{"id":13177,"url":"https://github.com/RyanJarv/awesome-cloud-sec","name":"awesome-cloud-sec","description":"Awesome list for cloud security related projects","projects_count":99,"last_synced_at":"2026-06-13T22:00:29.599Z","repository":{"id":82488846,"uuid":"333629172","full_name":"RyanJarv/awesome-cloud-sec","owner":"RyanJarv","description":"Awesome list for cloud security related projects","archived":false,"fork":false,"pushed_at":"2022-10-04T01:01:11.000Z","size":60,"stargazers_count":153,"open_issues_count":2,"forks_count":28,"subscribers_count":3,"default_branch":"main","last_synced_at":"2026-05-28T07:03:00.229Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/RyanJarv.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2021-01-28T03:01:52.000Z","updated_at":"2026-05-25T09:36:30.000Z","dependencies_parsed_at":null,"dependency_job_id":"a8d83124-6063-42fb-abf5-e35580384c21","html_url":"https://github.com/RyanJarv/awesome-cloud-sec","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/RyanJarv/awesome-cloud-sec","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RyanJarv%2Fawesome-cloud-sec","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RyanJarv%2Fawesome-cloud-sec/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RyanJarv%2Fawesome-cloud-sec/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RyanJarv%2Fawesome-cloud-sec/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/RyanJarv","download_url":"https://codeload.github.com/RyanJarv/awesome-cloud-sec/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RyanJarv%2Fawesome-cloud-sec/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34110012,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-09T02:00:06.510Z","response_time":63,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"created_at":"2024-01-12T20:23:45.852Z","updated_at":"2026-06-13T22:00:29.599Z","primary_language":null,"list_of_lists":false,"displayable":true,"categories":["Other Awesome Lists"],"sub_categories":["Auditing","Resource DBs","Subdomain Takeover","Offensive Security","Misc","Least privilege","Open Policy Agent (OPA)","Terraform","Containers","Non-CloudSec Stuff (TODO: move this elsewhere)","Linting/Static Analysis","Visual Resource Graphing","Infrastructure as Code (IaC)","Vulnerable by design","Secret Scanning","DNS","SAML","General Utilities","Subdomain Enumeration"],"readme":"# awesome-cloud-sec\nAwesome list for cloud (mostly AWS at the moment), security, pentesting related projects and libraries.\n\nNOTE: This isn't an endorsement of any of these projects. I'm mostly using this as a way to keep track of interesting projects I come across.\n\n# AWS\n\n### Info\n  * [aws_exposable_resources](https://github.com/SummitRoute/aws_exposable_resources) -- Resource types that can be publicly exposed on AWS\n  * [aws_managed_policies](https://github.com/z0ph/aws_managed_policies) -- [MAMIP] Monitor AWS Managed IAM Policies Changes\n  * [Security Tool Comparison](https://summitroute.github.io/aws_research/security_tool_comparison.html) -- Comparisons between various security tools.\n  * [aws-public-account-ids](https://github.com/rupertbg/aws-public-account-ids) -- Publicly-listed AWS account IDs for easy lookup. Great for cleaning up false positives from unknown Account IDs in Cloudtrail.\n  \n## Other Awesome Lists\n  * [toniblyx/my-arsenal-of-aws-security-tools](https://github.com/toniblyx/my-arsenal-of-aws-security-tools#other-interesting-toolscode)\n\n### Offensive Security\n  * [pacu](https://github.com/RhinoSecurityLabs/pacu) -- The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.\n  * [liquidswards](https://github.com/RyanJarv/liquidswards) -- Discover and maintain access to IAM roles.\n  * [aws_pwn](https://github.com/dagrz/aws_pwn) -- A collection of AWS penetration testing junk.\n  * [IAMFinder](https://github.com/prisma-cloud/IAMFinder) -- Enumerates and finds users and IAM roles in a target AWS account.\n  * [enumerate-iam](https://github.com/andresriancho/enumerate-iam) -- Brute force enumeration of permissions associated with AWS credential set.