Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/paulveillard/cybersecurity-aws-tools

An ongoing collection of of AWS tools, frameworks, libraries, learning tutorials for InfoSec and security professionals
https://github.com/paulveillard/cybersecurity-aws-tools

aws aws-certifications aws-developer aws-ec2 aws-iam-policies aws-secrets-manager aws-security aws-security-automation aws-security-resources cybersecurity-education cybersecurity-training hacking-tools infosec-news infosec-reference pentesting-tools security-tools solutions-architect solutions-engineering

Last synced: 11 months ago
JSON representation

An ongoing collection of of AWS tools, frameworks, libraries, learning tutorials for InfoSec and security professionals

Awesome Lists containing this project

README 

          
# AWS Tools for Cybersecurity



###### Welcome to the World of AWS Tools in Cybersecurity:

> A collection of awesome software, libraries, frameworks, learning tutorials,  documents, books, resources and cool stuff about AWS tools.

> Thanks to all contributors, you're awesome and wouldn't be possible without you! Our goal is to build a categorized community-driven collection of very well-known resources.



[AWS](https://aws.amazon.com/security/?nc=sn&loc=0) Tools for Cybersecurity is an ongoing curated list of tools, frameworks, libraries, learning tutorials for infosec and security professionals



![aws-security](https://github.com/paulveillard/cybersecurity-aws-tools/blob/main/img/aws-security.png)



## Table of Contents



- [Defensive](#defensive-hardening-security-assessment-and-inventory)

- [Offensive](#offensive)

- [Continuous Security Auditing](#continuous-security-auditing)

- [Digital Forensics and Incident Response](#digital-forensics-and-incident-response)

- [Development Security](#development-security)

- [S3 Buckets Auditing](#s3-buckets-auditing)

- [Training](#training)

- [Other interesting tools/code](#other-interesting-toolscode)



## Defensive: Hardening, Security Assessment and Inventory

| Name | URL | Description | Popularity | Metadata |

| ---------- | :---------- | :---------- | :----------: | :----------: |

| **ScoutSuite** | [https://github.com/nccgroup/ScoutSuite](https://github.com/nccgroup/ScoutSuite) | Multi-Cloud Security auditing tool for AWS Google Cloud and Azure environments (python) |[![stars](https://badgen.net/github/stars/nccgroup/ScoutSuite)](https://badgen.net/github/stars/nccgroup/ScoutSuite)| [![contributors](https://badgen.net/github/contributors/nccgroup/ScoutSuite)](https://badgen.net/github/contributors/nccgroup/ScoutSuite)[![watchers](https://badgen.net/github/watchers/nccgroup/ScoutSuite)](https://badgen.net/github/watchers/nccgroup/ScoutSuite)[![last-commit](https://badgen.net/github/last-commit/nccgroup/ScoutSuite)](https://badgen.net/github/last-commit/nccgroup/ScoutSuite) [![open-issues](https://badgen.net/github/open-issues/nccgroup/ScoutSuite)](https://badgen.net/github/open-issues/nccgroup/ScoutSuite) [![closed-issues](https://badgen.net/github/closed-issues/nccgroup/ScoutSuite)](https://badgen.net/github/closed-issues/nccgroup/ScoutSuite) |

| **Prowler** | [https://github.com/toniblyx/prowler](https://github.com/toniblyx/prowler) | CIS benchmarks and additional checks for security best practices in AWS (bash and python components) |[![stars](https://badgen.net/github/stars/toniblyx/prowler)](https://badgen.net/github/stars/toniblyx/prowler)| [![contributors](https://badgen.net/github/contributors/toniblyx/prowler)](https://badgen.net/github/contributors/toniblyx/prowler)[![watchers](https://badgen.net/github/watchers/toniblyx/prowler)](https://badgen.net/github/watchers/toniblyx/prowler)[![last-commit](https://badgen.net/github/last-commit/toniblyx/prowler)](https://badgen.net/github/last-commit/toniblyx/prowler) [![open-issues](https://badgen.net/github/open-issues/toniblyx/prowler)](https://badgen.net/github/open-issues/toniblyx/prowler) [![closed-issues](https://badgen.net/github/closed-issues/toniblyx/prowler)](https://badgen.net/github/closed-issues/toniblyx/prowler) |

| **CloudSploit Scans** | [https://github.com/cloudsploit/scans](https://github.com/cloudsploit/scans) | AWS security scanning checks (NodeJS) |[![stars](https://badgen.net/github/stars/cloudsploit/scans)](https://badgen.net/github/stars/cloudsploit/scans)| [![contributors](https://badgen.net/github/contributors/cloudsploit/scans)](https://badgen.net/github/contributors/cloudsploit/scans)[![watchers](https://badgen.net/github/watchers/cloudsploit/scans)](https://badgen.net/github/watchers/cloudsploit/scans)[![last-commit](https://badgen.net/github/last-commit/cloudsploit/scans)](https://badgen.net/github/last-commit/cloudsploit/scans) [![open-issues](https://badgen.net/github/open-issues/cloudsploit/scans)](https://badgen.net/github/open-issues/cloudsploit/scans) [![closed-issues](https://badgen.net/github/closed-issues/cloudsploit/scans)](https://badgen.net/github/closed-issues/cloudsploit/scans) |

| **CloudMapper** | [https://github.com/duo-labs/cloudmapper](https://github.com/duo-labs/cloudmapper) | helps you analyze your AWS environments (Python) |[![stars](https://badgen.net/github/stars/duo-labs/cloudmapper)](https://badgen.net/github/stars/duo-labs/cloudmapper)| [![contributors](https://badgen.net/github/contributors/duo-labs/cloudmapper)](https://badgen.net/github/contributors/duo-labs/cloudmapper)[![watchers](https://badgen.net/github/watchers/duo-labs/cloudmapper)](https://badgen.net/github/watchers/duo-labs/cloudmapper)[![last-commit](https://badgen.net/github/last-commit/duo-labs/cloudmapper)](https://badgen.net/github/last-commit/duo-labs/cloudmapper) [![open-issues](https://badgen.net/github/open-issues/duo-labs/cloudmapper)](https://badgen.net/github/open-issues/duo-labs/cloudmapper) [![closed-issues](https://badgen.net/github/closed-issues/duo-labs/cloudmapper)](https://badgen.net/github/closed-issues/duo-labs/cloudmapper) |

| **CloudTracker** | [https://github.com/duo-labs/cloudtracker](https://github.com/duo-labs/cloudtracker) | helps you find over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies (Python) |[![stars](https://badgen.net/github/stars/duo-labs/cloudtracker)](https://badgen.net/github/stars/duo-labs/cloudtracker)| [![contributors](https://badgen.net/github/contributors/duo-labs/cloudtracker)](https://badgen.net/github/contributors/duo-labs/cloudtracker)[![watchers](https://badgen.net/github/watchers/duo-labs/cloudtracker)](https://badgen.net/github/watchers/duo-labs/cloudtracker)[![last-commit](https://badgen.net/github/last-commit/duo-labs/cloudtracker)](https://badgen.net/github/last-commit/duo-labs/cloudtracker) [![open-issues](https://badgen.net/github/open-issues/duo-labs/cloudtracker)](https://badgen.net/github/open-issues/duo-labs/cloudtracker) [![closed-issues](https://badgen.net/github/closed-issues/duo-labs/cloudtracker)](https://badgen.net/github/closed-issues/duo-labs/cloudtracker) |

| **AWS Security Benchmarks** | [https://github.com/awslabs/aws-security-benchmark](https://github.com/awslabs/aws-security-benchmark) | scripts and templates guidance related to the AWS CIS Foundation framework (Python) |[![stars](https://badgen.net/github/stars/awslabs/aws-security-benchmark)](https://badgen.net/github/stars/awslabs/aws-security-benchmark)| [![contributors](https://badgen.net/github/contributors/awslabs/aws-security-benchmark)](https://badgen.net/github/contributors/awslabs/aws-security-benchmark)[![watchers](https://badgen.net/github/watchers/awslabs/aws-security-benchmark)](https://badgen.net/github/watchers/awslabs/aws-security-benchmark)[![last-commit](https://badgen.net/github/last-commit/awslabs/aws-security-benchmark)](https://badgen.net/github/last-commit/awslabs/aws-security-benchmark) [![open-issues](https://badgen.net/github/open-issues/awslabs/aws-security-benchmark)](https://badgen.net/github/open-issues/awslabs/aws-security-benchmark) [![closed-issues](https://badgen.net/github/closed-issues/awslabs/aws-security-benchmark)](https://badgen.net/github/closed-issues/awslabs/aws-security-benchmark) |

| **AWS Public IPs** | [https://github.com/arkadiyt/aws_public_ips](https://github.com/arkadiyt/aws_public_ips) | Fetch all public IP addresses tied to your AWS account. Works with IPv4/IPv6  Classic/VPC networking  and across all AWS services (Ruby) |[![stars](https://badgen.net/github/stars/arkadiyt/aws_public_ips)](https://badgen.net/github/stars/arkadiyt/aws_public_ips)| [![contributors](https://badgen.net/github/contributors/arkadiyt/aws_public_ips)](https://badgen.net/github/contributors/arkadiyt/aws_public_ips)[![watchers](https://badgen.net/github/watchers/arkadiyt/aws_public_ips)](https://badgen.net/github/watchers/arkadiyt/aws_public_ips)[![last-commit](https://badgen.net/github/last-commit/arkadiyt/aws_public_ips)](https://badgen.net/github/last-commit/arkadiyt/aws_public_ips) [![open-issues](https://badgen.net/github/open-issues/arkadiyt/aws_public_ips)](https://badgen.net/github/open-issues/arkadiyt/aws_public_ips) [![closed-issues](https://badgen.net/github/closed-issues/arkadiyt/aws_public_ips)](https://badgen.net/github/closed-issues/arkadiyt/aws_public_ips) |

| **PMapper** | [https://github.com/nccgroup/PMapper](https://github.com/nccgroup/PMapper) | Advanced and Automated AWS IAM Evaluation (Python) |[![stars](https://badgen.net/github/stars/nccgroup/PMapper)](https://badgen.net/github/stars/nccgroup/PMapper)| [![contributors](https://badgen.net/github/contributors/nccgroup/PMapper)](https://badgen.net/github/contributors/nccgroup/PMapper)[![watchers](https://badgen.net/github/watchers/nccgroup/PMapper)](https://badgen.net/github/watchers/nccgroup/PMapper)[![last-commit](https://badgen.net/github/last-commit/nccgroup/PMapper)](https://badgen.net/github/last-commit/nccgroup/PMapper) [![open-issues](https://badgen.net/github/open-issues/nccgroup/PMapper)](https://badgen.net/github/open-issues/nccgroup/PMapper) [![closed-issues](https://badgen.net/github/closed-issues/nccgroup/PMapper)](https://badgen.net/github/closed-issues/nccgroup/PMapper) |

| **nccgroup AWS-Inventory** | [https://github.com/nccgroup/aws-inventory](https://github.com/nccgroup/aws-inventory) | Make a inventory of all your resources across regions (Python) |[![stars](https://badgen.net/github/stars/nccgroup/aws-inventory)](https://badgen.net/github/stars/nccgroup/aws-inventory)| [![contributors](https://badgen.net/github/contributors/nccgroup/aws-inventory)](https://badgen.net/github/contributors/nccgroup/aws-inventory)[![watchers](https://badgen.net/github/watchers/nccgroup/aws-inventory)](https://badgen.net/github/watchers/nccgroup/aws-inventory)[![last-commit](https://badgen.net/github/last-commit/nccgroup/aws-inventory)](https://badgen.net/github/last-commit/nccgroup/aws-inventory) [![open-issues](https://badgen.net/github/open-issues/nccgroup/aws-inventory)](https://badgen.net/github/open-issues/nccgroup/aws-inventory) [![closed-issues](https://badgen.net/github/closed-issues/nccgroup/aws-inventory)](https://badgen.net/github/closed-issues/nccgroup/aws-inventory) |

| **Resource Counter** | [https://github.com/disruptops/resource-counter](https://github.com/disruptops/resource-counter) | Counts number of resources in categories across regions |[![stars](https://badgen.net/github/stars/disruptops/resource-counter)](https://badgen.net/github/stars/disruptops/resource-counter)| [![contributors](https://badgen.net/github/contributors/disruptops/resource-counter)](https://badgen.net/github/contributors/disruptops/resource-counter)[![watchers](https://badgen.net/github/watchers/disruptops/resource-counter)](https://badgen.net/github/watchers/disruptops/resource-counter)[![last-commit](https://badgen.net/github/last-commit/disruptops/resource-counter)](https://badgen.net/github/last-commit/disruptops/resource-counter) [![open-issues](https://badgen.net/github/open-issues/disruptops/resource-counter)](https://badgen.net/github/open-issues/disruptops/resource-counter) [![closed-issues](https://badgen.net/github/closed-issues/disruptops/resource-counter)](https://badgen.net/github/closed-issues/disruptops/resource-counter) |

| **ICE** | [https://github.com/Teevity/ice](https://github.com/Teevity/ice) | Ice provides insights from a usage and cost perspective  with high detail dashboards. |[![stars](https://badgen.net/github/stars/Teevity/ice)](https://badgen.net/github/stars/Teevity/ice)| [![contributors](https://badgen.net/github/contributors/Teevity/ice)](https://badgen.net/github/contributors/Teevity/ice)[![watchers](https://badgen.net/github/watchers/Teevity/ice)](https://badgen.net/github/watchers/Teevity/ice)[![last-commit](https://badgen.net/github/last-commit/Teevity/ice)](https://badgen.net/github/last-commit/Teevity/ice) [![open-issues](https://badgen.net/github/open-issues/Teevity/ice)](https://badgen.net/github/open-issues/Teevity/ice) [![closed-issues](https://badgen.net/github/closed-issues/Teevity/ice)](https://badgen.net/github/closed-issues/Teevity/ice) |

