Skip to content
View st3rven's full-sized avatar
💭
💭
20 followers · 29 following

Block or report st3rven

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
Stars

☁️Cloud

33 repositories

Permiso-io-tools / DetentionDodger

Python 17 3 Updated Jan 31, 2025

Malcrove / SeamlessPass

A tool leveraging Kerberos tickets to get Microsoft 365 access tokens using Seamless SSO

Python 217 17 Updated Aug 25, 2024

kozmer / aad-bofs

C 136 13 Updated Nov 17, 2025

n0tspam / delepwn

DelePwn is a security assessment tool designed to identify and demonstrate the risks associated with Google Workspace Domain-Wide Delegation (DWD) misconfigurations in Google Cloud Platform (GCP) e…

Python 36 4 Updated Aug 8, 2025

JumpsecLabs / TokenSmith

TokenSmith generates Entra ID access & refresh tokens on offensive engagements. It is suitable for both covert adversary simulations and penetration tests with the tokens generated working out of t…

Go 334 43 Updated Jan 23, 2025

rootsecdev / Azure-Red-Team

Azure Security Resources and Notes

PowerShell 1,668 221 Updated Nov 7, 2025

dirkjanm / adconnectdump

Dump Azure AD Connect credentials for Azure AD and Active Directory

C# 761 98 Updated Aug 26, 2025

absolomb / FindMeAccess

Python 176 30 Updated Dec 17, 2025

yuyudhn / AzSubEnum

Azure Service Subdomain Enumeration

Python 67 12 Updated Sep 2, 2024

LuemmelSec / APEX

Azure Post Exploitation Framework

PowerShell 242 22 Updated Oct 27, 2025

mlcsec / Graphpython

Modular cross-platform Microsoft Graph API (Entra, o365, and Intune) enumeration and exploitation toolkit

Python 162 15 Updated Dec 7, 2024

Azure / Stormspotter

Azure Red Team tool for graphing Azure and Azure Active Directory objects

Python 1,671 210 Updated Jan 8, 2024

securesloth / noCAP

Lightweight security tool for auditing your organization's Conditional Access Policies (CAPs) in Microsoft Entra ID for potential misconfigurations.

Python 78 5 Updated Feb 25, 2025

NetSPI / gcpwn

Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @WebbinRoot

Python 274 27 Updated May 16, 2025

bryanmcnulty / gcp-iam-fuzz

Tool to quickly enumerate IAM permissions for a Google Cloud Platform (GCP) account

Go 7 Updated Mar 16, 2025

zh54321 / PoCEntraDeviceComplianceBypass

Simple pure PowerShell POC to bypass Entra / Intune Compliance Conditional Access Policy

PowerShell 163 16 Updated Nov 17, 2025

xpn / OktaPostExToolkit

Python 187 18 Updated Nov 21, 2024

uniQuk / caReports

Conditional Access Reporting

PowerShell 28 1 Updated Apr 4, 2025

aws-samples / well-architected-iac-analyzer

Sample Generative AI tool for evaluating Infrastructure as Code and architecture diagrams against AWS Well-Architected best practices.

TypeScript 435 83 Updated Dec 17, 2025

hac01 / iam-policy-visualize

Python script to render / generate flow chart like visual of IAM policy

Python 10 2 Updated Mar 30, 2025

carlospolop / CloudPEASS

Python 593 68 Updated Dec 11, 2025

zh54321 / GraphPreConsentExplorer

A comprehensive list of usable Entra ID first-party clients with pre-consented Microsoft Graph scopes, in a simple YAML-file explorable with a simple HTML GUI.

HTML 145 7 Updated Nov 16, 2025

dafthack / CloudPentestCheatsheets

This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.

2,773 551 Updated Sep 17, 2024

Arcanum-Sec / msftrecon

Python 752 110 Updated May 7, 2025

Wh1t3Rh1n0 / dns-triage

A simple Python script to do quick, targeted recon of a given domain.

Python 60 11 Updated Apr 17, 2025

prowler-cloud / prowler

Prowler is the world’s most widely used open-source cloud security platform that automates security and compliance across any cloud environment.

Python 12,451 1,884 Updated Dec 18, 2025

nccgroup / ScoutSuite

Multi-Cloud Security Auditing Tool

Python 7,480 1,168 Updated Sep 23, 2025

SecurityFTW / cs-suite

Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.

Shell 1,163 215 Updated Dec 8, 2022

initstring / cloud_enum

Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.

Python 1,976 291 Updated Jul 12, 2025

Mayyhem / Maestro

Abusing Azure services over C2

C# 366 34 Updated May 28, 2025