Skip to content

Commit

Permalink
Merge pull request #663 from cfpadok/develop
Browse files Browse the repository at this point in the history
feat: add cognito-scanner tool for AWS pentest
  • Loading branch information
swisskyrepo authored Oct 9, 2023
2 parents 12e5672 + 538a7b0 commit 103f418
Showing 1 changed file with 11 additions and 0 deletions.
11 changes: 11 additions & 0 deletions Methodology and Resources/Cloud - AWS Pentest.md
Original file line number Diff line number Diff line change
Expand Up @@ -197,6 +197,17 @@
find_admins: Look at IAM policies to identify admin users and roles, or principals with specific privileges
```
* [Cognito Scanner](https://github.com/padok-team/cognito-scanner) - A CLI tool for executing attacks on cognito such as *Unwanted account creation*, *Account Oracle* and *Identity Pool escalation*.
```bash
# Installation
$ pip install cognito-scanner
# Usage
$ cognito-scanner --help
# Get information about how to use the unwanted account creation script
$ cogntio-scanner account-creation --help
# For more details go to https://github.com/padok-team/cognito-scanner
```
* [dufflebag](https://labs.bishopfox.com/dufflebag) - Find secrets that are accidentally exposed via Amazon EBS's "public" mode
* [NetSPI/AWS Consoler](https://github.com/NetSPI/aws_consoler) - Convert AWS Credentials into a console access
Expand Down

0 comments on commit 103f418

Please sign in to comment.