https://github.com/toniblyx/my-arsenal-of-aws-security-tools

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
https://github.com/toniblyx/my-arsenal-of-aws-security-tools

auditing aws-infrastructure aws-inventory aws-lambda cloud cloudtrail dfir iam incident-response security security-tools

Last synced: about 1 hour ago
JSON representation

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

• Host: GitHub
• URL: https://github.com/toniblyx/my-arsenal-of-aws-security-tools
• Owner: toniblyx
• License: apache-2.0
• Created: 2018-07-18T19:48:36.000Z (over 6 years ago)
• Default Branch: master
• Last Pushed: 2024-10-28T13:25:26.000Z (4 months ago)
• Last Synced: 2025-02-04T10:31:28.305Z (7 days ago)
• Topics: auditing, aws-infrastructure, aws-inventory, aws-lambda, cloud, cloudtrail, dfir, iam, incident-response, security, security-tools
• Language: Shell
• Size: 281 KB
• Stars: 9,063
• Watchers: 397
• Forks: 1,536
• Open Issues: 1
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

• awesome-DevOpsSec - my-arsenal-of-aws-security-tools - List of open source tools for AWS security (Tools / AWS)
• fucking-lists - my-arsenal-of-aws-security-tools
• awesome-aws-research - Open Source security tools for AWS
• lists - my-arsenal-of-aws-security-tools
• awesome-aws-security - Arsenal of AWS Security Tools - Collection of all security category tools and products (Tools of Trade)
• awesome-cloud-sec - toniblyx/my-arsenal-of-aws-security-tools
• awesome-technative - AWS Security Tools - List of OSS tools for AWS security: defensive, offensive, auditing, DFIR, etc... [](https://badgen.net/github/stars/toniblyx/my-arsenal-of-aws-security-tools) (Other Awesome Lists / Terraform)
• awesome-devsecops-russia - My-arsenal-of-aws-security-tools
• awesome-security-collection - **3301**星
• awesome-hacking-lists - toniblyx/my-arsenal-of-aws-security-tools - List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc. (Shell)

README

        

## Table of Contents

- [Contribute](#contribute)

- [Defensive](#defensive-hardening-security-assessment-and-inventory)

- [Offensive](#offensive)

- [Purple Teaming & Adversary Emulation](#purple-teaming--adversary-emulation)

- [Continuous Security Auditing](#continuous-security-auditing)

- [Digital Forensics and Incident Response](#digital-forensics-and-incident-response)

- [Development Security](#development-security)

- [S3 Buckets Auditing](#s3-buckets-auditing)

- [Training](#training)

- [Other interesting tools/code](#other-interesting-toolscode)

## Contribute

Do you want to contribute to this list? Feel free to send a PR and make sure your tool is [Open Source](https://en.wikipedia.org/wiki/Open_source).

| Name | Description | Popularity | Metadata |

| ---------- | :---------- | :----------: | :----------: |

| **[My Arsenal of AWS Security Tools](https://github.com/toniblyx/my-arsenal-of-aws-security-tools)** | This list of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.|[![stars](https://badgen.net/github/stars/toniblyx/my-arsenal-of-aws-security-tools)](https://badgen.net/github/stars/toniblyx/my-arsenal-of-aws-security-tools)| [![contributors](https://badgen.net/github/contributors/toniblyx/my-arsenal-of-aws-security-tools)](https://badgen.net/github/contributors/toniblyx/my-arsenal-of-aws-security-tools) [![watchers](https://badgen.net/github/watchers/toniblyx/my-arsenal-of-aws-security-tools)](https://badgen.net/github/watchers/toniblyx/my-arsenal-of-aws-security-tools) [![last-commit](https://badgen.net/github/last-commit/toniblyx/my-arsenal-of-aws-security-tools)](https://badgen.net/github/last-commit/toniblyx/my-arsenal-of-aws-security-tools)  [![open-issues](https://badgen.net/github/open-issues/toniblyx/my-arsenal-of-aws-security-tools)](https://badgen.net/github/open-issues/toniblyx/my-arsenal-of-aws-security-tools) [![closed-issues](https://badgen.net/github/closed-issues/toniblyx/my-arsenal-of-aws-security-tools)](https://badgen.net/github/closed-issues/toniblyx/my-arsenal-of-aws-security-tools) |