| **SkyArk** | [https://github.com/cyberark/SkyArk](https://github.com/cyberark/SkyArk) | SkyArk provides advanced discovery and security assessment for the most privileged entities in the tested AWS.  |[![stars](https://badgen.net/github/stars/cyberark/SkyArk)](https://badgen.net/github/stars/cyberark/SkyArk)| [![contributors](https://badgen.net/github/contributors/cyberark/SkyArk)](https://badgen.net/github/contributors/cyberark/SkyArk)[![watchers](https://badgen.net/github/watchers/cyberark/SkyArk)](https://badgen.net/github/watchers/cyberark/SkyArk)[![last-commit](https://badgen.net/github/last-commit/cyberark/SkyArk)](https://badgen.net/github/last-commit/cyberark/SkyArk) [![open-issues](https://badgen.net/github/open-issues/cyberark/SkyArk)](https://badgen.net/github/open-issues/cyberark/SkyArk) [![closed-issues](https://badgen.net/github/closed-issues/cyberark/SkyArk)](https://badgen.net/github/closed-issues/cyberark/SkyArk) |

| **Trailblazer AWS** | [https://github.com/willbengtson/trailblazer-aws](https://github.com/willbengtson/trailblazer-aws) | Trailblazer AWS  determine what AWS API calls are logged by CloudTrail and what they are logged as. You can also use TrailBlazer as an attack simulation framework. |[![stars](https://badgen.net/github/stars/willbengtson/trailblazer-aws)](https://badgen.net/github/stars/willbengtson/trailblazer-aws)| [![contributors](https://badgen.net/github/contributors/willbengtson/trailblazer-aws)](https://badgen.net/github/contributors/willbengtson/trailblazer-aws)[![watchers](https://badgen.net/github/watchers/willbengtson/trailblazer-aws)](https://badgen.net/github/watchers/willbengtson/trailblazer-aws)[![last-commit](https://badgen.net/github/last-commit/willbengtson/trailblazer-aws)](https://badgen.net/github/last-commit/willbengtson/trailblazer-aws) [![open-issues](https://badgen.net/github/open-issues/willbengtson/trailblazer-aws)](https://badgen.net/github/open-issues/willbengtson/trailblazer-aws) [![closed-issues](https://badgen.net/github/closed-issues/willbengtson/trailblazer-aws)](https://badgen.net/github/closed-issues/willbengtson/trailblazer-aws) |

| **Lunar** | [https://github.com/lateralblast/lunar](https://github.com/lateralblast/lunar) | Security auditing tool based on several security frameworks (it does some AWS checks) |[![stars](https://badgen.net/github/stars/lateralblast/lunar)](https://badgen.net/github/stars/lateralblast/lunar)| [![contributors](https://badgen.net/github/contributors/lateralblast/lunar)](https://badgen.net/github/contributors/lateralblast/lunar)[![watchers](https://badgen.net/github/watchers/lateralblast/lunar)](https://badgen.net/github/watchers/lateralblast/lunar)[![last-commit](https://badgen.net/github/last-commit/lateralblast/lunar)](https://badgen.net/github/last-commit/lateralblast/lunar) [![open-issues](https://badgen.net/github/open-issues/lateralblast/lunar)](https://badgen.net/github/open-issues/lateralblast/lunar) [![closed-issues](https://badgen.net/github/closed-issues/lateralblast/lunar)](https://badgen.net/github/closed-issues/lateralblast/lunar) |

| **Cloud-reports** | [https://github.com/tensult/cloud-reports](https://github.com/tensult/cloud-reports) | Scans your AWS cloud resources and generates reports |[![stars](https://badgen.net/github/stars/tensult/cloud-reports)](https://badgen.net/github/stars/tensult/cloud-reports)| [![contributors](https://badgen.net/github/contributors/tensult/cloud-reports)](https://badgen.net/github/contributors/tensult/cloud-reports)[![watchers](https://badgen.net/github/watchers/tensult/cloud-reports)](https://badgen.net/github/watchers/tensult/cloud-reports)[![last-commit](https://badgen.net/github/last-commit/tensult/cloud-reports)](https://badgen.net/github/last-commit/tensult/cloud-reports) [![open-issues](https://badgen.net/github/open-issues/tensult/cloud-reports)](https://badgen.net/github/open-issues/tensult/cloud-reports) [![closed-issues](https://badgen.net/github/closed-issues/tensult/cloud-reports)](https://badgen.net/github/closed-issues/tensult/cloud-reports) |

| **Pacbot** | [https://github.com/tmobile/pacbot](https://github.com/tmobile/pacbot) | Platform for continuous compliance monitoring  compliance reporting and security automation for the cloud |[![stars](https://badgen.net/github/stars/tmobile/pacbot)](https://badgen.net/github/stars/tmobile/pacbot)| [![contributors](https://badgen.net/github/contributors/tmobile/pacbot)](https://badgen.net/github/contributors/tmobile/pacbot)[![watchers](https://badgen.net/github/watchers/tmobile/pacbot)](https://badgen.net/github/watchers/tmobile/pacbot)[![last-commit](https://badgen.net/github/last-commit/tmobile/pacbot)](https://badgen.net/github/last-commit/tmobile/pacbot) [![open-issues](https://badgen.net/github/open-issues/tmobile/pacbot)](https://badgen.net/github/open-issues/tmobile/pacbot) [![closed-issues](https://badgen.net/github/closed-issues/tmobile/pacbot)](https://badgen.net/github/closed-issues/tmobile/pacbot) |

| **cs-suite** | [https://github.com/SecurityFTW/cs-suite](https://github.com/SecurityFTW/cs-suite) | Integrates tools like Scout2 and Prowler among others  |[![stars](https://badgen.net/github/stars/SecurityFTW/cs-suite)](https://badgen.net/github/stars/SecurityFTW/cs-suite)| [![contributors](https://badgen.net/github/contributors/SecurityFTW/cs-suite)](https://badgen.net/github/contributors/SecurityFTW/cs-suite)[![watchers](https://badgen.net/github/watchers/SecurityFTW/cs-suite)](https://badgen.net/github/watchers/SecurityFTW/cs-suite)[![last-commit](https://badgen.net/github/last-commit/SecurityFTW/cs-suite)](https://badgen.net/github/last-commit/SecurityFTW/cs-suite) [![open-issues](https://badgen.net/github/open-issues/SecurityFTW/cs-suite)](https://badgen.net/github/open-issues/SecurityFTW/cs-suite) [![closed-issues](https://badgen.net/github/closed-issues/SecurityFTW/cs-suite)](https://badgen.net/github/closed-issues/SecurityFTW/cs-suite) |

| **aws-key-disabler** | [https://github.com/te-papa/aws-key-disabler](https://github.com/te-papa/aws-key-disabler) | A small lambda script that will disable access keys older than a given amount of days |[![stars](https://badgen.net/github/stars/te-papa/aws-key-disabler)](https://badgen.net/github/stars/te-papa/aws-key-disabler)| [![contributors](https://badgen.net/github/contributors/te-papa/aws-key-disabler)](https://badgen.net/github/contributors/te-papa/aws-key-disabler)[![watchers](https://badgen.net/github/watchers/te-papa/aws-key-disabler)](https://badgen.net/github/watchers/te-papa/aws-key-disabler)[![last-commit](https://badgen.net/github/last-commit/te-papa/aws-key-disabler)](https://badgen.net/github/last-commit/te-papa/aws-key-disabler) [![open-issues](https://badgen.net/github/open-issues/te-papa/aws-key-disabler)](https://badgen.net/github/open-issues/te-papa/aws-key-disabler) [![closed-issues](https://badgen.net/github/closed-issues/te-papa/aws-key-disabler)](https://badgen.net/github/closed-issues/te-papa/aws-key-disabler) |

| **Antiope** | [https://github.com/turnerlabs/antiope](https://github.com/turnerlabs/antiope) | AWS Inventory and Compliance Framework |[![stars](https://badgen.net/github/stars/turnerlabs/antiope)](https://badgen.net/github/stars/turnerlabs/antiope)| [![contributors](https://badgen.net/github/contributors/turnerlabs/antiope)](https://badgen.net/github/contributors/turnerlabs/antiope)[![watchers](https://badgen.net/github/watchers/turnerlabs/antiope)](https://badgen.net/github/watchers/turnerlabs/antiope)[![last-commit](https://badgen.net/github/last-commit/turnerlabs/antiope)](https://badgen.net/github/last-commit/turnerlabs/antiope) [![open-issues](https://badgen.net/github/open-issues/turnerlabs/antiope)](https://badgen.net/github/open-issues/turnerlabs/antiope) [![closed-issues](https://badgen.net/github/closed-issues/turnerlabs/antiope)](https://badgen.net/github/closed-issues/turnerlabs/antiope) |

| **Cloud Reports** | [https://github.com/tensult/cloud-reports](https://github.com/tensult/cloud-reports) | Scans your AWS cloud resources and generates reports and includes security best practices. |[![stars](https://badgen.net/github/stars/tensult/cloud-reports)](https://badgen.net/github/stars/tensult/cloud-reports)| [![contributors](https://badgen.net/github/contributors/tensult/cloud-reports)](https://badgen.net/github/contributors/tensult/cloud-reports)[![watchers](https://badgen.net/github/watchers/tensult/cloud-reports)](https://badgen.net/github/watchers/tensult/cloud-reports)[![last-commit](https://badgen.net/github/last-commit/tensult/cloud-reports)](https://badgen.net/github/last-commit/tensult/cloud-reports) [![open-issues](https://badgen.net/github/open-issues/tensult/cloud-reports)](https://badgen.net/github/open-issues/tensult/cloud-reports) [![closed-issues](https://badgen.net/github/closed-issues/tensult/cloud-reports)](https://badgen.net/github/closed-issues/tensult/cloud-reports) |

| **Terraform AWS Secure Baseline** | [https://github.com/nozaq/terraform-aws-secure-baseline](https://github.com/nozaq/terraform-aws-secure-baseline) | Terraform module to set up your AWS account with the secure |[![stars](https://badgen.net/github/stars/nozaq/terraform-aws-secure-baseline)](https://badgen.net/github/stars/nozaq/terraform-aws-secure-baseline)| [![contributors](https://badgen.net/github/contributors/nozaq/terraform-aws-secure-baseline)](https://badgen.net/github/contributors/nozaq/terraform-aws-secure-baseline)[![watchers](https://badgen.net/github/watchers/nozaq/terraform-aws-secure-baseline)](https://badgen.net/github/watchers/nozaq/terraform-aws-secure-baseline)[![last-commit](https://badgen.net/github/last-commit/nozaq/terraform-aws-secure-baseline)](https://badgen.net/github/last-commit/nozaq/terraform-aws-secure-baseline) [![open-issues](https://badgen.net/github/open-issues/nozaq/terraform-aws-secure-baseline)](https://badgen.net/github/open-issues/nozaq/terraform-aws-secure-baseline) [![closed-issues](https://badgen.net/github/closed-issues/nozaq/terraform-aws-secure-baseline)](https://badgen.net/github/closed-issues/nozaq/terraform-aws-secure-baseline) |

| **Cartography** | [https://github.com/lyft/cartography](https://github.com/lyft/cartography) | Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database.  |[![stars](https://badgen.net/github/stars/lyft/cartography)](https://badgen.net/github/stars/lyft/cartography)| [![contributors](https://badgen.net/github/contributors/lyft/cartography)](https://badgen.net/github/contributors/lyft/cartography)[![watchers](https://badgen.net/github/watchers/lyft/cartography)](https://badgen.net/github/watchers/lyft/cartography)[![last-commit](https://badgen.net/github/last-commit/lyft/cartography)](https://badgen.net/github/last-commit/lyft/cartography) [![open-issues](https://badgen.net/github/open-issues/lyft/cartography)](https://badgen.net/github/open-issues/lyft/cartography) [![closed-issues](https://badgen.net/github/closed-issues/lyft/cartography)](https://badgen.net/github/closed-issues/lyft/cartography) |

| **TrailScraper** | [https://github.com/flosell/trailscraper](https://github.com/flosell/trailscraper) | A command-line tool to get valuable information out of AWS CloudTrail |[![stars](https://badgen.net/github/stars/flosell/trailscraper)](https://badgen.net/github/stars/flosell/trailscraper)| [![contributors](https://badgen.net/github/contributors/flosell/trailscraper)](https://badgen.net/github/contributors/flosell/trailscraper)[![watchers](https://badgen.net/github/watchers/flosell/trailscraper)](https://badgen.net/github/watchers/flosell/trailscraper)[![last-commit](https://badgen.net/github/last-commit/flosell/trailscraper)](https://badgen.net/github/last-commit/flosell/trailscraper) [![open-issues](https://badgen.net/github/open-issues/flosell/trailscraper)](https://badgen.net/github/open-issues/flosell/trailscraper) [![closed-issues](https://badgen.net/github/closed-issues/flosell/trailscraper)](https://badgen.net/github/closed-issues/flosell/trailscraper) |

| **LambdaGuard** | [https://github.com/Skyscanner/LambdaGuard](https://github.com/Skyscanner/LambdaGuard) | An AWS Lambda auditing tool designed to create asset visibility and provide actionable results. |[![stars](https://badgen.net/github/stars/Skyscanner/LambdaGuard)](https://badgen.net/github/stars/Skyscanner/LambdaGuard)| [![contributors](https://badgen.net/github/contributors/Skyscanner/LambdaGuard)](https://badgen.net/github/contributors/Skyscanner/LambdaGuard)[![watchers](https://badgen.net/github/watchers/Skyscanner/LambdaGuard)](https://badgen.net/github/watchers/Skyscanner/LambdaGuard)[![last-commit](https://badgen.net/github/last-commit/Skyscanner/LambdaGuard)](https://badgen.net/github/last-commit/Skyscanner/LambdaGuard) [![open-issues](https://badgen.net/github/open-issues/Skyscanner/LambdaGuard)](https://badgen.net/github/open-issues/Skyscanner/LambdaGuard) [![closed-issues](https://badgen.net/github/closed-issues/Skyscanner/LambdaGuard)](https://badgen.net/github/closed-issues/Skyscanner/LambdaGuard) |

