Awesome Open Source

Programming Languages

Search results for amazon web services security tools

amazon-web-services x

security-tools x

2 search results found

Prowler ⭐ 9,478

Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more

My Arsenal Of Aws Security Tools ⭐ 8,549

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

Terrascan ⭐ 4,461

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

Privacy.sexy ⭐ 3,241

Open-source tool to enforce privacy & security best-practices on Windows, macOS and Linux, because privacy is sexy

Consoleme ⭐ 3,025

A Central Control Plane for AWS Permissions and Access

Matano ⭐ 1,259

Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS

Requests Ip Rotator ⭐ 1,109

A Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing.

Terraform Aws Secure Baseline ⭐ 1,078

Terraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.

Awesome Aws Security ⭐ 878

Curated list of links, references, books videos, tutorials (Free or Paid), Exploit, CTFs, Hacking Practices etc. which are related to AWS Security

The universal GraphQL API and CSPM tool for AWS, Azure, GCP, K8s, and tencent.

Electriceye ⭐ 794

ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring supporting 100s of services and evaluations to harden your CSP & SaaS environments with controls mapped to over 20 industry, regulatory, and best practice controls frameworks

SkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS

Zeuscloud ⭐ 628

Open Source Cloud Security

Kubestriker ⭐ 500

A Blazing fast Security Auditing tool for Kubernetes

Awesome Bbht ⭐ 390

A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.

Aws Sso Cli ⭐ 341

A powerful tool for using AWS Identity Center for the CLI and web console.

Domain Protect ⭐ 340

OWASP Domain Protect - prevent subdomain takeover

S3 Buckets Finder ⭐ 325

Find AWS S3 buckets and test their permissions.

Smogcloud ⭐ 299

Find cloud assets that no one wants exposed 🔎 ☁️

Cloudfrunt ⭐ 257

A tool for identifying misconfigured CloudFront domains

AWS Identity and Access Management Visualizer and Anomaly Finder

Aws Security Toolbox ⭐ 247

AWS Security Tools (AST) in a simple Docker container. 📦

Awskeytools ⭐ 241

AWS云平台 AccessKey 泄漏利用工具

Strongbox ⭐ 241

A secret manager for AWS

Aws Auto Remediate ⭐ 219

Open source application to instantly remediate common security issues through the use of AWS Config

Assisted Log Enabler For Aws ⭐ 203

Assisted Log Enabler for AWS - Find AWS resources that are not logging, and turn them on.

Iamzero ⭐ 168

Identity & Access Management simplified and secure.

A Cloud Security Posture Manager or CSPM with a focus on security analysis for the modern cloud stack and a focus on the emerging threat landscape such as cloud ransomware and supply chain attacks.

Squealer ⭐ 140

Telling tales on you for leaking secrets!

Scan publicly accessible assets on your AWS cloud environment

Aws Enumerator ⭐ 99

The AWS Enumerator was created for service enumeration and info dumping for investigations of penetration testers during Black-Box testing. The tool is intended to speed up the process of Cloud review in case the security researcher compromised AWS Account Credentials.

Aws Securitygroup Grapher ⭐ 91

This ansible role gets information from an AWS VPC and generate a graphical representation of security groups

Quiet Riot ⭐ 90

Unauthenticated enumeration of AWS, Azure, and GCP Principals

Cloudhunter ⭐ 78

AWS, Azure, Alibaba and Google bucket scanner

one-stop resource for all things offensive security.

Certonid ⭐ 73

Certonid is a Serverless SSH Certificate Authority

Trapdoor ⭐ 68

Serverless honeytoken 🕵🏻‍♂️

Building Operational Visibility Into (n) Environments

Aws Least Privilege ⭐ 62

Use AWS X-Ray to reach Least Privilege

Brainiac ⭐ 53

BrainIAC uses static code analysis to analyze IAC code to detect security issues before deployment. This tool can scan for issues like security policy misconfigurations, insecure cloud-based services, and compliance issues.

Introspector ⭐ 52

A schema and set of tools for using SQL to query cloud infrastructure.

