| AADInternals |
|
AADInternals and AADInternals-Endpoints toolkits are PowerShell modules containing tools for administering and hacking Entra ID (ex. Azure AD), Office 365, and Entra ID related endpoints |
AWS Tool List
AD Tools
| URL |
Last Commit |
Comments |
| ADRecon |
 |
Gathers information about the Active Directory. |
| ADAudit |
 |
Active Directory Audit Tools for IT Audits. |
| ADxRay |
 |
Health Check script that generates a full HTML report of the environment's health, security and status based on Microsoft's Best Practices. |
| Domain Audit |
 |
Automates a lot of checks from a pentester perspective. |
| Testimo |
 |
PowerShell module for running health checks for Active Directory against a bunch of different tests. |
| adaudit |
 |
Powershell script to do domain auditing automation. |
| PingCastle |
 |
PingCastle - Get Active Directory Security at 80% in 20% of the time - Free for own business us. |
| msLDAPDump |
 |
LDAP enumeration tool implemented in Python3. |
Additional Tools (Not yet introduced into container)
| URL |
Last Commit |
Comments |
| KnowsMore |
 |
Swiss Army tool for AD |
| Startup-SBOM |
 |
A tool to reverse engineer and inspect the RPM and APT databases to list all the packages along with executables, service and versions. |
Incident Response Tools
| URL |
Last Commit |
Comments |
| MS ICSpector |
 |
Microsoft ICSpector (ICS Forensics Tools framework) is an open-source forensics framework that enables the analysis of Industrial PLC metadata and project files. |
| AttackGen |
 |
AttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITRE ATT&CK framework. The tool generates tailored incident response scenarios based on user-selected threat actor groups and your organisation's details. |
Information / Cool Tools
| URL |
Last Commit |
Comments |
| Github Sheilds |
 |
Concise, consistent, and legible badges in SVG and raster format. |
| Kali Packerage Manager |
 |
Tool to help manage and upgrade Kali packages and configuration |
| SecuSphere |
 |
Efficient DevSecOps PLatform. |
| PatchaPalooza |
 |
Insightful analysis of Microsoft's monthly security updates. |
| s3enum |
 |
Fast and stealthy Amazon S3 bucket enumeration tool for pentesters. |
| Goblob |
 |
fast enumeration tool for publicly exposed Azure Storage blobs. |
| PassBreaker |
 |
A command-line password cracking tool. |
| Ethical Insight |
 |
Centralized Active Directory Auditing Tool. |
| cheat.sh |
 |
Unified access to the best community driven cheat sheets repositories of the world. |
| HardeningKitty |
 |
Checks and hardens your Windows configuration. |
| BucketLoot |
 |
BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for custom keywords as well as Regular Expressions from publicly-exposed storage buckets by scanning files that store data in plain-text. |
| CloudSploit |
 |
Cloud Security Posture Management (CSPM) |
| Galah |
 |
Galah: An LLM-powered web honeypot. Wasting attackers' time with faker-than-ever HTTP responses! |
| C2 Tracker |
 |
Live Feed of C2 servers, tools, and botnets |
| T-Pot |
 |
🍯 T-Pot - The All In One Multi Honeypot Platform 🐝 |
| Cowrie |
 |
Cowrie SSH/Telnet Honeypot https://docs.cowrie.org/ |
For the teams of red / blue/ purple
| URL |
Last Commit |
Comments |
| Nuclei + Paramspider = NucleiFuzzer |
 |
Tool for detecting XSS, SQLi, SSRF, Open-Redirect, etc.. Vulnerabilities in Web Apps |
| Unprotect Project |
|
Evasion Technique Search Engine. |
| PS Script Analyzer |
 |
z9 PowerShell Log Analyzer. |
| Active Directory Exploitation Cheat Sheet |
 |
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory. |
| Smartbrute |
 |
Password spraying and bruteforcing tool for Active Directory Domain Services. |
| BlueHound |
 |
BlueHound - pinpoint the security issues that actually matter. |
| CLZero |
 |
A project for fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectors |
| cve-maker |
 |
Tool to find CVEs and Exploits. |
| CloudPentestCheatsheets |
 |
This repository contains a collection of cheatsheets put together for tools related to pentesting organizations that leverage cloud providers. |
| SploitScan |
 |
SploitScan is a sophisticated cybersecurity utility designed to provide detailed information on vulnerabilities and associated exploits. |
| Porch Pirate |
 |
Porch Pirate is the most comprehensive Postman recon / OSINT client and framework that facilitates the automated discovery and exploitation of API endpoints and secrets committed to workspaces, collections, requests, users and teams. Porch Pirate can be used as a client or be incorporated into your own applications. |
| Above |
 |
Network Security Sniffer |
| headerpwn |
 |
A fuzzer for finding anomalies and analyzing how servers respond to different HTTP headers |
| LOLSpoof |
 |
An interactive shell to spoof some LOLBins command line |
| X-Recon |
 |
A utility for detecting webpage inputs and conducting XSS scans. |
| SiCat |
 |
The useful exploit finder |
| Hardening Meter |
 |
HardeningMeter is an open-source Python tool carefully designed to comprehensively assess the security hardening of binaries and systems. |