## Defensive: Hardening, Security Assessment and Inventory

| Name | Description | Popularity | Metadata |

| ---------- | :---------- | :----------: | :----------: |

| **[Prowler](https://github.com/toniblyx/prowler)** | Prowler is an Open Source Security tool for AWS, Azure and GCP to perform Cloud Security best practices assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more. (Python) |[![stars](https://badgen.net/github/stars/toniblyx/prowler)](https://badgen.net/github/stars/toniblyx/prowler)| [![contributors](https://badgen.net/github/contributors/toniblyx/prowler)](https://badgen.net/github/contributors/toniblyx/prowler)[![watchers](https://badgen.net/github/watchers/toniblyx/prowler)](https://badgen.net/github/watchers/toniblyx/prowler)[![last-commit](https://badgen.net/github/last-commit/toniblyx/prowler)](https://badgen.net/github/last-commit/toniblyx/prowler) [![open-issues](https://badgen.net/github/open-issues/toniblyx/prowler)](https://badgen.net/github/open-issues/toniblyx/prowler) [![closed-issues](https://badgen.net/github/closed-issues/toniblyx/prowler)](https://badgen.net/github/closed-issues/toniblyx/prowler) |

| **[CloudMapper](https://github.com/duo-labs/cloudmapper)** | helps you analyze your AWS environments (Python) |[![stars](https://badgen.net/github/stars/duo-labs/cloudmapper)](https://badgen.net/github/stars/duo-labs/cloudmapper)| [![contributors](https://badgen.net/github/contributors/duo-labs/cloudmapper)](https://badgen.net/github/contributors/duo-labs/cloudmapper)[![watchers](https://badgen.net/github/watchers/duo-labs/cloudmapper)](https://badgen.net/github/watchers/duo-labs/cloudmapper)[![last-commit](https://badgen.net/github/last-commit/duo-labs/cloudmapper)](https://badgen.net/github/last-commit/duo-labs/cloudmapper) [![open-issues](https://badgen.net/github/open-issues/duo-labs/cloudmapper)](https://badgen.net/github/open-issues/duo-labs/cloudmapper) [![closed-issues](https://badgen.net/github/closed-issues/duo-labs/cloudmapper)](https://badgen.net/github/closed-issues/duo-labs/cloudmapper) |

| **[ScoutSuite](https://github.com/nccgroup/ScoutSuite)** | Multi-Cloud Security auditing tool for AWS Google Cloud and Azure environments (python) |[![stars](https://badgen.net/github/stars/nccgroup/ScoutSuite)](https://badgen.net/github/stars/nccgroup/ScoutSuite)| [![contributors](https://badgen.net/github/contributors/nccgroup/ScoutSuite)](https://badgen.net/github/contributors/nccgroup/ScoutSuite)[![watchers](https://badgen.net/github/watchers/nccgroup/ScoutSuite)](https://badgen.net/github/watchers/nccgroup/ScoutSuite)[![last-commit](https://badgen.net/github/last-commit/nccgroup/ScoutSuite)](https://badgen.net/github/last-commit/nccgroup/ScoutSuite) [![open-issues](https://badgen.net/github/open-issues/nccgroup/ScoutSuite)](https://badgen.net/github/open-issues/nccgroup/ScoutSuite) [![closed-issues](https://badgen.net/github/closed-issues/nccgroup/ScoutSuite)](https://badgen.net/github/closed-issues/nccgroup/ScoutSuite) |

| **[CloudCustodian](https://github.com/cloud-custodian/cloud-custodian/)** | Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources |[![stars](https://badgen.net/github/stars/cloud-custodian/cloud-custodian/)](https://badgen.net/github/stars/cloud-custodian/cloud-custodian/)| [![contributors](https://badgen.net/github/contributors/cloud-custodian/cloud-custodian/)](https://badgen.net/github/contributors/cloud-custodian/cloud-custodian/)[![watchers](https://badgen.net/github/watchers/cloud-custodian/cloud-custodian/)](https://badgen.net/github/watchers/cloud-custodian/cloud-custodian/)[![last-commit](https://badgen.net/github/last-commit/cloud-custodian/cloud-custodian/)](https://badgen.net/github/last-commit/cloud-custodian/cloud-custodian/) [![open-issues](https://badgen.net/github/open-issues/cloud-custodian/cloud-custodian/)](https://badgen.net/github/open-issues/cloud-custodian/cloud-custodian/) [![closed-issues](https://badgen.net/github/closed-issues/cloud-custodian/cloud-custodian/)](https://badgen.net/github/closed-issues/cloud-custodian/cloud-custodian/) |