| **Komiser** | [https://github.com/mlabouardy/komiser](https://github.com/mlabouardy/komiser) | Cloud Environment Inspector analyze and manage cloud cost usage security and governance in one place. |[![stars](https://badgen.net/github/stars/mlabouardy/komiser)](https://badgen.net/github/stars/mlabouardy/komiser)| [![contributors](https://badgen.net/github/contributors/mlabouardy/komiser)](https://badgen.net/github/contributors/mlabouardy/komiser)[![watchers](https://badgen.net/github/watchers/mlabouardy/komiser)](https://badgen.net/github/watchers/mlabouardy/komiser)[![last-commit](https://badgen.net/github/last-commit/mlabouardy/komiser)](https://badgen.net/github/last-commit/mlabouardy/komiser) [![open-issues](https://badgen.net/github/open-issues/mlabouardy/komiser)](https://badgen.net/github/open-issues/mlabouardy/komiser) [![closed-issues](https://badgen.net/github/closed-issues/mlabouardy/komiser)](https://badgen.net/github/closed-issues/mlabouardy/komiser) |

| **Perimeterator** | [https://github.com/darkarnium/perimeterator](https://github.com/darkarnium/perimeterator) | AWS perimeter monitoring. Periodically scan internet facing AWS resources to detect misconfigured services |[![stars](https://badgen.net/github/stars/darkarnium/perimeterator)](https://badgen.net/github/stars/darkarnium/perimeterator)| [![contributors](https://badgen.net/github/contributors/darkarnium/perimeterator)](https://badgen.net/github/contributors/darkarnium/perimeterator)[![watchers](https://badgen.net/github/watchers/darkarnium/perimeterator)](https://badgen.net/github/watchers/darkarnium/perimeterator)[![last-commit](https://badgen.net/github/last-commit/darkarnium/perimeterator)](https://badgen.net/github/last-commit/darkarnium/perimeterator) [![open-issues](https://badgen.net/github/open-issues/darkarnium/perimeterator)](https://badgen.net/github/open-issues/darkarnium/perimeterator) [![closed-issues](https://badgen.net/github/closed-issues/darkarnium/perimeterator)](https://badgen.net/github/closed-issues/darkarnium/perimeterator) |

| **PolicySentry** | [https://github.com/salesforce/policy_sentry](https://github.com/salesforce/policy_sentry) | IAM Least Privilege Policy Generator auditor and analysis database |[![stars](https://badgen.net/github/stars/salesforce/policy_sentry)](https://badgen.net/github/stars/salesforce/policy_sentry)| [![contributors](https://badgen.net/github/contributors/salesforce/policy_sentry)](https://badgen.net/github/contributors/salesforce/policy_sentry)[![watchers](https://badgen.net/github/watchers/salesforce/policy_sentry)](https://badgen.net/github/watchers/salesforce/policy_sentry)[![last-commit](https://badgen.net/github/last-commit/salesforce/policy_sentry)](https://badgen.net/github/last-commit/salesforce/policy_sentry) [![open-issues](https://badgen.net/github/open-issues/salesforce/policy_sentry)](https://badgen.net/github/open-issues/salesforce/policy_sentry) [![closed-issues](https://badgen.net/github/closed-issues/salesforce/policy_sentry)](https://badgen.net/github/closed-issues/salesforce/policy_sentry) |

| **Zeus** | [https://github.com/DenizParlak/Zeus](https://github.com/DenizParlak/Zeus) | AWS Auditing & Hardening Tool  |[![stars](https://badgen.net/github/stars/DenizParlak/Zeus)](https://badgen.net/github/stars/DenizParlak/Zeus)| [![contributors](https://badgen.net/github/contributors/DenizParlak/Zeus)](https://badgen.net/github/contributors/DenizParlak/Zeus)[![watchers](https://badgen.net/github/watchers/DenizParlak/Zeus)](https://badgen.net/github/watchers/DenizParlak/Zeus)[![last-commit](https://badgen.net/github/last-commit/DenizParlak/Zeus)](https://badgen.net/github/last-commit/DenizParlak/Zeus) [![open-issues](https://badgen.net/github/open-issues/DenizParlak/Zeus)](https://badgen.net/github/open-issues/DenizParlak/Zeus) [![closed-issues](https://badgen.net/github/closed-issues/DenizParlak/Zeus)](https://badgen.net/github/closed-issues/DenizParlak/Zeus) |

| **janiko71 AWS-inventory** | [https://github.com/janiko71/aws-inventory](https://github.com/janiko71/aws-inventory) | Python script for AWS resources inventory |[![stars](https://badgen.net/github/stars/janiko71/aws-inventory)](https://badgen.net/github/stars/janiko71/aws-inventory)| [![contributors](https://badgen.net/github/contributors/janiko71/aws-inventory)](https://badgen.net/github/contributors/janiko71/aws-inventory)[![watchers](https://badgen.net/github/watchers/janiko71/aws-inventory)](https://badgen.net/github/watchers/janiko71/aws-inventory)[![last-commit](https://badgen.net/github/last-commit/janiko71/aws-inventory)](https://badgen.net/github/last-commit/janiko71/aws-inventory) [![open-issues](https://badgen.net/github/open-issues/janiko71/aws-inventory)](https://badgen.net/github/open-issues/janiko71/aws-inventory) [![closed-issues](https://badgen.net/github/closed-issues/janiko71/aws-inventory)](https://badgen.net/github/closed-issues/janiko71/aws-inventory) |

| **awspx** | [https://github.com/fsecurelabs/awspx](https://github.com/fsecurelabs/awspx) | A graph-based tool for visualizing effective access and resource relationships in AWS environments |[![stars](https://badgen.net/github/stars/fsecurelabs/awspx)](https://badgen.net/github/stars/fsecurelabs/awspx)| [![contributors](https://badgen.net/github/contributors/fsecurelabs/awspx)](https://badgen.net/github/contributors/fsecurelabs/awspx)[![watchers](https://badgen.net/github/watchers/fsecurelabs/awspx)](https://badgen.net/github/watchers/fsecurelabs/awspx)[![last-commit](https://badgen.net/github/last-commit/fsecurelabs/awspx)](https://badgen.net/github/last-commit/fsecurelabs/awspx) [![open-issues](https://badgen.net/github/open-issues/fsecurelabs/awspx)](https://badgen.net/github/open-issues/fsecurelabs/awspx) [![closed-issues](https://badgen.net/github/closed-issues/fsecurelabs/awspx)](https://badgen.net/github/closed-issues/fsecurelabs/awspx) |

| **clinv** | [https://github.com/lyz-code/clinv](https://github.com/lyz-code/clinv) | DevSecOps command line asset inventory tool  |[![stars](https://badgen.net/github/stars/lyz-code/clinv)](https://badgen.net/github/stars/lyz-code/clinv)| [![contributors](https://badgen.net/github/contributors/lyz-code/clinv)](https://badgen.net/github/contributors/lyz-code/clinv)[![watchers](https://badgen.net/github/watchers/lyz-code/clinv)](https://badgen.net/github/watchers/lyz-code/clinv)[![last-commit](https://badgen.net/github/last-commit/lyz-code/clinv)](https://badgen.net/github/last-commit/lyz-code/clinv) [![open-issues](https://badgen.net/github/open-issues/lyz-code/clinv)](https://badgen.net/github/open-issues/lyz-code/clinv) [![closed-issues](https://badgen.net/github/closed-issues/lyz-code/clinv)](https://badgen.net/github/closed-issues/lyz-code/clinv) |

| **aws-gate** | [https://github.com/xen0l/aws-gate](https://github.com/xen0l/aws-gate) | Enhanced AWS SSM Session manager CLI client |[![stars](https://badgen.net/github/stars/xen0l/aws-gate)](https://badgen.net/github/stars/xen0l/aws-gate)| [![contributors](https://badgen.net/github/contributors/xen0l/aws-gate)](https://badgen.net/github/contributors/xen0l/aws-gate) [![watchers](https://badgen.net/github/watchers/xen0l/aws-gate)](https://badgen.net/github/watchers/xen0l/aws-gate) [![last-commit](https://badgen.net/github/last-commit/xen0l/aws-gate)](https://badgen.net/github/last-commit/xen0l/aws-gate)  [![open-issues](https://badgen.net/github/open-issues/xen0l/aws-gate)](https://badgen.net/github/open-issues/xen0l/aws-gate) [![closed-issues](https://badgen.net/github/closed-issues/xen0l/aws-gate)](https://badgen.net/github/closed-issues/xen0l/aws-gate) |

| **Detecting Credential Compromise** | [https://github.com/Netflix-Skunkworks/aws-credential-compromise-detection](https://github.com/Netflix-Skunkworks/aws-credential-compromise-detection) | Detecting of your compromised credential in AWS  |[![stars](https://badgen.net/github/stars/Netflix-Skunkworks/aws-credential-compromise-detection)](https://badgen.net/github/stars/Netflix-Skunkworks/aws-credential-compromise-detection)| [![contributors](https://badgen.net/github/contributors/Netflix-Skunkworks/aws-credential-compromise-detection)](https://badgen.net/github/contributors/Netflix-Skunkworks/aws-credential-compromise-detection)[![watchers](https://badgen.net/github/watchers/Netflix-Skunkworks/aws-credential-compromise-detection)](https://badgen.net/github/watchers/Netflix-Skunkworks/aws-credential-compromise-detection)[![last-commit](https://badgen.net/github/last-commit/Netflix-Skunkworks/aws-credential-compromise-detection)](https://badgen.net/github/last-commit/Netflix-Skunkworks/aws-credential-compromise-detection) [![open-issues](https://badgen.net/github/open-issues/Netflix-Skunkworks/aws-credential-compromise-detection)](https://badgen.net/github/open-issues/Netflix-Skunkworks/aws-credential-compromise-detection) [![closed-issues](https://badgen.net/github/closed-issues/Netflix-Skunkworks/aws-credential-compromise-detection)](https://badgen.net/github/closed-issues/Netflix-Skunkworks/aws-credential-compromise-detection)|

| **AWS-Security-Toolbox (AST)** | [https://github.com/z0ph/aws-security-toolbox](https://github.com/z0ph/aws-security-toolbox) | AWS Security Toolbox (Docker Image) for Security Assessments |[![stars](https://badgen.net/github/stars/z0ph/aws-security-toolbox)](https://badgen.net/github/stars/z0ph/aws-security-toolbox)| [![contributors](https://badgen.net/github/contributors/z0ph/aws-security-toolbox)](https://badgen.net/github/contributors/z0ph/aws-security-toolbox) [![watchers](https://badgen.net/github/watchers/z0ph/aws-security-toolbox)](https://badgen.net/github/watchers/z0ph/aws-security-toolbox) [![last-commit](https://badgen.net/github/last-commit/z0ph/aws-security-toolbox)](https://badgen.net/github/last-commit/z0ph/aws-security-toolbox)  [![open-issues](https://badgen.net/github/open-issues/z0ph/aws-security-toolbox)](https://badgen.net/github/open-issues/z0ph/aws-security-toolbox) [![closed-issues](https://badgen.net/github/closed-issues/z0ph/aws-security-toolbox)](https://badgen.net/github/closed-issues/z0ph/aws-security-toolbox) |

| **iam-lint** | [https://github.com/xen0l/iam-lint](https://github.com/xen0l/iam-lint) | Github action for linting AWS IAM policy documents for correctness and possible security issues |[![stars](https://badgen.net/github/stars/xen0l/iam-lint)](https://badgen.net/github/stars/xen0l/iam-lint)| [![contributors](https://badgen.net/github/contributors/xen0l/iam-lint)](https://badgen.net/github/contributors/xen0l/iam-lint) [![watchers](https://badgen.net/github/watchers/xen0l/iam-lint)](https://badgen.net/github/watchers/xen0l/iam-lint) [![last-commit](https://badgen.net/github/last-commit/xen0l/iam-lint)](https://badgen.net/github/last-commit/xen0l/iam-lint) [![open-issues](https://badgen.net/github/open-issues/xen0l/iam-lint)](https://badgen.net/github/open-issues/xen0l/iam-lint) [![closed-issues](https://badgen.net/github/closed-issues/xen0l/iam-lint)](https://badgen.net/github/closed-issues/xen0l/iam-lint) |

| **aws-security-viz** | [https://github.com/anaynayak/aws-security-viz](https://github.com/anaynayak/aws-security-viz) | A tool to visualize aws security groups. |[![stars](https://badgen.net/github/stars/anaynayak/aws-security-viz)](https://badgen.net/github/stars/anaynayak/aws-security-viz)| [![contributors](https://badgen.net/github/contributors/anaynayak/aws-security-viz)](https://badgen.net/github/contributors/anaynayak/aws-security-viz) [![watchers](https://badgen.net/github/watchers/anaynayak/aws-security-viz)](https://badgen.net/github/watchers/anaynayak/aws-security-viz) [![last-commit](https://badgen.net/github/last-commit/anaynayak/aws-security-viz)](https://badgen.net/github/last-commit/anaynayak/aws-security-viz) [![open-issues](https://badgen.net/github/open-issues/anaynayak/aws-security-viz)](https://badgen.net/github/open-issues/anaynayak/aws-security-viz) [![closed-issues](https://badgen.net/github/closed-issues/anaynayak/aws-security-viz)](https://badgen.net/github/closed-issues/anaynayak/aws-security-viz) |

