Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
awesome-cloud-sec
Awesome list for cloud security related projects
https://github.com/RyanJarv/awesome-cloud-sec
Last synced: 3 days ago
JSON representation
-
Other Awesome Lists
-
Resource DBs
- cartography - - Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database.
- introspector - - A schema and set of tools for using SQL to query cloud infrastructure
- cloudquery - - cloudquery transforms your cloud infrastructure into SQL or Graph database for easy monitoring, governance and security.
- steampipe - - The extensible SQL interface to your favorite cloud APIs.
-
Subdomain Takeover
- takeover - - Sub-Domain TakeOver Vulnerability Scanner
- subdover - - Subdover is a MultiThreaded Subdomain Takeover Vulnerability Scanner Written In Python3
- SubOver - - A Powerful Subdomain Takeover Tool
- kube-hunter - - Hunt for security weaknesses in Kubernetes clusters
- kubeaudit - - kubeaudit helps you audit your Kubernetes clusters against common security controls
- kubiscan - - A tool to scan Kubernetes cluster for risky permissions
- kubesploit - - Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized environments.
- kubernetes-rbac-audit - - Tool for auditing RBACs in Kubernetes
- peirates - - Peirates - Kubernetes Penetration Testing tool
- GCP-IAM-Privilege-Escalation - - A collection of GCP IAM privilege escalation methods documented by the Rhino Security Labs team.
- CRT - - This tool queries the following configurations in the Azure AD/O365 tenant which can shed light on hard to find permissions and configuration settings in order to assist organizations in securing these environments.
- cheatsheet - - Kubernetes Cheat Sheet – 15 Kubectl Commands & Objects
- pydevops - - gcp gcloud cheat sheet
- how to applied purple teaming lab build on azure with terraform
- cloudjack - - Route53/CloudFront Vulnerability Assessment Utility
- can-i-take-over-xyz - - "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
- ScoutSuite - - Multi-Cloud Security Auditing Tool
- security-cloud-scout - - Cross-Cloud AWS/Azure
- gcp_k8s_enum - - Enumerate services exposed via GKE.
-
Offensive Security
- pacu - - The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
- aws_pwn - - A collection of AWS penetration testing junk.
- IAMFinder - - Enumerates and finds users and IAM roles in a target AWS account.
- enumerate-iam - - Brute force enumeration of permissions associated with AWS credential set.
- WeirdAAL - - WeirdAAL (AWS Attack Library)
- marionett - - Example of how an attacker might swap user data temporarily to execute arbitrary commands.
- liquidswards - - Discover and maintain access to IAM roles.
- endgame - - An AWS Pentesting tool that lets you use one-liner commands to backdoor an AWS account's resources with a rogue AWS account - or share the resources with the entire internet 😈
-
Infrastructure as Code (IaC)
- former2 - - Generate CloudFormation / Terraform / Troposphere templates from your existing AWS resources.
-
General Utilities
- coldsnap - - A command line interface for Amazon EBS snapshots
- lsh - - Run interactive shell commands on AWS Lambda
- dsnap - - Utility for downloading and mounting EBS snapshots using the EBS Direct API's
- cognitocurl - - 🦉🤖Easily sign curl calls to API Gateway with Cognito authorization token.
- PMapper - - A tool for quickly evaluating IAM permissions in AWS.
- aws_public_ips - - Fetch all public IP addresses tied to your AWS account. Works with IPv4/IPv6, Classic/VPC networking, and across all AWS services
- awspx - - Graph-based tool for visualizing effective access and resource relationships.
-
Visual Resource Graphing
- cloudsplaining - - Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.
- cloudiscovery - - Discover resources in the cloud environment.
- cloudmapper - - Analyze your Amazon Web Services (AWS) environments
- hammer - - Dow Jones Hammer : Protect the cloud with the power of the cloud(AWS)
-
Linting/Static Analysis
- parliament - - AWS IAM linting library
-
Auditing
- rpCheckup - - rpCheckup is an AWS resource policy security checkup tool that identifies public, external account access, intra-org account access, and private resources.
- cloudsploit - - Cloud Security Posture Management (CSPM)
- smogcloud - - Find cloud assets that no one wants exposed 🔎 ☁️
- AWS Config - - Lambda's that analyze resource state and changes, primarily in AWS but extensible
- prowler - - Best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness.
