Category

AzureHound is a BloodHound data collector for Microsoft Azure, enabling security professionals to map attack paths in Azure environments.

CloudFox helps penetration testers find exploitable attack paths in cloud infrastructure, currently supporting AWS with more on the way.

CloudGoat is a "Vulnerable by Design" AWS deployment tool for honing cloud cybersecurity skills through CTF-style scenarios.

CloudQuery provides a developer-first cloud governance platform for security, compliance, and cost visibility across multi-cloud environments.

CloudSploit by Aqua scans cloud infrastructure for security risks, supporting AWS, Azure, GCP, OCI, and GitHub.

AI-native SAST tool for code security, detecting vulnerabilities, secrets, IaC issues, and AI model security with actionable AI fixes.

Gitleaks detects secrets like passwords, API keys, and tokens in git repositories, files, and standard input.

MicroBurst is a PowerShell toolkit for assessing Microsoft Azure security, including discovery, auditing, and post-exploitation actions.

Pacu is an AWS exploitation framework for offensive security testing of Amazon Web Services environments.

Prowler is an open-source cloud security tool empowering cloud engineers with customizable security checks across AWS, Azure, GCP, and Kubernetes.

Pwned Labs offers interactive, real-world cloud security labs for cybersecurity professionals to upskill affordably and effectively.

RESTler is a stateful REST API fuzzing tool for automatically testing cloud services and finding security and reliability bugs.