| **AirIAM** | [https://github.com/bridgecrewio/AirIAM](https://github.com/bridgecrewio/AirIAM) | Least privilege AWS IAM using Terraform |[![stars](https://badgen.net/github/stars/bridgecrewio/AirIAM)](https://badgen.net/github/stars/bridgecrewio/AirIAM)| [![contributors](https://badgen.net/github/contributors/bridgecrewio/AirIAM)](https://badgen.net/github/contributors/bridgecrewio/AirIAM) [![watchers](https://badgen.net/github/watchers/bridgecrewio/AirIAM)](https://badgen.net/github/watchers/bridgecrewio/AirIAM) [![last-commit](https://badgen.net/github/last-commit/bridgecrewio/AirIAM)](https://badgen.net/github/last-commit/bridgecrewio/AirIAM) [![open-issues](https://badgen.net/github/open-issues/bridgecrewio/AirIAM)](https://badgen.net/github/open-issues/bridgecrewio/AirIAM) [![closed-issues](https://badgen.net/github/closed-issues/bridgecrewio/AirIAM)](https://badgen.net/github/closed-issues/bridgecrewio/AirIAM) |

| **Cloudsplaining** | [https://github.com/salesforce/cloudsplaining](https://github.com/salesforce/cloudsplaining) | AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized HTML report. |[![stars](https://badgen.net/github/stars/salesforce/cloudsplaining)](https://badgen.net/github/stars/salesforce/cloudsplaining)| [![contributors](https://badgen.net/github/contributors/salesforce/cloudsplaining)](https://badgen.net/github/contributors/salesforce/cloudsplaining) [![watchers](https://badgen.net/github/watchers/salesforce/cloudsplaining)](https://badgen.net/github/watchers/salesforce/cloudsplaining) [![last-commit](https://badgen.net/github/last-commit/salesforce/cloudsplaining)](https://badgen.net/github/last-commit/salesforce/cloudsplaining) [![open-issues](https://badgen.net/github/open-issues/salesforce/cloudsplaining)](https://badgen.net/github/open-issues/salesforce/cloudsplaining) [![closed-issues](https://badgen.net/github/closed-issues/salesforce/cloudsplaining)](https://badgen.net/github/closed-issues/salesforce/cloudsplaining) |

| **iam-policy-generator** | [https://github.com/aletheia/iam-policy-generator](https://github.com/aletheia/iam-policy-generator) | A simple library to generate IAM policy statements with no need to remember all the actions APIs | [![stars](https://badgen.net/github/stars/aletheia/iam-policy-generator)](https://badgen.net/github/stars/aletheia/iam-policy-generator) | [![contributors](https://badgen.net/github/contributors/aletheia/iam-policy-generator)](https://badgen.net/github/contributors/aletheia/iam-policy-generator) [![watchers](https://badgen.net/github/watchers/aletheia/iam-policy-generator)](https://badgen.net/github/watchers/aletheia/iam-policy-generator) [![last-commit](https://badgen.net/github/last-commit/aletheia/iam-policy-generator)](https://badgen.net/github/last-commit/aletheia/iam-policy-generator) [![open-issues](https://badgen.net/github/open-issues/aletheia/iam-policy-generator)](https://badgen.net/github/open-issues/aletheia/iam-policy-generator) [![closed-issues](https://badgen.net/github/closed-issues/aletheia/iam-policy-generator)](https://badgen.net/github/closed-issues/aletheia/iam-policy-generator) |

| **SkyWrapper** | [https://github.com/cyberark/SkyWrapper](https://github.com/cyberark/SkyWrapper) | SkyWrapper helps to discover suspicious creation forms and uses of temporary tokens in AWS | [![stars](https://badgen.net/github/stars/cyberark/SkyWrapper)](https://badgen.net/github/stars/cyberark/SkyWrapper) | [![contributors](https://badgen.net/github/contributors/cyberark/SkyWrapper)](https://badgen.net/github/contributors/cyberark/SkyWrapper) [![watchers](https://badgen.net/github/watchers/cyberark/SkyWrapper)](https://badgen.net/github/watchers/cyberark/SkyWrapper) [![last-commit](https://badgen.net/github/last-commit/cyberark/SkyWrapper)](https://badgen.net/github/last-commit/cyberark/SkyWrapper) [![open-issues](https://badgen.net/github/open-issues/cyberark/SkyWrapper)](https://badgen.net/github/open-issues/cyberark/SkyWrapper) [![closed-issues](https://badgen.net/github/closed-issues/cyberark/SkyWrapper)](https://badgen.net/github/closed-issues/cyberark/SkyWrapper) |

| **aws-recon** | [https://github.com/darkbitio/aws-recon](https://github.com/darkbitio/aws-recon) | Multi-threaded AWS inventory collection tool | [![stars](https://badgen.net/github/stars/darkbitio/aws-recon)](https://badgen.net/github/stars/darkbitio/aws-recon) | [![contributors](https://badgen.net/github/contributors/darkbitio/aws-recon)](https://badgen.net/github/contributors/darkbitio/aws-recon) [![watchers](https://badgen.net/github/watchers/darkbitio/aws-recon)](https://badgen.net/github/watchers/darkbitio/aws-recon) [![last-commit](https://badgen.net/github/last-commit/darkbitio/aws-recon)](https://badgen.net/github/last-commit/darkbitio/aws-recon) [![open-issues](https://badgen.net/github/open-issues/darkbitio/aws-recon)](https://badgen.net/github/open-issues/darkbitio/aws-recon) [![closed-issues](https://badgen.net/github/closed-issues/darkbitio/aws-recon)](https://badgen.net/github/closed-issues/darkbitio/aws-recon) |

| **iam-policies-cli** | [https://github.com/mhlabs/iam-policies-cli](https://github.com/mhlabs/iam-policies-cli) | A CLI tool for building simple to complex IAM policies | [![stars](https://badgen.net/github/stars/mhlabs/iam-policies-cli)](https://badgen.net/github/stars/mhlabs/iam-policies-cli) | [![contributors](https://badgen.net/github/contributors/mhlabs/iam-policies-cli)](https://badgen.net/github/contributors/mhlabs/iam-policies-cli) [![watchers](https://badgen.net/github/watchers/mhlabs/iam-policies-cli)](https://badgen.net/github/watchers/mhlabs/iam-policies-cli) [![last-commit](https://badgen.net/github/last-commit/mhlabs/iam-policies-cli)](https://badgen.net/github/last-commit/mhlabs/iam-policies-cli) [![open-issues](https://badgen.net/github/open-issues/mhlabs/iam-policies-cli)](https://badgen.net/github/open-issues/mhlabs/iam-policies-cli) [![closed-issues](https://badgen.net/github/closed-issues/mhlabs/iam-policies-cli)](https://badgen.net/github/closed-issues/mhlabs/iam-policies-cli) |

| **Aaia** | [https://github.com/rams3sh/Aaia](https://github.com/rams3sh/Aaia) | AWS Identity and Access Management Visualizer and Anomaly Finder | [![stars](https://badgen.net/github/stars/rams3sh/Aaia)](https://badgen.net/github/stars/rams3sh/Aaia) | [![contributors](https://badgen.net/github/contributors/rams3sh/Aaia)](https://badgen.net/github/contributors/rams3sh/Aaia) [![watchers](https://badgen.net/github/watchers/rams3sh/Aaia)](https://badgen.net/github/watchers/rams3sh/Aaia) [![last-commit](https://badgen.net/github/last-commit/rams3sh/Aaia)](https://badgen.net/github/last-commit/rams3sh/Aaia) [![open-issues](https://badgen.net/github/open-issues/rams3sh/Aaia)](https://badgen.net/github/open-issues/rams3sh/Aaia) [![closed-issues](https://badgen.net/github/closed-issues/rams3sh/Aaia)](https://badgen.net/github/closed-issues/rams3sh/Aaia) |

| **iam-floyd** | [https://github.com/udondan/iam-floyd](https://github.com/udondan/iam-floyd) | IAM policy statement generator with fluent interface - Available for Node.js, Python, .Net and Java | [![stars](https://badgen.net/github/stars/udondan/iam-floyd)](https://badgen.net/github/stars/udondan/iam-floyd) | [![contributors](https://badgen.net/github/contributors/udondan/iam-floyd)](https://badgen.net/github/contributors/udondan/iam-floyd) [![watchers](https://badgen.net/github/watchers/udondan/iam-floyd)](https://badgen.net/github/watchers/udondan/iam-floyd) [![last-commit](https://badgen.net/github/last-commit/udondan/iam-floyd)](https://badgen.net/github/last-commit/udondan/iam-floyd) [![open-issues](https://badgen.net/github/open-issues/udondan/iam-floyd)](https://badgen.net/github/open-issues/udondan/iam-floyd) [![closed-issues](https://badgen.net/github/closed-issues/udondan/iam-floyd)](https://badgen.net/github/closed-issues/udondan/iam-floyd) |

| **rpCheckup** | [https://github.com/goldfiglabs/rpCheckup](https://github.com/goldfiglabs/rpCheckup) | AWS resource policy security checkup tool that identifies public, external account access, intra-org account access, and private resources. | [![stars](https://badgen.net/github/stars/goldfiglabs/rpCheckup)](https://badgen.net/github/stars/goldfiglabs/rpCheckup) | [![contributors](https://badgen.net/github/contributors/goldfiglabs/rpCheckup)](https://badgen.net/github/contributors/goldfiglabs/rpCheckup) [![watchers](https://badgen.net/github/watchers/goldfiglabs/rpCheckup)](https://badgen.net/github/watchers/goldfiglabs/rpCheckup) [![last-commit](https://badgen.net/github/last-commit/goldfiglabs/rpCheckup)](https://badgen.net/github/last-commit/goldfiglabs/rpCheckup) [![open-issues](https://badgen.net/github/open-issues/goldfiglabs/rpCheckup)](https://badgen.net/github/open-issues/goldfiglabs/rpCheckup) [![closed-issues](https://badgen.net/github/closed-issues/goldfiglabs/rpCheckup)](https://badgen.net/github/closed-issues/goldfiglabs/rpCheckup) |

| **S3 Exif Cleaner** | [https://github.com/seisvelas/S3-Exif-Cleaner](https://github.com/seisvelas/S3-Exif-Cleaner) | Remove EXIF data from all objects in an S3 bucket |[![stars](https://badgen.net/github/stars/seisvelas/S3-Exif-Cleaner)](https://badgen.net/github/stars/seisvelas/S3-Exif-Cleaner)| [![contributors](https://badgen.net/github/contributors/seisvelas/S3-Exif-Cleaner)](https://badgen.net/github/contributors/seisvelas/S3-Exif-Cleaner)[![watchers](https://badgen.net/github/watchers/seisvelas/S3-Exif-Cleaner)](https://badgen.net/github/watchers/seisvelas/S3-Exif-Cleaner)[![last-commit](https://badgen.net/github/last-commit/seisvelas/S3-Exif-Cleaner)](https://badgen.net/github/last-commit/seisvelas/S3-Exif-Cleaner) [![open-issues](https://badgen.net/github/open-issues/seisvelas/S3-Exif-Cleaner)](https://badgen.net/github/open-issues/seisvelas/S3-Exif-Cleaner) [![closed-issues](https://badgen.net/github/closed-issues/seisvelas/S3-Exif-Cleaner)](https://badgen.net/github/closed-issues/seisvelas/S3-Exif-Cleaner) |

| **Steampipe** | [https://github.com/turbot/steampipe](https://github.com/turbot/steampipe) | Use SQL to instantly query your cloud services (AWS, Azure, GCP and more). Open source CLI. No DB required. (SQL) |[![stars](https://badgen.net/github/stars/turbot/steampipe)](https://badgen.net/github/stars/turbot/steampipe)| [![contributors](https://badgen.net/github/contributors/turbot/steampipe)](https://badgen.net/github/contributors/turbot/steampipe)[![watchers](https://badgen.net/github/watchers/turbot/steampipe)](https://badgen.net/github/watchers/turbot/steampipe)[![last-commit](https://badgen.net/github/last-commit/turbot/steampipe/main)](https://badgen.net/github/last-commit/turbot/steampipe/main) [![open-issues](https://badgen.net/github/open-issues/turbot/steampipe)](https://badgen.net/github/open-issues/turbot/steampipe) [![closed-issues](https://badgen.net/github/closed-issues/turbot/steampipe)](https://badgen.net/github/closed-issues/turbot/steampipe) |



