Cloud & Azure

MSOLSpray: A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, if the account is locked, or if the account is disabled.

PowerZure: PowerZure is a PowerShell project created to assess and exploit resources within Microsoft’s cloud platform, Azure. PowerZure was created out of the need for a framework that can both perform reconnaissance and exploitation of Azure, AzureAD, and the associated resources.

SharpCloud: Simple C# for checking for the existence of credential files related to AWS, Microsoft Azure, and Google Compute.

MicroBurst: A collection of scripts for assessing Microsoft Azure security.

ROADtools: The Azure AD exploration framework.

SkyArk: SkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS.

BlobHunter: Find exposed data in Azure with this public blob scanner.