-
Least privilege
- policy_sentry - - IAM Least Privilege Policy Generator.
- repokid - - IAM least privilege service
- cloudtracker - - Finds over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies.
- iamlive - - Generate a basic IAM policy from AWS client-side monitoring (CSM)
- aws-leastprivilege - - Generates an IAM policy for the CloudFormation service role that adheres to least privilege.
-
Vulnerable by design
-
SAML
- shimit - - A tool that implements the Golden SAML attack
-
DNS
- subfinder - - Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.
-
Subdomain Enumeration
- ctfr - - Abusing Certificate Transparency logs for getting HTTPS websites subdomains.
-
Secret Scanning
- DumpsterDiver - - Tool to search secrets in various filetypes.
- ebs-direct-sec-tools - - Uses EBS Direct API to scan blocks for secrets
-
Terraform
- checkov - - Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.
- KaiMonkey
- tfsec - - Security scanner for your Terraform code
- kics - - Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.
- AirIAM - - Least privilege AWS IAM Terraformer.
- terraform_aws_scp - - AWS Organizations Service Control Policies (SCPs) for Terraform.
- terraformer - - CLI tool to generate terraform files from existing infrastructure (reverse Terraform). Infrastructure to Code
- terrascan
-
Containers
- deepce - - Docker Enumeration, Escalation of Privileges and Container Escapes (DEEPCE).
- ccat - - Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.
- trivy - - Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues
-
Open Policy Agent (OPA)
- opa - - An open source, general-purpose policy engine.
- fregot - - Alternative REPL to OPA's built-in interpreter.
- policy-hub-cli - - CLI for searching Rego policies
- conftest - - Write tests against structured configuration data using the Open Policy Agent Rego query language
-
Misc
- website-openid-proxy - - This service provides authenticated access to a static website hosted in an s3 bucket.
- detect-secrets - - An enterprise friendly way of detecting and preventing secrets in code.
- Config Conformance Packs
-
Non-CloudSec Stuff (TODO: move this elsewhere)
- proxify - - Swiss Army knife Proxy tool for HTTP/HTTPS traffic capture, manipulation, and replay on the go.
- CloudFail - - Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network.
- chalice - - Python Serverless Microframework for AWS
- placebo - - Make boto3 calls that look real but have no effect.
- serverlessish - - Run the same Docker images in AWS Lambda and AWS ECS
- BloodHound - - Six Degrees of Domain Admin
- ProcMon-for-Linux - - Procmon is a Linux reimagining of the classic Procmon tool from the Sysinternals suite of tools for Windows. Procmon provides a convenient and efficient way for Linux developers to trace the syscall activity on the system.
- exec-template - - Super simple go templater.
- leapp - - Potential alternative to aws-vault
-
Programming Languages
Categories
Sub Categories
Subdomain Takeover
19
Non-CloudSec Stuff (TODO: move this elsewhere)
9
Offensive Security
8
Terraform
8
General Utilities
7
Least privilege
5
Auditing
5
Resource DBs
4
Open Policy Agent (OPA)
4
Visual Resource Graphing
4
Misc
3
Containers
3
Vulnerable by design
2
Secret Scanning
2
Linting/Static Analysis
1
Subdomain Enumeration
1
Infrastructure as Code (IaC)
1
DNS
1
SAML
1
Keywords
aws
33
security
16
kubernetes
11
aws-security
11
cloud
10
terraform
8
iam
8
devsecops
7
azure
7
gcp
7
security-tools
7
infrastructure-as-code
6
cloudsecurity
6
cloud-security
5
golang
5
pentesting
5
python
4
infosec
4
python3
4
cspm
4
iac
4
aws-lambda
4
go
4
docker
3
devops
3
compliance
3
subdomain
3
bugbounty
3
open-policy-agent
3
vulnerability-scanners
3
cloudformation
3
aws-iam
3
static-analysis
2
salesforce
2
scans
2
cloud-native
2
vulnerability
2
pentest
2
sql
2
authorization
2
misconfiguration
2
scanner
2
containers
2
google
2
iam-policy
2
vulnerability-detection
2
lambda
2
opa
2
auditing
2
subdomain-takeover
2