\n  * [endgame](https://github.com/brandongalbraith/endgame) -- An AWS Pentesting tool that lets you use one-liner commands to backdoor an AWS account's resources with a rogue AWS account - or share the resources with the entire internet 😈\n  * [WeirdAAL](https://github.com/carnal0wnage/weirdAAL) -- WeirdAAL (AWS Attack Library)\n  * [marionett](https://github.com/RyanJarv/marionett) -- Example of how an attacker might swap user data temporarily to execute arbitrary commands.\n\n### Infrastructure as Code (IaC)\n  * [terraformer](https://github.com/GoogleCloudPlatform/terraformer) -- CLI tool to generate terraform files from existing infrastructure (reverse Terraform). Infrastructure to Code\n  * [former2](https://github.com/iann0036/former2) -- Generate CloudFormation / Terraform / Troposphere templates from your existing AWS resources.\n\n### General Utilities\n  * [coldsnap](https://github.com/awslabs/coldsnap) -- A command line interface for Amazon EBS snapshots\n  * [lsh](https://github.com/tobilg/lsh) -- Run interactive shell commands on AWS Lambda\n  * [dsnap](https://github.com/RhinoSecurityLabs/dsnap) -- Utility for downloading and mounting EBS snapshots using the EBS Direct API's  \n  * [cognitocurl](https://github.com/nordcloud/cognitocurl) -- 🦉🤖Easily sign curl calls to API Gateway with Cognito authorization token.\n* Offline Web Console's\n  * [ScoutSuite](https://github.com/nccgroup/ScoutSuite) -- Multi-Cloud Security Auditing Tool\n* Resource analysis\n  * [awspx](https://github.com/FSecureLABS/awspx) -- Graph-based tool for visualizing effective access and resource relationships.    \n  * [PMapper](https://github.com/nccgroup/PMapper) -- A tool for quickly evaluating IAM permissions in AWS.\n  * [aws_public_ips](https://github.com/arkadiyt/aws_public_ips) -- Fetch all public IP addresses tied to your AWS account. Works with IPv4/IPv6, Classic/VPC networking, and across all AWS services\n    * Fork that handles multiple regions: https://github.com/breser/aws_public_ips\n\n### Resource DBs\n  * [steampipe](https://steampipe.io/) -- The extensible SQL interface to your favorite cloud APIs.\n  * [introspector](https://github.com/goldfiglabs/introspector) -- A schema and set of tools for using SQL to query cloud infrastructure\n  * [cartography](https://github.com/lyft/cartography) -- Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database.\n  * [cloudquery](https://github.com/cloudquery/cloudquery) -- cloudquery transforms your cloud infrastructure into SQL or Graph database for easy monitoring, governance and security.\n\n### Visual Resource Graphing\n  * [cloudsplaining](https://github.com/salesforce/cloudsplaining) -- Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.\n  * [cloudiscovery](https://github.com/Cloud-Architects/cloudiscovery) -- Discover resources in the cloud environment.\n  * [cloudmapper](https://github.com/duo-labs/cloudmapper) -- Analyze your Amazon Web Services (AWS) environments\n    * Note: Takes advantage of existing botocore definitions for discovery.\n  * [hammer](https://github.com/dowjones/hammer) -- Dow Jones Hammer : Protect the cloud with the power of the cloud(AWS)\n  * [cloudscout](https://github.com/SygniaLabs/security-cloud-scout) -- Identify and visualize cross platform attack paths, vulnerabilities, and enhance overall resilience.\n\n### Linting/Static Analysis\n  * [parliament](https://github.com/duo-labs/parliament) -- AWS IAM linting library\n\n### Auditing\n  * [rpCheckup](https://github.com/goldfiglabs/rpCheckup) -- rpCheckup is an AWS resource policy security checkup tool that identifies public, external account access, intra-org account access, and private resources.\n  * [prowler](https://github.com/toniblyx/prowler) -- Best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness.\n  * [AWS Config](https://aws.amazon.com/config/) -- Lambda's that analyze resource state and changes, primarily in AWS but extensible\n  * [cloudsploit](https://github.com/aquasecurity/cloudsploit) -- Cloud Security Posture Management (CSPM)\n  * [smogcloud](https://github.com/BishopFox/smogcloud) -- Find cloud assets that no one wants exposed 🔎 ☁️\n\n### Least privilege\n  * [policy_sentry](https://github.com/salesforce/policy_sentry) -- IAM Least Privilege Policy Generator.\n  * [repokid](https://github.com/Netflix/repokid) -- IAM least privilege service\n  * [cloudtracker](https://github.com/duo-labs/cloudtracker) -- Finds over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies.