CloudSecLists is a collection of tools that are useful for securing a cloud environment. This list will start off fairly simple, then once I get enough things added I will separate the tools into Blue Team, Red Team, and maybe Purple Team. I will try to come up with a system to let the user knows if they are useful for AWS, Azure, GCP, etc...
AWS Well Architected Labs: Security - The security labs are documentation and code in the format of hands-on labs to help you learn, measure, and build using architectural best practices.
Metasploit: enum_iam - Provided AWS credentials, this module will call the authenticated API of Amazon Web Services to list all IAM credentials associated with the account
Metasploit: enum_ec2 - Provided AWS credentials, this module will call the authenticated API of Amazon Web Services to list all EC2 instances associated with the account
Metasploit: enum_s3 - Provided AWS credentials, this module will call the authenticated API of Amazon Web Services to list all S3 buckets associated with the account
Grayhat Warfare Public Bucket Search - Search engine for finding open S3 buckets.
S3Scanner - A tool to find open S3 buckets and dump their contents
S3-Inspector - Checks all your buckets for public access
AWS Extender - This Burp Suite extension can identify and test S3 buckets as well as Google Storage buckets and Azure Storage containers for common misconfiguration issues using the boto/boto3 SDK library.
minio - Set up a local S3 type lab you can test your scripts against. See https://medium.com/@jonathanchelmus/creating-an-s3-lab-on-an-ec2-instance-95ffd8ac6c1
Recon-Public-Buckets - Example of using bash + aws cli against a list of buckets to see if you have public buckets in your environment.
cfn_nag - Cloudformation template scanner. DevSecOps. My favorite of the Open Source ones.
checkov - Cloudformation template scanner. DevSecOps.
LambdaGuard - Audit and scan Lambda services
Python, Boto3, and AWS S3: Demystified - Work with S3 via Python Boto3 module.
Dustin Butterworth - dustin.butterworth@protonmail.com
AWS Penetration Testing by Jonathan Helmus - Many tools from this list gathered from this book. Highly recommend buying it!