## Offensive

| Name | URL | Description | Popularity | Metadata |

| ---------- | :---------- | :---------- | :----------: | :----------: |

| **WeirdAAL** | [https://github.com/carnal0wnage/weirdAAL](https://github.com/carnal0wnage/weirdAAL) | AWS Attack Library |[![stars](https://badgen.net/github/stars/carnal0wnage/weirdAAL)](https://badgen.net/github/stars/carnal0wnage/weirdAAL)| [![contributors](https://badgen.net/github/contributors/carnal0wnage/weirdAAL)](https://badgen.net/github/contributors/carnal0wnage/weirdAAL)[![watchers](https://badgen.net/github/watchers/carnal0wnage/weirdAAL)](https://badgen.net/github/watchers/carnal0wnage/weirdAAL)[![last-commit](https://badgen.net/github/last-commit/carnal0wnage/weirdAAL)](https://badgen.net/github/last-commit/carnal0wnage/weirdAAL) [![open-issues](https://badgen.net/github/open-issues/carnal0wnage/weirdAAL)](https://badgen.net/github/open-issues/carnal0wnage/weirdAAL) [![closed-issues](https://badgen.net/github/closed-issues/carnal0wnage/weirdAAL)](https://badgen.net/github/closed-issues/carnal0wnage/weirdAAL) |

| **Pacu** | [https://github.com/RhinoSecurityLabs/pacu](https://github.com/RhinoSecurityLabs/pacu) | AWS penetration testing toolkit |[![stars](https://badgen.net/github/stars/RhinoSecurityLabs/pacu)](https://badgen.net/github/stars/RhinoSecurityLabs/pacu)| [![contributors](https://badgen.net/github/contributors/RhinoSecurityLabs/pacu)](https://badgen.net/github/contributors/RhinoSecurityLabs/pacu)[![watchers](https://badgen.net/github/watchers/RhinoSecurityLabs/pacu)](https://badgen.net/github/watchers/RhinoSecurityLabs/pacu)[![last-commit](https://badgen.net/github/last-commit/RhinoSecurityLabs/pacu)](https://badgen.net/github/last-commit/RhinoSecurityLabs/pacu) [![open-issues](https://badgen.net/github/open-issues/RhinoSecurityLabs/pacu)](https://badgen.net/github/open-issues/RhinoSecurityLabs/pacu) [![closed-issues](https://badgen.net/github/closed-issues/RhinoSecurityLabs/pacu)](https://badgen.net/github/closed-issues/RhinoSecurityLabs/pacu) |

| **Cred Scanner** | [https://github.com/disruptops/cred_scanner](https://github.com/disruptops/cred_scanner) | A simple file-based scanner to look for potential AWS access and secret keys in files  |[![stars](https://badgen.net/github/stars/disruptops/cred_scanner)](https://badgen.net/github/stars/disruptops/cred_scanner)| [![contributors](https://badgen.net/github/contributors/disruptops/cred_scanner)](https://badgen.net/github/contributors/disruptops/cred_scanner)[![watchers](https://badgen.net/github/watchers/disruptops/cred_scanner)](https://badgen.net/github/watchers/disruptops/cred_scanner)[![last-commit](https://badgen.net/github/last-commit/disruptops/cred_scanner)](https://badgen.net/github/last-commit/disruptops/cred_scanner) [![open-issues](https://badgen.net/github/open-issues/disruptops/cred_scanner)](https://badgen.net/github/open-issues/disruptops/cred_scanner) [![closed-issues](https://badgen.net/github/closed-issues/disruptops/cred_scanner)](https://badgen.net/github/closed-issues/disruptops/cred_scanner) |

| **AWS PWN** | [https://github.com/dagrz/aws_pwn](https://github.com/dagrz/aws_pwn) | A collection of AWS penetration testing junk  |[![stars](https://badgen.net/github/stars/dagrz/aws_pwn)](https://badgen.net/github/stars/dagrz/aws_pwn)| [![contributors](https://badgen.net/github/contributors/dagrz/aws_pwn)](https://badgen.net/github/contributors/dagrz/aws_pwn)[![watchers](https://badgen.net/github/watchers/dagrz/aws_pwn)](https://badgen.net/github/watchers/dagrz/aws_pwn)[![last-commit](https://badgen.net/github/last-commit/dagrz/aws_pwn)](https://badgen.net/github/last-commit/dagrz/aws_pwn) [![open-issues](https://badgen.net/github/open-issues/dagrz/aws_pwn)](https://badgen.net/github/open-issues/dagrz/aws_pwn) [![closed-issues](https://badgen.net/github/closed-issues/dagrz/aws_pwn)](https://badgen.net/github/closed-issues/dagrz/aws_pwn) |

| **Cloudfrunt** | [https://github.com/MindPointGroup/cloudfrunt](https://github.com/MindPointGroup/cloudfrunt) | A tool for identifying misconfigured CloudFront domains  |[![stars](https://badgen.net/github/stars/MindPointGroup/cloudfrunt)](https://badgen.net/github/stars/MindPointGroup/cloudfrunt)| [![contributors](https://badgen.net/github/contributors/MindPointGroup/cloudfrunt)](https://badgen.net/github/contributors/MindPointGroup/cloudfrunt)[![watchers](https://badgen.net/github/watchers/MindPointGroup/cloudfrunt)](https://badgen.net/github/watchers/MindPointGroup/cloudfrunt)[![last-commit](https://badgen.net/github/last-commit/MindPointGroup/cloudfrunt)](https://badgen.net/github/last-commit/MindPointGroup/cloudfrunt) [![open-issues](https://badgen.net/github/open-issues/MindPointGroup/cloudfrunt)](https://badgen.net/github/open-issues/MindPointGroup/cloudfrunt) [![closed-issues](https://badgen.net/github/closed-issues/MindPointGroup/cloudfrunt)](https://badgen.net/github/closed-issues/MindPointGroup/cloudfrunt) |

| **Cloudjack** | [https://github.com/prevade/cloudjack](https://github.com/prevade/cloudjack) | Route53/CloudFront Vulnerability Assessment Utility  |[![stars](https://badgen.net/github/stars/prevade/cloudjack)](https://badgen.net/github/stars/prevade/cloudjack)| [![contributors](https://badgen.net/github/contributors/prevade/cloudjack)](https://badgen.net/github/contributors/prevade/cloudjack)[![watchers](https://badgen.net/github/watchers/prevade/cloudjack)](https://badgen.net/github/watchers/prevade/cloudjack)[![last-commit](https://badgen.net/github/last-commit/prevade/cloudjack)](https://badgen.net/github/last-commit/prevade/cloudjack) [![open-issues](https://badgen.net/github/open-issues/prevade/cloudjack)](https://badgen.net/github/open-issues/prevade/cloudjack) [![closed-issues](https://badgen.net/github/closed-issues/prevade/cloudjack)](https://badgen.net/github/closed-issues/prevade/cloudjack) |

| **Nimbostratus** | [https://github.com/andresriancho/nimbostratus](https://github.com/andresriancho/nimbostratus) | Tools for fingerprinting and exploiting Amazon cloud infrastructures  |[![stars](https://badgen.net/github/stars/andresriancho/nimbostratus)](https://badgen.net/github/stars/andresriancho/nimbostratus)| [![contributors](https://badgen.net/github/contributors/andresriancho/nimbostratus)](https://badgen.net/github/contributors/andresriancho/nimbostratus)[![watchers](https://badgen.net/github/watchers/andresriancho/nimbostratus)](https://badgen.net/github/watchers/andresriancho/nimbostratus)[![last-commit](https://badgen.net/github/last-commit/andresriancho/nimbostratus)](https://badgen.net/github/last-commit/andresriancho/nimbostratus) [![open-issues](https://badgen.net/github/open-issues/andresriancho/nimbostratus)](https://badgen.net/github/open-issues/andresriancho/nimbostratus) [![closed-issues](https://badgen.net/github/closed-issues/andresriancho/nimbostratus)](https://badgen.net/github/closed-issues/andresriancho/nimbostratus) |

| **GitLeaks** | [https://github.com/zricethezav/gitleaks](https://github.com/zricethezav/gitleaks) | Audit git repos for secrets |[![stars](https://badgen.net/github/stars/zricethezav/gitleaks)](https://badgen.net/github/stars/zricethezav/gitleaks)| [![contributors](https://badgen.net/github/contributors/zricethezav/gitleaks)](https://badgen.net/github/contributors/zricethezav/gitleaks)[![watchers](https://badgen.net/github/watchers/zricethezav/gitleaks)](https://badgen.net/github/watchers/zricethezav/gitleaks)[![last-commit](https://badgen.net/github/last-commit/zricethezav/gitleaks)](https://badgen.net/github/last-commit/zricethezav/gitleaks) [![open-issues](https://badgen.net/github/open-issues/zricethezav/gitleaks)](https://badgen.net/github/open-issues/zricethezav/gitleaks) [![closed-issues](https://badgen.net/github/closed-issues/zricethezav/gitleaks)](https://badgen.net/github/closed-issues/zricethezav/gitleaks) |

| **TruffleHog** | [https://github.com/dxa4481/truffleHog](https://github.com/dxa4481/truffleHog) | Searches through git repositories for high entropy strings and secrets  digging deep into commit history |[![stars](https://badgen.net/github/stars/dxa4481/truffleHog)](https://badgen.net/github/stars/dxa4481/truffleHog)| [![contributors](https://badgen.net/github/contributors/dxa4481/truffleHog)](https://badgen.net/github/contributors/dxa4481/truffleHog)[![watchers](https://badgen.net/github/watchers/dxa4481/truffleHog)](https://badgen.net/github/watchers/dxa4481/truffleHog)[![last-commit](https://badgen.net/github/last-commit/dxa4481/truffleHog)](https://badgen.net/github/last-commit/dxa4481/truffleHog) [![open-issues](https://badgen.net/github/open-issues/dxa4481/truffleHog)](https://badgen.net/github/open-issues/dxa4481/truffleHog) [![closed-issues](https://badgen.net/github/closed-issues/dxa4481/truffleHog)](https://badgen.net/github/closed-issues/dxa4481/truffleHog) |

| **DumpsterDiver** | [https://github.com/securing/DumpsterDiver](https://github.com/securing/DumpsterDiver) | "Tool to search secrets in various filetypes  like keys (e.g. AWS Access Key	 Azure Share Key or SSH keys) or passwords." |[![stars](https://badgen.net/github/stars/securing/DumpsterDiver)](https://badgen.net/github/stars/securing/DumpsterDiver)| [![contributors](https://badgen.net/github/contributors/securing/DumpsterDiver)](https://badgen.net/github/contributors/securing/DumpsterDiver)[![watchers](https://badgen.net/github/watchers/securing/DumpsterDiver)](https://badgen.net/github/watchers/securing/DumpsterDiver)[![last-commit](https://badgen.net/github/last-commit/securing/DumpsterDiver)](https://badgen.net/github/last-commit/securing/DumpsterDiver) [![open-issues](https://badgen.net/github/open-issues/securing/DumpsterDiver)](https://badgen.net/github/open-issues/securing/DumpsterDiver) [![closed-issues](https://badgen.net/github/closed-issues/securing/DumpsterDiver)](https://badgen.net/github/closed-issues/securing/DumpsterDiver) |

| **Mad-King** | [https://github.com/ThreatResponse/mad-king](https://github.com/ThreatResponse/mad-king) | Proof of Concept Zappa Based AWS Persistence and Attack Platform |[![stars](https://badgen.net/github/stars/ThreatResponse/mad-king)](https://badgen.net/github/stars/ThreatResponse/mad-king)| [![contributors](https://badgen.net/github/contributors/ThreatResponse/mad-king)](https://badgen.net/github/contributors/ThreatResponse/mad-king)[![watchers](https://badgen.net/github/watchers/ThreatResponse/mad-king)](https://badgen.net/github/watchers/ThreatResponse/mad-king)[![last-commit](https://badgen.net/github/last-commit/ThreatResponse/mad-king)](https://badgen.net/github/last-commit/ThreatResponse/mad-king) [![open-issues](https://badgen.net/github/open-issues/ThreatResponse/mad-king)](https://badgen.net/github/open-issues/ThreatResponse/mad-king) [![closed-issues](https://badgen.net/github/closed-issues/ThreatResponse/mad-king)](https://badgen.net/github/closed-issues/ThreatResponse/mad-king) |

| **Cloud-Nuke** | [https://github.com/gruntwork-io/cloud-nuke](https://github.com/gruntwork-io/cloud-nuke) | A tool for cleaning up your cloud accounts by nuking (deleting) all resources within it |[![stars](https://badgen.net/github/stars/gruntwork-io/cloud-nuke)](https://badgen.net/github/stars/gruntwork-io/cloud-nuke)| [![contributors](https://badgen.net/github/contributors/gruntwork-io/cloud-nuke)](https://badgen.net/github/contributors/gruntwork-io/cloud-nuke)[![watchers](https://badgen.net/github/watchers/gruntwork-io/cloud-nuke)](https://badgen.net/github/watchers/gruntwork-io/cloud-nuke)[![last-commit](https://badgen.net/github/last-commit/gruntwork-io/cloud-nuke)](https://badgen.net/github/last-commit/gruntwork-io/cloud-nuke) [![open-issues](https://badgen.net/github/open-issues/gruntwork-io/cloud-nuke)](https://badgen.net/github/open-issues/gruntwork-io/cloud-nuke) [![closed-issues](https://badgen.net/github/closed-issues/gruntwork-io/cloud-nuke)](https://badgen.net/github/closed-issues/gruntwork-io/cloud-nuke) |

| **MozDef - The Mozilla Defense Platform** | [https://github.com/mozilla/MozDef](https://github.com/mozilla/MozDef) | The Mozilla Defense Platform (MozDef) seeks to automate the security incident handling process and facilitate the real-time activities of incident handlers. |[![stars](https://badgen.net/github/stars/mozilla/MozDef)](https://badgen.net/github/stars/mozilla/MozDef)| [![contributors](https://badgen.net/github/contributors/mozilla/MozDef)](https://badgen.net/github/contributors/mozilla/MozDef)[![watchers](https://badgen.net/github/watchers/mozilla/MozDef)](https://badgen.net/github/watchers/mozilla/MozDef)[![last-commit](https://badgen.net/github/last-commit/mozilla/MozDef)](https://badgen.net/github/last-commit/mozilla/MozDef) [![open-issues](https://badgen.net/github/open-issues/mozilla/MozDef)](https://badgen.net/github/open-issues/mozilla/MozDef) [![closed-issues](https://badgen.net/github/closed-issues/mozilla/MozDef)](https://badgen.net/github/closed-issues/mozilla/MozDef) |

