The fast growth of cloud computing technology has led to immense development in the public and private sectors. Cloud computing provides a high level of virtualization, massive scalability, multitenancy, and elasticity. This has enabled organizations, academia, government departments, and the public to advance with this technology. However, they cannot assuredly place their information in the cloud due to many security threats. Cloud security plays a vital role in establishing confidence between the cloud service providers, consumers, and multi-users to maintain the security levels of their data. Moreover, in the scope of cloud computing, the importance of security testing must be considered. Security testing involves evaluating the cloud infrastructure and applications for vulnerabilities, ensuring that sensitive data remains protected. This paper focused on the challenges, tools, techniques, and methodologies for cloud security testing. Furthermore, the paper introduces the tools offered by three significant CSPs for cloud security testing and the most critical cloud vulnerabilities. It explains some published vulnerabilities around these three major CSPs. Between these three significant CSPs, we focused on Azure offerings for securing their clouds and some known tools for security testing in the cloud. Lastly, we introduced and explained the most essential API vulnerabilities according to OWASP and a suggested way to mitigate them.