Securely store environment variables and secrets in the cloud of your choice.

Enumerate AWS cloud resources based on provided credential

S3 Fuzzer ⭐ 44

🔐 A concurrent, command-line AWS S3 Fuzzer. Written in Go.

S3bucketlist ⭐ 41

Chrome extension that lists Amazon S3 Buckets while browsing

Aws Tower ⭐ 37

AWS Tower give the ability to discover and monitor AWS account to find vulnerabilities or misconfigurations. Give also a brief overview for non-AWS expert. Not related at all of the AWS Trusted Advisor.

Breaking Cloud Native Web APIs in their natural habitat.

Policyglass ⭐ 34

PolicyGlass allows you to analyse one or more AWS policies' effective permissions in aggregate, by restating them in the form of PolicyShards which are always Allow, never Deny.

A multi-cloud DNS record scanner that aims to help cybersecurity/IT analysts identify dangling CNAME records in their cloud DNS services that could possibly lead to subdomain takeover scenarios.

Syntheticsun ⭐ 23

SyntheticSun is a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, managed AWS security services and, serverless technologies to continuously prevent, detect and respond to threats.

Garrison ⭐ 23

Security, Compliance and Informational Dashboard System

Infra Multi Account Region Startup Kit ⭐ 21

Set up AWS infrastructure with terragrunt and terraform in multiple accounts and regions startup kit.

Deprecated Patrol Rules Aws ⭐ 16

A set of functions implemented using lambda-cfn to monitor an organization's AWS infrastructure for best practices, security and compliance.

Darkbit Cloud Security Tools

Terraform Aws Secure Vpc ⭐ 13

A terraform module to create a VPC with secure default configurations.

Aws Security 365 ⭐ 11

A collection of open source tools to assess, harden and audit various AWS services from a security perspective

Aws Loot ⭐ 11

Pull secrets from an AWS environment

Aws Sec Tools ⭐ 10

Docker container bundling tools for manual AWS security reviews

Awsresecurity ⭐ 10

Interactive learning Platform on #AWSSecurity and #BlueTeam

Python Prowler Container ⭐ 9

Minimalist containerized implementation of Prowler from https://github.com/toniblyx/prowler, made to run within ECS Fargate and have Secrets passed via AWS Secrets Manager

Multi Cloud Antivirus Scanning API using YARA and CLAMAV for AWS S3, Azure Blob Storage and GCP Cloud Storage

S3 bucket finder from html,js and bucket misconfiguration testing tool

Useful_resources ⭐ 8

Links to security tools and resources

Ownbucket ⭐ 8

A Python based Recon Tool to search for Storage Buckets

Awsecure Cli ⭐ 6

An AWS CLI wrapper that enables, transparently, AWS Access Keys auto-rotation, MFA, and encrypted AWS credentials file.

NoirGate provides on-demand ephemeral anonymous shells secured by TOTP

Cloud Custodian Aws Policies ⭐ 6

CloudCustodian Rules engine for cloud security and governance, DSL in yaml for policies to query, filter, and take actions on resources

Aws Iam Credential Report ⭐ 6

AWS CloudFormation templates and Python code for AWS blog post on how to automate IAM credential reports at scale across AWS.

Docker Cloudsploit ⭐ 5

dockerized-cloudsplot, CloudSploit is a security and configuration scanner that can detect hundreds of threats in your AWS account. Don't let a single misstep compromise your entire infrastructure.

Related Searches

Python Amazon Web Services (8,120)

Amazon Web Services Lambda Functions (7,495)

Amazon Web Services Terraform (4,243)

Amazon Web Services Serverless (4,018)

Amazon Web Services Hcl (3,473)

Golang Amazon Web Services (2,930)

Docker Amazon Web Services (2,864)

Amazon Web Services Aws Lambda (2,670)

Amazon Web Services Cloudformation (2,431)

Typescript Amazon Web Services (2,321)

1-2 of 2 search results

Privacy | About | Terms | Follow Us On Twitter

Copyright 2018-2024 Awesome Open Source. All rights reserved.