| **Lambda-Proxy** | [https://github.com/puresec/lambda-proxy](https://github.com/puresec/lambda-proxy) | A bridge between SQLMap and AWS Lambda  which lets you use SQLMap to natively test AWS Lambda functions for SQL Injection vulnerabilities. |[![stars](https://badgen.net/github/stars/puresec/lambda-proxy)](https://badgen.net/github/stars/puresec/lambda-proxy)| [![contributors](https://badgen.net/github/contributors/puresec/lambda-proxy)](https://badgen.net/github/contributors/puresec/lambda-proxy)[![watchers](https://badgen.net/github/watchers/puresec/lambda-proxy)](https://badgen.net/github/watchers/puresec/lambda-proxy)[![last-commit](https://badgen.net/github/last-commit/puresec/lambda-proxy)](https://badgen.net/github/last-commit/puresec/lambda-proxy) [![open-issues](https://badgen.net/github/open-issues/puresec/lambda-proxy)](https://badgen.net/github/open-issues/puresec/lambda-proxy) [![closed-issues](https://badgen.net/github/closed-issues/puresec/lambda-proxy)](https://badgen.net/github/closed-issues/puresec/lambda-proxy) |

| **CloudCopy** | [https://github.com/Static-Flow/CloudCopy](https://github.com/Static-Flow/CloudCopy) | Cloud version of the Shadow Copy attack against domain controllers running in AWS using only the EC2:CreateSnapshot permission |[![stars](https://badgen.net/github/stars/Static-Flow/CloudCopy)](https://badgen.net/github/stars/Static-Flow/CloudCopy)| [![contributors](https://badgen.net/github/contributors/Static-Flow/CloudCopy)](https://badgen.net/github/contributors/Static-Flow/CloudCopy)[![watchers](https://badgen.net/github/watchers/Static-Flow/CloudCopy)](https://badgen.net/github/watchers/Static-Flow/CloudCopy)[![last-commit](https://badgen.net/github/last-commit/Static-Flow/CloudCopy)](https://badgen.net/github/last-commit/Static-Flow/CloudCopy) [![open-issues](https://badgen.net/github/open-issues/Static-Flow/CloudCopy)](https://badgen.net/github/open-issues/Static-Flow/CloudCopy) [![closed-issues](https://badgen.net/github/closed-issues/Static-Flow/CloudCopy)](https://badgen.net/github/closed-issues/Static-Flow/CloudCopy) |

| **enumerate-iam** | [https://github.com/andresriancho/enumerate-iam](https://github.com/andresriancho/enumerate-iam) | Enumerate the permissions associated with AWS credential set |[![stars](https://badgen.net/github/stars/andresriancho/enumerate-iam)](https://badgen.net/github/stars/andresriancho/enumerate-iam)| [![contributors](https://badgen.net/github/contributors/andresriancho/enumerate-iam)](https://badgen.net/github/contributors/andresriancho/enumerate-iam)[![watchers](https://badgen.net/github/watchers/andresriancho/enumerate-iam)](https://badgen.net/github/watchers/andresriancho/enumerate-iam)[![last-commit](https://badgen.net/github/last-commit/andresriancho/enumerate-iam)](https://badgen.net/github/last-commit/andresriancho/enumerate-iam) [![open-issues](https://badgen.net/github/open-issues/andresriancho/enumerate-iam)](https://badgen.net/github/open-issues/andresriancho/enumerate-iam) [![closed-issues](https://badgen.net/github/closed-issues/andresriancho/enumerate-iam)](https://badgen.net/github/closed-issues/andresriancho/enumerate-iam) |

| **Barq** | [https://github.com/Voulnet/barq](https://github.com/Voulnet/barq) | A post-exploitation framework that allows you to easily perform attacks on a running AWS infrastructure |[![stars](https://badgen.net/github/stars/Voulnet/barq)](https://badgen.net/github/stars/Voulnet/barq)| [![contributors](https://badgen.net/github/contributors/Voulnet/barq)](https://badgen.net/github/contributors/Voulnet/barq)[![watchers](https://badgen.net/github/watchers/Voulnet/barq)](https://badgen.net/github/watchers/Voulnet/barq)[![last-commit](https://badgen.net/github/last-commit/Voulnet/barq)](https://badgen.net/github/last-commit/Voulnet/barq) [![open-issues](https://badgen.net/github/open-issues/Voulnet/barq)](https://badgen.net/github/open-issues/Voulnet/barq) [![closed-issues](https://badgen.net/github/closed-issues/Voulnet/barq)](https://badgen.net/github/closed-issues/Voulnet/barq) |

| **CCAT** | [https://github.com/RhinoSecurityLabs/ccat](https://github.com/RhinoSecurityLabs/ccat) | Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments |[![stars](https://badgen.net/github/stars/RhinoSecurityLabs/ccat)](https://badgen.net/github/stars/RhinoSecurityLabs/ccat)| [![contributors](https://badgen.net/github/contributors/RhinoSecurityLabs/ccat)](https://badgen.net/github/contributors/RhinoSecurityLabs/ccat)[![watchers](https://badgen.net/github/watchers/RhinoSecurityLabs/ccat)](https://badgen.net/github/watchers/RhinoSecurityLabs/ccat)[![last-commit](https://badgen.net/github/last-commit/RhinoSecurityLabs/ccat)](https://badgen.net/github/last-commit/RhinoSecurityLabs/ccat) [![open-issues](https://badgen.net/github/open-issues/RhinoSecurityLabs/ccat)](https://badgen.net/github/open-issues/RhinoSecurityLabs/ccat) [![closed-issues](https://badgen.net/github/closed-issues/RhinoSecurityLabs/ccat)](https://badgen.net/github/closed-issues/RhinoSecurityLabs/ccat) |

| **Dufflebag** | [https://github.com/bishopfox/dufflebag](https://github.com/bishopfox/dufflebag) | Search exposed EBS volumes for secrets | [![stars](https://badgen.net/github/stars/bishopfox/dufflebag)](https://badgen.net/github/stars/bishopfox/dufflebag) | [![contributors](https://badgen.net/github/contributors/bishopfox/dufflebag)](https://badgen.net/github/contributors/bishopfox/dufflebag) [![watchers](https://badgen.net/github/watchers/bishopfox/dufflebag)](https://badgen.net/github/watchers/bishopfox/dufflebag) [![last-commit](https://badgen.net/github/last-commit/bishopfox/dufflebag)](https://badgen.net/github/last-commit/bishopfox/dufflebag) [![open-issues](https://badgen.net/github/open-issues/bishopfox/dufflebag)](https://badgen.net/github/open-issues/bishopfox/dufflebag) [![closed-issues](https://badgen.net/github/closed-issues/bishopfox/dufflebag)](https://badgen.net/github/closed-issues/bishopfox/dufflebag) |

| **attack_range** | [https://github.com/splunk/attack_range](https://github.com/splunk/attack_range) | A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data into Splunk | [![stars](https://badgen.net/github/stars/splunk/attack_range)](https://badgen.net/github/stars/splunk/attack_range) | [![contributors](https://badgen.net/github/contributors/splunk/attack_range)](https://badgen.net/github/contributors/splunk/attack_range) [![watchers](https://badgen.net/github/watchers/splunk/attack_range)](https://badgen.net/github/watchers/splunk/attack_range) [![last-commit](https://badgen.net/github/last-commit/splunk/attack_range)](https://badgen.net/github/last-commit/splunk/attack_range) [![open-issues](https://badgen.net/github/open-issues/splunk/attack_range)](https://badgen.net/github/open-issues/splunk/attack_range) [![closed-issues](https://badgen.net/github/closed-issues/splunk/attack_range)](https://badgen.net/github/closed-issues/splunk/attack_range) |

| **whispers** | [https://github.com/Skyscanner/whispers](https://github.com/Skyscanner/whispers) | Identify hardcoded secrets and dangerous behaviours | [![stars](https://badgen.net/github/stars/Skyscanner/whispers)](https://badgen.net/github/stars/Skyscanner/whispers) | [![contributors](https://badgen.net/github/contributors/Skyscanner/whispers)](https://badgen.net/github/contributors/Skyscanner/whispers) [![watchers](https://badgen.net/github/watchers/Skyscanner/whispers)](https://badgen.net/github/watchers/Skyscanner/whispers) [![last-commit](https://badgen.net/github/last-commit/Skyscanner/whispers)](https://badgen.net/github/last-commit/Skyscanner/whispers) [![open-issues](https://badgen.net/github/open-issues/Skyscanner/whispers)](https://badgen.net/github/open-issues/Skyscanner/whispers) [![closed-issues](https://badgen.net/github/closed-issues/Skyscanner/whispers)](https://badgen.net/github/closed-issues/Skyscanner/whispers) |

| **Redboto** | [https://github.com/elitest/Redboto](https://github.com/elitest/Redboto) | Red Team AWS Scripts | [![stars](https://badgen.net/github/stars/elitest/Redboto)](https://badgen.net/github/stars/elitest/Redboto) | [![contributors](https://badgen.net/github/contributors/elitest/Redboto)](https://badgen.net/github/contributors/elitest/Redboto) [![watchers](https://badgen.net/github/watchers/elitest/Redboto)](https://badgen.net/github/watchers/elitest/Redboto) [![last-commit](https://badgen.net/github/last-commit/elitest/Redboto)](https://badgen.net/github/last-commit/elitest/Redboto) [![open-issues](https://badgen.net/github/open-issues/elitest/Redboto)](https://badgen.net/github/open-issues/elitest/Redboto) [![closed-issues](https://badgen.net/github/closed-issues/elitest/Redboto)](https://badgen.net/github/closed-issues/elitest/Redboto) |

| **CloudBrute** | [https://github.com/0xsha/cloudbrute](https://github.com/0xsha/cloudbrute) | A tool to find a company (target) infrastructure, files, and apps on the top cloud providers | [![stars](https://badgen.net/github/stars/0xsha/cloudbrute)](https://badgen.net/github/stars/0xsha/cloudbrute) | [![contributors](https://badgen.net/github/contributors/0xsha/cloudbrute)](https://badgen.net/github/contributors/0xsha/cloudbrute) [![watchers](https://badgen.net/github/watchers/0xsha/cloudbrute)](https://badgen.net/github/watchers/0xsha/cloudbrute) [![last-commit](https://badgen.net/github/last-commit/0xsha/cloudbrute)](https://badgen.net/github/last-commit/0xsha/cloudbrute) [![open-issues](https://badgen.net/github/open-issues/0xsha/cloudbrute)](https://badgen.net/github/open-issues/0xsha/cloudbrute) [![closed-issues](https://badgen.net/github/closed-issues/0xsha/cloudbrute)](https://badgen.net/github/closed-issues/0xsha/cloudbrute) |



## Continuous Security Auditing

| Name | URL | Description | Popularity | Metadata |

| ---------- | :---------- | :---------- | :----------: | :----------: |

| **Security Monkey** | [https://github.com/Netflix/security_monkey](https://github.com/Netflix/security_monkey) |  |[![stars](https://badgen.net/github/stars/Netflix/security_monkey)](https://badgen.net/github/stars/Netflix/security_monkey)| [![contributors](https://badgen.net/github/contributors/Netflix/security_monkey)](https://badgen.net/github/contributors/Netflix/security_monkey)[![watchers](https://badgen.net/github/watchers/Netflix/security_monkey)](https://badgen.net/github/watchers/Netflix/security_monkey)[![last-commit](https://badgen.net/github/last-commit/Netflix/security_monkey)](https://badgen.net/github/last-commit/Netflix/security_monkey) [![open-issues](https://badgen.net/github/open-issues/Netflix/security_monkey)](https://badgen.net/github/open-issues/Netflix/security_monkey) [![closed-issues](https://badgen.net/github/closed-issues/Netflix/security_monkey)](https://badgen.net/github/closed-issues/Netflix/security_monkey) |

| **Krampus** | [https://github.com/sendgrid/krampus](https://github.com/sendgrid/krampus) |  |[![stars](https://badgen.net/github/stars/sendgrid/krampus)](https://badgen.net/github/stars/sendgrid/krampus)| [![contributors](https://badgen.net/github/contributors/sendgrid/krampus)](https://badgen.net/github/contributors/sendgrid/krampus)[![watchers](https://badgen.net/github/watchers/sendgrid/krampus)](https://badgen.net/github/watchers/sendgrid/krampus)[![last-commit](https://badgen.net/github/last-commit/sendgrid/krampus)](https://badgen.net/github/last-commit/sendgrid/krampus) [![open-issues](https://badgen.net/github/open-issues/sendgrid/krampus)](https://badgen.net/github/open-issues/sendgrid/krampus) [![closed-issues](https://badgen.net/github/closed-issues/sendgrid/krampus)](https://badgen.net/github/closed-issues/sendgrid/krampus) |

| **Cloud Inquisitor** | [https://github.com/RiotGames/cloud-inquisitor](https://github.com/RiotGames/cloud-inquisitor) |  |[![stars](https://badgen.net/github/stars/RiotGames/cloud-inquisitor)](https://badgen.net/github/stars/RiotGames/cloud-inquisitor)| [![contributors](https://badgen.net/github/contributors/RiotGames/cloud-inquisitor)](https://badgen.net/github/contributors/RiotGames/cloud-inquisitor)[![watchers](https://badgen.net/github/watchers/RiotGames/cloud-inquisitor)](https://badgen.net/github/watchers/RiotGames/cloud-inquisitor)[![last-commit](https://badgen.net/github/last-commit/RiotGames/cloud-inquisitor)](https://badgen.net/github/last-commit/RiotGames/cloud-inquisitor) [![open-issues](https://badgen.net/github/open-issues/RiotGames/cloud-inquisitor)](https://badgen.net/github/open-issues/RiotGames/cloud-inquisitor) [![closed-issues](https://badgen.net/github/closed-issues/RiotGames/cloud-inquisitor)](https://badgen.net/github/closed-issues/RiotGames/cloud-inquisitor) |