\n  * [iamlive](https://github.com/iann0036/iamlive) -- Generate a basic IAM policy from AWS client-side monitoring (CSM)\n  * [aws-leastprivilege](https://github.com/iann0036/aws-leastprivilege) -- Generates an IAM policy for the CloudFormation service role that adheres to least privilege.\n\n### Route53DB\n  * [cloudjack](https://github.com/prevade/cloudjack) -- Route53/CloudFront Vulnerability Assessment Utility\n\n### Vulnerable by design\n  * [cloudgoat](https://github.com/RhinoSecurityLabs/cloudgoat) -- CloudGoat is Rhino Security Labs' \"Vulnerable by Design\" AWS deployment tool\n  * [terragoat](https://github.com/bridgecrewio/terragoat) -- TerraGoat is Bridgecrew's \"Vulnerable by Design\" Terraform repository.\n### SAML\n  * [shimit](https://github.com/cyberark/shimit) -- A tool that implements the Golden SAML attack\n\n### DNS\n  * [subfinder](https://github.com/projectdiscovery/subfinder) -- Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.\n\n### Subdomain Enumeration\n  * [ctfr](https://github.com/UnaPibaGeek/ctfr) -- Abusing Certificate Transparency logs for getting HTTPS websites subdomains.\n\n### Subdomain Takeover\n  * [subdover](https://github.com/PushpenderIndia/subdover) -- Subdover is a MultiThreaded Subdomain Takeover Vulnerability Scanner Written In Python3\n  * [cloudjack](https://github.com/prevade/cloudjack) -- Route53/CloudFront Vulnerability Assessment Utility\n  * [can-i-take-over-xyz](https://github.com/EdOverflow/can-i-take-over-xyz) -- \"Can I take over XYZ?\" — a list of services and how to claim (sub)domains with dangling DNS records.\n  * [takeover](https://github.com/m4ll0k/takeover) -- Sub-Domain TakeOver Vulnerability Scanner\n  * [SubOver](https://github.com/Ice3man543/SubOver) -- A Powerful Subdomain Takeover Tool\n\n# Kubernetes\n  * [cheatsheet](https://kubernetes.io/docs/reference/kubectl/cheatsheet/)\n  * [kube-hunter](https://github.com/aquasecurity/kube-hunter) -- Hunt for security weaknesses in Kubernetes clusters\n  * [kubeaudit](https://github.com/Shopify/kubeaudit) -- kubeaudit helps you audit your Kubernetes clusters against common security controls\n  * [kubiscan](https://github.com/cyberark/KubiScan) -- A tool to scan Kubernetes cluster for risky permissions\n  * [kubesploit](https://github.com/cyberark/kubesploit) -- Kubesploit is a cross-platform post-exploitation HTTP/2 Command \u0026 Control server and agent written in Golang, focused on containerized environments.\n  * [kubernetes-rbac-audit](https://github.com/cyberark/kubernetes-rbac-audit) -- Tool for auditing RBACs in Kubernetes\n  * [peirates](https://github.com/inguardians/peirates) -- Peirates - Kubernetes Penetration Testing tool\n  * [cheatsheet](https://spacelift.io/blog/kubernetes-cheat-sheet) -- Kubernetes Cheat Sheet – 15 Kubectl Commands \u0026 Objects\n\n\n  \n\n# GCP\n  * [pydevops](https://gist.github.com/pydevops/cffbd3c694d599c6ca18342d3625af97) -- gcp gcloud cheat sheet\n  * [GCP-IAM-Privilege-Escalation](https://github.com/RhinoSecurityLabs/GCP-IAM-Privilege-Escalation) -- A collection of GCP IAM privilege escalation methods documented by the Rhino Security Labs team.\n  * [ScoutSuite](https://github.com/nccgroup/ScoutSuite) -- Multi-Cloud Security Auditing Tool\n  * [terraformer](https://github.com/GoogleCloudPlatform/terraformer) -- CLI tool to generate terraform files from existing infrastructure (reverse Terraform). Infrastructure to Code\n  * [gcp_enum](https://gitlab.com/gitlab-com/gl-security/security-operations/gl-redteam/gcp_enum) -- A simple bash script to enumerate Google Cloud Platform environments.\n  * [gcp_misc](https://gitlab.com/gitlab-com/gl-security/security-operations/gl-redteam/gcp_misc) -- Miscellaneous tools related to attack operations in Google Cloud Platform.\n  * [gcp_firewall_enum](https://gitlab.com/gitlab-com/gl-security/security-operations/gl-redteam/gcp_firewall_enum) -- Parse gcloud output to enumerate compute instances with network ports exposed to the Internet. Generates targeted nmap and masscan scripts based on the results.\n  * [gcp_k8s_enum](https://gitlab.com/gitlab-com/gl-security/security-operations/gl-redteam/gcp_k8s_enum) -- Enumerate services exposed via GKE.