CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.

An AWS IAM policy statement parser and query tool.

A collection of GCP IAM privilege escalation methods documented by the Rhino Security Labs team.

Proof-of-Concept exploits for CVEs found by the team at Rhino Security Labs

Utility for downloading and mounting EBS snapshots using the EBS Direct API's

A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated.

A tool geared towards pentesting APIs using OpenAPI definitions.

CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.