| **CloudCustodian** | [https://github.com/cloud-custodian/cloud-custodian/](https://github.com/cloud-custodian/cloud-custodian/) | Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources |[![stars](https://badgen.net/github/stars/cloud-custodian/cloud-custodian/)](https://badgen.net/github/stars/cloud-custodian/cloud-custodian/)| [![contributors](https://badgen.net/github/contributors/cloud-custodian/cloud-custodian/)](https://badgen.net/github/contributors/cloud-custodian/cloud-custodian/)[![watchers](https://badgen.net/github/watchers/cloud-custodian/cloud-custodian/)](https://badgen.net/github/watchers/cloud-custodian/cloud-custodian/)[![last-commit](https://badgen.net/github/last-commit/cloud-custodian/cloud-custodian/)](https://badgen.net/github/last-commit/cloud-custodian/cloud-custodian/) [![open-issues](https://badgen.net/github/open-issues/cloud-custodian/cloud-custodian/)](https://badgen.net/github/open-issues/cloud-custodian/cloud-custodian/) [![closed-issues](https://badgen.net/github/closed-issues/cloud-custodian/cloud-custodian/)](https://badgen.net/github/closed-issues/cloud-custodian/cloud-custodian/) |

| **Disable keys after X days** | [https://github.com/te-papa/aws-key-disabler](https://github.com/te-papa/aws-key-disabler) |  |[![stars](https://badgen.net/github/stars/te-papa/aws-key-disabler)](https://badgen.net/github/stars/te-papa/aws-key-disabler)| [![contributors](https://badgen.net/github/contributors/te-papa/aws-key-disabler)](https://badgen.net/github/contributors/te-papa/aws-key-disabler)[![watchers](https://badgen.net/github/watchers/te-papa/aws-key-disabler)](https://badgen.net/github/watchers/te-papa/aws-key-disabler)[![last-commit](https://badgen.net/github/last-commit/te-papa/aws-key-disabler)](https://badgen.net/github/last-commit/te-papa/aws-key-disabler) [![open-issues](https://badgen.net/github/open-issues/te-papa/aws-key-disabler)](https://badgen.net/github/open-issues/te-papa/aws-key-disabler) [![closed-issues](https://badgen.net/github/closed-issues/te-papa/aws-key-disabler)](https://badgen.net/github/closed-issues/te-papa/aws-key-disabler) |

| **Repokid Least Privilege** | [https://github.com/Netflix/repokid](https://github.com/Netflix/repokid) |  |[![stars](https://badgen.net/github/stars/Netflix/repokid)](https://badgen.net/github/stars/Netflix/repokid)| [![contributors](https://badgen.net/github/contributors/Netflix/repokid)](https://badgen.net/github/contributors/Netflix/repokid)[![watchers](https://badgen.net/github/watchers/Netflix/repokid)](https://badgen.net/github/watchers/Netflix/repokid)[![last-commit](https://badgen.net/github/last-commit/Netflix/repokid)](https://badgen.net/github/last-commit/Netflix/repokid) [![open-issues](https://badgen.net/github/open-issues/Netflix/repokid)](https://badgen.net/github/open-issues/Netflix/repokid) [![closed-issues](https://badgen.net/github/closed-issues/Netflix/repokid)](https://badgen.net/github/closed-issues/Netflix/repokid) |

| **Wazuh CloudTrail module** | [https://github.com/wazuh/wazuh](https://github.com/wazuh/wazuh) |  |[![stars](https://badgen.net/github/stars/wazuh/wazuh)](https://badgen.net/github/stars/wazuh/wazuh)| [![contributors](https://badgen.net/github/contributors/wazuh/wazuh)](https://badgen.net/github/contributors/wazuh/wazuh)[![watchers](https://badgen.net/github/watchers/wazuh/wazuh)](https://badgen.net/github/watchers/wazuh/wazuh)[![last-commit](https://badgen.net/github/last-commit/wazuh/wazuh)](https://badgen.net/github/last-commit/wazuh/wazuh) [![open-issues](https://badgen.net/github/open-issues/wazuh/wazuh)](https://badgen.net/github/open-issues/wazuh/wazuh) [![closed-issues](https://badgen.net/github/closed-issues/wazuh/wazuh)](https://badgen.net/github/closed-issues/wazuh/wazuh) |

| **Hammer** | [https://github.com/dowjones/hammer](https://github.com/dowjones/hammer) |  |[![stars](https://badgen.net/github/stars/dowjones/hammer)](https://badgen.net/github/stars/dowjones/hammer)| [![contributors](https://badgen.net/github/contributors/dowjones/hammer)](https://badgen.net/github/contributors/dowjones/hammer)[![watchers](https://badgen.net/github/watchers/dowjones/hammer)](https://badgen.net/github/watchers/dowjones/hammer)[![last-commit](https://badgen.net/github/last-commit/dowjones/hammer)](https://badgen.net/github/last-commit/dowjones/hammer) [![open-issues](https://badgen.net/github/open-issues/dowjones/hammer)](https://badgen.net/github/open-issues/dowjones/hammer) [![closed-issues](https://badgen.net/github/closed-issues/dowjones/hammer)](https://badgen.net/github/closed-issues/dowjones/hammer) |

| **Streamalert** | [https://github.com/airbnb/streamalert](https://github.com/airbnb/streamalert) |  |[![stars](https://badgen.net/github/stars/airbnb/streamalert)](https://badgen.net/github/stars/airbnb/streamalert)| [![contributors](https://badgen.net/github/contributors/airbnb/streamalert)](https://badgen.net/github/contributors/airbnb/streamalert)[![watchers](https://badgen.net/github/watchers/airbnb/streamalert)](https://badgen.net/github/watchers/airbnb/streamalert)[![last-commit](https://badgen.net/github/last-commit/airbnb/streamalert)](https://badgen.net/github/last-commit/airbnb/streamalert) [![open-issues](https://badgen.net/github/open-issues/airbnb/streamalert)](https://badgen.net/github/open-issues/airbnb/streamalert) [![closed-issues](https://badgen.net/github/closed-issues/airbnb/streamalert)](https://badgen.net/github/closed-issues/airbnb/streamalert) |

| **Billing Alerts CFN templates** | [https://github.com/btkrausen/AWS](https://github.com/btkrausen/AWS) |  |[![stars](https://badgen.net/github/stars/btkrausen/AWS)](https://badgen.net/github/stars/btkrausen/AWS)| [![contributors](https://badgen.net/github/contributors/btkrausen/AWS)](https://badgen.net/github/contributors/btkrausen/AWS)[![watchers](https://badgen.net/github/watchers/btkrausen/AWS)](https://badgen.net/github/watchers/btkrausen/AWS)[![last-commit](https://badgen.net/github/last-commit/btkrausen/AWS)](https://badgen.net/github/last-commit/btkrausen/AWS) [![open-issues](https://badgen.net/github/open-issues/btkrausen/AWS)](https://badgen.net/github/open-issues/btkrausen/AWS) [![closed-issues](https://badgen.net/github/closed-issues/btkrausen/AWS)](https://badgen.net/github/closed-issues/btkrausen/AWS) |

| **Watchmen** | [https://github.com/iagcl/watchmen](https://github.com/iagcl/watchmen) | AWS account compliance using centrally managed Config Rules |[![stars](https://badgen.net/github/stars/iagcl/watchmen)](https://badgen.net/github/stars/iagcl/watchmen)| [![contributors](https://badgen.net/github/contributors/iagcl/watchmen)](https://badgen.net/github/contributors/iagcl/watchmen)[![watchers](https://badgen.net/github/watchers/iagcl/watchmen)](https://badgen.net/github/watchers/iagcl/watchmen)[![last-commit](https://badgen.net/github/last-commit/iagcl/watchmen)](https://badgen.net/github/last-commit/iagcl/watchmen) [![open-issues](https://badgen.net/github/open-issues/iagcl/watchmen)](https://badgen.net/github/open-issues/iagcl/watchmen) [![closed-issues](https://badgen.net/github/closed-issues/iagcl/watchmen)](https://badgen.net/github/closed-issues/iagcl/watchmen) |

| **ElectricEye** | [https://github.com/jonrau1/ElectricEye](https://github.com/jonrau1/ElectricEye) | Continuously monitor your AWS services for configurations that can lead to degradation of confidentiality, integrity or availability | [![stars](https://badgen.net/github/stars/jonrau1/ElectricEye)](https://badgen.net/github/stars/jonrau1/ElectricEye) | [![contributors](https://badgen.net/github/contributors/jonrau1/ElectricEye)](https://badgen.net/github/contributors/jonrau1/ElectricEye) [![watchers](https://badgen.net/github/watchers/jonrau1/ElectricEye)](https://badgen.net/github/watchers/jonrau1/ElectricEye) [![last-commit](https://badgen.net/github/last-commit/jonrau1/ElectricEye)](https://badgen.net/github/last-commit/jonrau1/ElectricEye) [![open-issues](https://badgen.net/github/open-issues/jonrau1/ElectricEye)](https://badgen.net/github/open-issues/jonrau1/ElectricEye) [![closed-issues](https://badgen.net/github/closed-issues/jonrau1/ElectricEye)](https://badgen.net/github/closed-issues/jonrau1/ElectricEye) |

| **SyntheticSun** | [https://github.com/jonrau1/SyntheticSun](https://github.com/jonrau1/SyntheticSun) | a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, managed AWS security services and, serverless technologies to continuously prevent, detect and respond to threats | [![stars](https://badgen.net/github/stars/jonrau1/SyntheticSun)](https://badgen.net/github/stars/jonrau1/SyntheticSun) | [![contributors](https://badgen.net/github/contributors/jonrau1/SyntheticSun)](https://badgen.net/github/contributors/jonrau1/SyntheticSun) [![watchers](https://badgen.net/github/watchers/jonrau1/SyntheticSun)](https://badgen.net/github/watchers/jonrau1/SyntheticSun) [![last-commit](https://badgen.net/github/last-commit/jonrau1/SyntheticSun)](https://badgen.net/github/last-commit/jonrau1/SyntheticSun) [![open-issues](https://badgen.net/github/open-issues/jonrau1/SyntheticSun)](https://badgen.net/github/open-issues/jonrau1/SyntheticSun) [![closed-issues](https://badgen.net/github/closed-issues/jonrau1/SyntheticSun)](https://badgen.net/github/closed-issues/jonrau1/SyntheticSun) |

| **CloudQuery** | [https://github.com/cloudquery/cloudquery/](https://github.com/cloudquery/cloudquery/) | cloudquery exposes your cloud configuration and metadata as sql tables, providing powerful analysis and monitoring for compliance and security |[![stars](https://badgen.net/github/stars/cloudquery/cloudquery/)](https://badgen.net/github/stars/cloudquery/cloudquery/)| [![contributors](https://badgen.net/github/contributors/cloudquery/cloudquery/)](https://badgen.net/github/contributors/cloudquery/cloudquery/)[![watchers](https://badgen.net/github/watchers/cloudquery/cloudquery/)](https://badgen.net/github/watchers/cloudquery/cloudquery/)[![last-commit](https://badgen.net/github/last-commit/cloudquery/cloudquery/)](https://badgen.net/github/last-commit/cloudquery/cloudquery/) [![open-issues](https://badgen.net/github/open-issues/cloudquery/cloudquery/)](https://badgen.net/github/open-issues/cloudquery/cloudquery/) [![closed-issues](https://badgen.net/github/closed-issues/cloudquery/cloudquery/)](https://badgen.net/github/closed-issues/cloudquery/cloudquery/) |

| **PrismX** | [https://github.com/omaidf/PrismX](https://github.com/omaidf/PrismX) | Cloud Security Dashboard for AWS - based on ScoutSuite | [![stars](https://badgen.net/github/stars/omaidf/PrismX)](https://badgen.net/github/stars/omaidf/PrismX) | [![contributors](https://badgen.net/github/contributors/omaidf/PrismX)](https://badgen.net/github/contributors/omaidf/PrismX) [![watchers](https://badgen.net/github/watchers/omaidf/PrismX)](https://badgen.net/github/watchers/omaidf/PrismX) [![last-commit](https://badgen.net/github/last-commit/omaidf/PrismX)](https://badgen.net/github/last-commit/omaidf/PrismX) [![open-issues](https://badgen.net/github/open-issues/omaidf/PrismX)](https://badgen.net/github/open-issues/omaidf/PrismX) [![closed-issues](https://badgen.net/github/closed-issues/omaidf/PrismX)](https://badgen.net/github/closed-issues/omaidf/PrismX) |