\n\n\n# Azure\n  * [CRT](https://github.com/CrowdStrike/CRT) -- This tool queries the following configurations in the Azure AD/O365 tenant which can shed light on hard to find permissions and configuration settings in order to assist organizations in securing these environments.\n  * [security-cloud-scout](https://github.com/SygniaLabs/security-cloud-scout) -- Cross-Cloud AWS/Azure\n  * [how to applied purple teaming lab build on azure with terraform](https://www.blackhillsinfosec.com/how-to-applied-purple-teaming-lab-build-on-azure-with-terraform/)\n  * [ScoutSuite](https://github.com/nccgroup/ScoutSuite) -- Multi-Cloud Security Auditing Tool\n\n# Other\n\n### Secret Scanning\n  * [DumpsterDiver](https://github.com/securing/DumpsterDiver) -- Tool to search secrets in various filetypes.\n  * [ebs-direct-sec-tools](https://github.com/crypsisgroup/ebs-direct-sec-tools) -- Uses EBS Direct API to scan blocks for secrets\n\n### Terraform\n  * Terraform Static Analysis\n    * [checkov](https://github.com/bridgecrewio/checkov) -- Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.\n    * [terrascan](https://github.com/accurics/terrascan)\n      * Related: [KaiMonkey](https://github.com/accurics/KaiMonkey)  \n    * [tfsec](https://github.com/aquasecurity/tfsec) -- Security scanner for your Terraform code\n    * [kics](https://github.com/Checkmarx/kics) -- Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.\n  * [AirIAM](https://github.com/bridgecrewio/AirIAM) -- Least privilege AWS IAM Terraformer.\n  * [terraform_aws_scp](https://github.com/ScaleSec/terraform_aws_scp) -- AWS Organizations Service Control Policies (SCPs) for Terraform.\n  * [terraformer](https://github.com/GoogleCloudPlatform/terraformer) -- CLI tool to generate terraform files from existing infrastructure (reverse Terraform). Infrastructure to Code\n\n### Containers\n  * [deepce](https://github.com/stealthcopter/deepce/) -- Docker Enumeration, Escalation of Privileges and Container Escapes (DEEPCE).\n  * [ccat](https://github.com/RhinoSecurityLabs/ccat) -- Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.\n  * [trivy](https://github.com/aquasecurity/trivy) -- Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues\n\n### Open Policy Agent (OPA)\n  * [opa](https://github.com/open-policy-agent/opa) -- An open source, general-purpose policy engine.\n  * [fregot](https://github.com/fugue/fregot) -- Alternative REPL to OPA's built-in interpreter.\n  * [policy-hub-cli](https://github.com/policy-hub/policy-hub-cli) -- CLI for searching Rego policies\n  * [conftest](https://github.com/open-policy-agent/conftest) -- Write tests against structured configuration data using the Open Policy Agent Rego query language\n\n### Misc\n  * [website-openid-proxy](https://github.com/wolfeidau/website-openid-proxy) -- This service provides authenticated access to a static website hosted in an s3 bucket.\n  * [Config Conformance Packs](https://asecure.cloud/l/p_conformance_packs/)\n  * [detect-secrets](https://github.com/Yelp/detect-secrets) -- An enterprise friendly way of detecting and preventing secrets in code.\n\n### Non-CloudSec Stuff (TODO: move this elsewhere)\n  * [proxify](https://github.com/projectdiscovery/proxify) -- Swiss Army knife Proxy tool for HTTP/HTTPS traffic capture, manipulation, and replay on the go.\n  * [CloudFail](https://github.com/m0rtem/CloudFail) -- Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network.\n  * [chalice](https://github.com/aws/chalice) -- Python Serverless Microframework for AWS\n  * [placebo](https://github.com/garnaat/placebo) -- Make boto3 calls that look real but have no effect.\n  * [serverlessish](https://github.com/glassechidna/serverlessish) -- Run the same Docker images in AWS Lambda and AWS ECS\n  * [BloodHound](https://github.com/BloodHoundAD/BloodHound) -- Six Degrees of Domain Admin\n  * [ProcMon-for-Linux](https://github.com/Sysinternals/ProcMon-for-Linux) -- Procmon is a Linux reimagining of the classic Procmon tool from the Sysinternals suite of tools for Windows. Procmon provides a convenient and efficient way for Linux developers to trace the syscall activity on the system.\n  * [exec-template](https://github.com/groob/exec-template) -- Super simple go templater.\n  * [leapp](https://github.com/Noovolari/leapp) -- Potential alternative to aws-vault\n","projects_url":"https://awesome.ecosyste.ms/api/v1/lists/ryanjarv%2Fawesome-cloud-sec/projects"}