An AWS IAM policy statement parser and query tool.

The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

Proof-of-Concept exploits for CVEs found by the team at Rhino Security Labs

Utility for downloading and mounting EBS snapshots using the EBS Direct API's

Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.

A collection of GCP IAM privilege escalation methods documented by the Rhino Security Labs team.

A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated.

A tool geared towards pentesting APIs using OpenAPI definitions.

CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.