## Digital Forensics and Incident Response

| Name | URL | Description | Popularity | Metadata |

| ---------- | :---------- | :---------- | :----------: | :----------: |

| **AWS IR** | [https://github.com/ThreatResponse/aws_ir](https://github.com/ThreatResponse/aws_ir) | AWS specific Incident Response and Forensics Tool |[![stars](https://badgen.net/github/stars/ThreatResponse/aws_ir)](https://badgen.net/github/stars/ThreatResponse/aws_ir)| [![contributors](https://badgen.net/github/contributors/ThreatResponse/aws_ir)](https://badgen.net/github/contributors/ThreatResponse/aws_ir)[![watchers](https://badgen.net/github/watchers/ThreatResponse/aws_ir)](https://badgen.net/github/watchers/ThreatResponse/aws_ir)[![last-commit](https://badgen.net/github/last-commit/ThreatResponse/aws_ir)](https://badgen.net/github/last-commit/ThreatResponse/aws_ir) [![open-issues](https://badgen.net/github/open-issues/ThreatResponse/aws_ir)](https://badgen.net/github/open-issues/ThreatResponse/aws_ir) [![closed-issues](https://badgen.net/github/closed-issues/ThreatResponse/aws_ir)](https://badgen.net/github/closed-issues/ThreatResponse/aws_ir) |

| **Margaritashotgun** | [https://github.com/ThreatResponse/margaritashotgun](https://github.com/ThreatResponse/margaritashotgun) | Linux memory remote acquisition tool |[![stars](https://badgen.net/github/stars/ThreatResponse/margaritashotgun)](https://badgen.net/github/stars/ThreatResponse/margaritashotgun)| [![contributors](https://badgen.net/github/contributors/ThreatResponse/margaritashotgun)](https://badgen.net/github/contributors/ThreatResponse/margaritashotgun)[![watchers](https://badgen.net/github/watchers/ThreatResponse/margaritashotgun)](https://badgen.net/github/watchers/ThreatResponse/margaritashotgun)[![last-commit](https://badgen.net/github/last-commit/ThreatResponse/margaritashotgun)](https://badgen.net/github/last-commit/ThreatResponse/margaritashotgun) [![open-issues](https://badgen.net/github/open-issues/ThreatResponse/margaritashotgun)](https://badgen.net/github/open-issues/ThreatResponse/margaritashotgun) [![closed-issues](https://badgen.net/github/closed-issues/ThreatResponse/margaritashotgun)](https://badgen.net/github/closed-issues/ThreatResponse/margaritashotgun) |

| **Diffy** | [https://github.com/Netflix-Skunkworks/diffy](https://github.com/Netflix-Skunkworks/diffy) | Triage tool used during cloud-centric security incidents |[![stars](https://badgen.net/github/stars/Netflix-Skunkworks/diffy)](https://badgen.net/github/stars/Netflix-Skunkworks/diffy)| [![contributors](https://badgen.net/github/contributors/Netflix-Skunkworks/diffy)](https://badgen.net/github/contributors/Netflix-Skunkworks/diffy)[![watchers](https://badgen.net/github/watchers/Netflix-Skunkworks/diffy)](https://badgen.net/github/watchers/Netflix-Skunkworks/diffy)[![last-commit](https://badgen.net/github/last-commit/Netflix-Skunkworks/diffy)](https://badgen.net/github/last-commit/Netflix-Skunkworks/diffy) [![open-issues](https://badgen.net/github/open-issues/Netflix-Skunkworks/diffy)](https://badgen.net/github/open-issues/Netflix-Skunkworks/diffy) [![closed-issues](https://badgen.net/github/closed-issues/Netflix-Skunkworks/diffy)](https://badgen.net/github/closed-issues/Netflix-Skunkworks/diffy) |

| **AWS Security Automation** | [https://github.com/awslabs/aws-security-automation](https://github.com/awslabs/aws-security-automation) | AWS scripts and resources for DevSecOps and automated incident response |[![stars](https://badgen.net/github/stars/awslabs/aws-security-automation)](https://badgen.net/github/stars/awslabs/aws-security-automation)| [![contributors](https://badgen.net/github/contributors/awslabs/aws-security-automation)](https://badgen.net/github/contributors/awslabs/aws-security-automation)[![watchers](https://badgen.net/github/watchers/awslabs/aws-security-automation)](https://badgen.net/github/watchers/awslabs/aws-security-automation)[![last-commit](https://badgen.net/github/last-commit/awslabs/aws-security-automation)](https://badgen.net/github/last-commit/awslabs/aws-security-automation) [![open-issues](https://badgen.net/github/open-issues/awslabs/aws-security-automation)](https://badgen.net/github/open-issues/awslabs/aws-security-automation) [![closed-issues](https://badgen.net/github/closed-issues/awslabs/aws-security-automation)](https://badgen.net/github/closed-issues/awslabs/aws-security-automation) |

| **GDPatrol** | [https://github.com/ansorren/GDPatrol](https://github.com/ansorren/GDPatrol) | Automated Incident Response based off AWS GuardDuty findings |[![stars](https://badgen.net/github/stars/ansorren/GDPatrol)](https://badgen.net/github/stars/ansorren/GDPatrol)| [![contributors](https://badgen.net/github/contributors/ansorren/GDPatrol)](https://badgen.net/github/contributors/ansorren/GDPatrol)[![watchers](https://badgen.net/github/watchers/ansorren/GDPatrol)](https://badgen.net/github/watchers/ansorren/GDPatrol)[![last-commit](https://badgen.net/github/last-commit/ansorren/GDPatrol)](https://badgen.net/github/last-commit/ansorren/GDPatrol) [![open-issues](https://badgen.net/github/open-issues/ansorren/GDPatrol)](https://badgen.net/github/open-issues/ansorren/GDPatrol) [![closed-issues](https://badgen.net/github/closed-issues/ansorren/GDPatrol)](https://badgen.net/github/closed-issues/ansorren/GDPatrol) |

| **AWSlog** | [https://github.com/jaksi/awslog](https://github.com/jaksi/awslog) | Show the history and changes between configuration versions of AWS resources using AWS Config  |[![stars](https://badgen.net/github/stars/jaksi/awslog)](https://badgen.net/github/stars/jaksi/awslog)| [![contributors](https://badgen.net/github/contributors/jaksi/awslog)](https://badgen.net/github/contributors/jaksi/awslog)[![watchers](https://badgen.net/github/watchers/jaksi/awslog)](https://badgen.net/github/watchers/jaksi/awslog)[![last-commit](https://badgen.net/github/last-commit/jaksi/awslog)](https://badgen.net/github/last-commit/jaksi/awslog) [![open-issues](https://badgen.net/github/open-issues/jaksi/awslog)](https://badgen.net/github/open-issues/jaksi/awslog) [![closed-issues](https://badgen.net/github/closed-issues/jaksi/awslog)](https://badgen.net/github/closed-issues/jaksi/awslog) |

| **AWS_Responder** | [https://github.com/prolsen/aws_responder](https://github.com/prolsen/aws_responder) | AWS Digital Forensic and Incident Response (DFIR) Response Python Scripts |[![stars](https://badgen.net/github/stars/prolsen/aws_responder)](https://badgen.net/github/stars/prolsen/aws_responder)| [![contributors](https://badgen.net/github/contributors/prolsen/aws_responder)](https://badgen.net/github/contributors/prolsen/aws_responder)[![watchers](https://badgen.net/github/watchers/prolsen/aws_responder)](https://badgen.net/github/watchers/prolsen/aws_responder)[![last-commit](https://badgen.net/github/last-commit/prolsen/aws_responder)](https://badgen.net/github/last-commit/prolsen/aws_responder) [![open-issues](https://badgen.net/github/open-issues/prolsen/aws_responder)](https://badgen.net/github/open-issues/prolsen/aws_responder) [![closed-issues](https://badgen.net/github/closed-issues/prolsen/aws_responder)](https://badgen.net/github/closed-issues/prolsen/aws_responder) |

| **SSM-Acquire** | [https://github.com/mozilla/ssm-acquire](https://github.com/mozilla/ssm-acquire) | A python module for orchestrating content acquisitions and analysis via Amazon SSM |[![stars](https://badgen.net/github/stars/mozilla/ssm-acquire)](https://badgen.net/github/stars/mozilla/ssm-acquire)| [![contributors](https://badgen.net/github/contributors/mozilla/ssm-acquire)](https://badgen.net/github/contributors/mozilla/ssm-acquire)[![watchers](https://badgen.net/github/watchers/mozilla/ssm-acquire)](https://badgen.net/github/watchers/mozilla/ssm-acquire)[![last-commit](https://badgen.net/github/last-commit/mozilla/ssm-acquire)](https://badgen.net/github/last-commit/mozilla/ssm-acquire) [![open-issues](https://badgen.net/github/open-issues/mozilla/ssm-acquire)](https://badgen.net/github/open-issues/mozilla/ssm-acquire) [![closed-issues](https://badgen.net/github/closed-issues/mozilla/ssm-acquire)](https://badgen.net/github/closed-issues/mozilla/ssm-acquire) |

| **cloudtrail-partitioner** | [https://github.com/duo-labs/cloudtrail-partitioner](https://github.com/duo-labs/cloudtrail-partitioner) | This project sets up partitioned Athena tables for your CloudTrail logs and updates the partitions nightly. Makes CloudTrail logs queries easier. | [![stars](https://badgen.net/github/stars/duo-labs/cloudtrail-partitioner)](https://badgen.net/github/stars/duo-labs/cloudtrail-partitioner)| [![contributors](https://badgen.net/github/contributors/duo-labs/cloudtrail-partitioner)](https://badgen.net/github/contributors/duo-labs/cloudtrail-partitioner)[![watchers](https://badgen.net/github/watchers/duo-labs/cloudtrail-partitioner)](https://badgen.net/github/watchers/duo-labs/cloudtrail-partitioner)[![last-commit](https://badgen.net/github/last-commit/duo-labs/cloudtrail-partitioner)](https://badgen.net/github/last-commit/duo-labs/cloudtrail-partitioner) [![open-issues](https://badgen.net/github/open-issues/duo-labs/cloudtrail-partitioner)](https://badgen.net/github/open-issues/duo-labs/cloudtrail-partitioner) [![closed-issues](https://badgen.net/github/closed-issues/duo-labs/cloudtrail-partitioner)](https://badgen.net/github/closed-issues/duo-labs/cloudtrail-partitioner) |

| **fargate-ir** | [https://github.com/andrewkrug/fargate-ir](https://github.com/andrewkrug/fargate-ir) | Proof of concept incident response demo using SSM and AWS Fargate. |[![stars](https://badgen.net/github/stars/andrewkrug/fargate-ir)](https://badgen.net/github/stars/andrewkrug/fargate-ir)| [![contributors](https://badgen.net/github/contributors/andrewkrug/fargate-ir)](https://badgen.net/github/contributors/andrewkrug/fargate-ir) [![watchers](https://badgen.net/github/watchers/andrewkrug/fargate-ir)](https://badgen.net/github/watchers/andrewkrug/fargate-ir) [![last-commit](https://badgen.net/github/last-commit/andrewkrug/fargate-ir)](https://badgen.net/github/last-commit/andrewkrug/fargate-ir) [![open-issues](https://badgen.net/github/open-issues/andrewkrug/fargate-ir)](https://badgen.net/github/open-issues/andrewkrug/fargate-ir) [![closed-issues](https://badgen.net/github/closed-issues/andrewkrug/fargate-ir)](https://badgen.net/github/closed-issues/andrewkrug/fargate-ir) |

| **aws-logsearch** | [https://github.com/endgameinc/aws-logsearch](https://github.com/endgameinc/aws-logsearch) | Search AWS CloudWatch logs all at once on the command line. | [![stars](https://badgen.net/github/stars/endgameinc/aws-logsearch)](https://badgen.net/github/stars/endgameinc/aws-logsearch) | [![contributors](https://badgen.net/github/contributors/endgameinc/aws-logsearch)](https://badgen.net/github/contributors/endgameinc/aws-logsearch) [![watchers](https://badgen.net/github/watchers/endgameinc/aws-logsearch)](https://badgen.net/github/watchers/endgameinc/aws-logsearch) [![last-commit](https://badgen.net/github/last-commit/endgameinc/aws-logsearch)](https://badgen.net/github/last-commit/endgameinc/aws-logsearch) [![open-issues](https://badgen.net/github/open-issues/endgameinc/aws-logsearch)](https://badgen.net/github/open-issues/endgameinc/aws-logsearch) [![closed-issues](https://badgen.net/github/closed-issues/endgameinc/aws-logsearch)](https://badgen.net/github/closed-issues/endgameinc/aws-logsearch) |

| **Varna** | [https://github.com/endgameinc/varna](https://github.com/endgameinc/varna) | Quick & Cheap AWS CloudTrail Monitoring with Event Query Language (EQL) | [![stars](https://badgen.net/github/stars/endgameinc/varna)](https://badgen.net/github/stars/endgameinc/varna) | [![contributors](https://badgen.net/github/contributors/endgameinc/varna)](https://badgen.net/github/contributors/endgameinc/varna) [![watchers](https://badgen.net/github/watchers/endgameinc/varna)](https://badgen.net/github/watchers/endgameinc/varna) [![last-commit](https://badgen.net/github/last-commit/endgameinc/varna)](https://badgen.net/github/last-commit/endgameinc/varna) [![open-issues](https://badgen.net/github/open-issues/endgameinc/varna)](https://badgen.net/github/open-issues/endgameinc/varna) [![closed-issues](https://badgen.net/github/closed-issues/endgameinc/varna)](https://badgen.net/github/closed-issues/endgameinc/varna) |

| **aws-auto-remediate** | [https://github.com/servian/aws-auto-remediate](https://github.com/servian/aws-auto-remediate) | Open source application to instantly remediate common security issues through the use of AWS Config  | [![stars](https://badgen.net/github/stars/servian/aws-auto-remediate)](https://badgen.net/github/stars/servian/aws-auto-remediate) | [![contributors](https://badgen.net/github/contributors/servian/aws-auto-remediate)](https://badgen.net/github/contributors/servian/aws-auto-remediate) [![watchers](https://badgen.net/github/watchers/servian/aws-auto-remediate)](https://badgen.net/github/watchers/servian/aws-auto-remediate) [![last-commit](https://badgen.net/github/last-commit/servian/aws-auto-remediate)](https://badgen.net/github/last-commit/servian/aws-auto-remediate) [![open-issues](https://badgen.net/github/open-issues/servian/aws-auto-remediate)](https://badgen.net/github/open-issues/servian/aws-auto-remediate) [![closed-issues](https://badgen.net/github/closed-issues/servian/aws-auto-remediate)](https://badgen.net/github/closed-issues/servian/aws-auto-remediate) |

| **panther-labs** | [https://github.com/panther-labs/panther](https://github.com/panther-labs/panther) | Detect threats with log data and improve cloud security posture | [![stars](https://badgen.net/github/stars/panther-labs/panther)](https://badgen.net/github/stars/panther-labs/panther) | [![contributors](https://badgen.net/github/contributors/panther-labs/panther)](https://badgen.net/github/contributors/panther-labs/panther) [![watchers](https://badgen.net/github/watchers/panther-labs/panther)](https://badgen.net/github/watchers/panther-labs/panther) [![last-commit](htt