Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

47 matches found

Kitploit
Kitploitadded 2018/03/20 1:10 p.m.135 views

S3Scanner - Scan For Open S3 Buckets And Dump

A quick and dirty script to find unsecured S3 buckets and dump their contents. Using The tool has 2 parts: 1 - s3finder.py This script takes a list of domain names and checks if they're hosted on Amazon S3. Found S3 domains are output to file with their corresponding region in format...

7.1AI score
Exploits0References1
Kitploit
Kitploitadded 2018/01/06 8:45 p.m.19 views

shimit - A tool that implements the Golden SAML attack

shimit is a python tool that implements the Golden SAML attack. More informations on this can be found in the following article on our blog. python .\shimit.py -h usage: shimit.py -h -pk KEY -c CERT -sp SP -idp IDP -u USER -reg REGION --SessionValidity SESSIONVALIDITY --SamlValidity SAMLVALIDITY ...

7.5AI score
Exploits0References1
Hacker One
Hacker Oneadded 2017/09/28 5:44 p.m.12 views

██████: Remote Code Execution on Proxy Service (as root)

The proxy service used to provide researchers with access to certain programs on ██████ allows access to AWS's Metadata API. This Metadata API in turn is configured to expose temporary AWS access credentials for the AWS EC2 Run Command role. When this role is assumed by an AWS client e.g. the CLI...

1.4AI score
Exploits0
Kitploit
Kitploitadded 2017/07/21 2:30 p.m.170 views

Prowler - Tool for AWS Security Assessment, Auditing And Hardening

Tool based on AWS-CLI commands for AWS account security assessment and hardening, following guidelines of the CIS Amazon Web Services Foundations Benchmark 1.1 Features It covers hardening and security best practices for all AWS regions related to: Identity and Access Management 24 checks Logging...

7.5AI score
Exploits0References1
n0where
n0whereadded 2017/07/10 3:30 p.m.17 views

AWS CIS Benchmark Tool: Prowler

Tool based on AWS-CLI commands for AWS account hardening, following guidelines of the CIS Amazon Web Services Foundations Benchmark 1.1 . It covers hardening and security best practices for all regions related to: Identity and Access Management 24 checks Logging 8 checks Monitoring 15 checks...

7.5AI score
Exploits0References1
n0where
n0whereadded 2017/07/03 4:25 p.m.17 views

AWS Auditing & Hardening Tool: Zeus

Zeus is a powerful tool for AWS EC2 / S3 / CloudTrail / CloudWatch / KMS best hardening practices. It checks security settings according to the profiles the user creates and changes them to recommended settings based on the CIS AWS Benchmark source at request of the user. Identity and Access...

0.1AI score
Exploits0References1
Hacker One
Hacker Oneadded 2016/09/28 3:13 a.m.26 views

Reverb.com: Possible Blind Writing to S3 Bucket

Hi All, I noticed that you are using S3 and I believe I may have found one of your buckets and am able to write to it. However, I can not list the files in the bucket and such can not be 100% sure you own it. If you don't, I'd really appreciate being able to close this report myself or have you...

0.5AI score
Exploits0
Rows per page
Query Builder