| **[ICE](https://github.com/Teevity/ice)** | Ice provides insights from a usage and cost perspective  with high detail dashboards. |[![stars](https://badgen.net/github/stars/Teevity/ice)](https://badgen.net/github/stars/Teevity/ice)| [![contributors](https://badgen.net/github/contributors/Teevity/ice)](https://badgen.net/github/contributors/Teevity/ice)[![watchers](https://badgen.net/github/watchers/Teevity/ice)](https://badgen.net/github/watchers/Teevity/ice)[![last-commit](https://badgen.net/github/last-commit/Teevity/ice)](https://badgen.net/github/last-commit/Teevity/ice) [![open-issues](https://badgen.net/github/open-issues/Teevity/ice)](https://badgen.net/github/open-issues/Teevity/ice) [![closed-issues](https://badgen.net/github/closed-issues/Teevity/ice)](https://badgen.net/github/closed-issues/Teevity/ice) |

| **[CloudSploit Scans](https://github.com/cloudsploit/scans)** | AWS security scanning checks (NodeJS) |[![stars](https://badgen.net/github/stars/cloudsploit/scans)](https://badgen.net/github/stars/cloudsploit/scans)| [![contributors](https://badgen.net/github/contributors/cloudsploit/scans)](https://badgen.net/github/contributors/cloudsploit/scans)[![watchers](https://badgen.net/github/watchers/cloudsploit/scans)](https://badgen.net/github/watchers/cloudsploit/scans)[![last-commit](https://badgen.net/github/last-commit/cloudsploit/scans)](https://badgen.net/github/last-commit/cloudsploit/scans) [![open-issues](https://badgen.net/github/open-issues/cloudsploit/scans)](https://badgen.net/github/open-issues/cloudsploit/scans) [![closed-issues](https://badgen.net/github/closed-issues/cloudsploit/scans)](https://badgen.net/github/closed-issues/cloudsploit/scans) |

| **[AWS Network Access Analyzer](https://github.com/aws-samples/network-access-analyzer-multi-account-analysis)** |  Automation for Amazon VPC Network Access Analyzer to identify all possible Internet Gateway reachability for your resources across all your AWS accounts |[![stars](https://badgen.net/github/stars/aws-samples/network-access-analyzer-multi-account-analysis)](https://badgen.net/github/stars/aws-samples/network-access-analyzer-multi-account-analysis)| [![contributors](https://badgen.net/github/contributors/aws-samples/network-access-analyzer-multi-account-analysis)](https://badgen.net/github/contributors/aws-samples/network-access-analyzer-multi-account-analysis)[![watchers](https://badgen.net/github/watchers/aws-samples/network-access-analyzer-multi-account-analysis)](https://badgen.net/github/watchers/aws-samples/network-access-analyzer-multi-account-analysis)[![last-commit](https://badgen.net/github/last-commit/aws-samples/network-access-analyzer-multi-account-analysis)](https://badgen.net/github/last-commit/aws-samples/network-access-analyzer-multi-account-analysis) [![open-issues](https://badgen.net/github/open-issues/aws-samples/network-access-analyzer-multi-account-analysis)](https://badgen.net/github/open-issues/aws-samples/network-access-analyzer-multi-account-analysis) [![closed-issues](https://badgen.net/github/closed-issues/aws-samples/network-access-analyzer-multi-account-analysis)](https://badgen.net/github/closed-issues/aws-samples/network-access-analyzer-multi-account-analysis) |

| **[CloudTracker](https://github.com/duo-labs/cloudtracker)** | helps you find over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies (Python) |[![stars](https://badgen.net/github/stars/duo-labs/cloudtracker)](https://badgen.net/github/stars/duo-labs/cloudtracker)| [![contributors](https://badgen.net/github/contributors/duo-labs/cloudtracker)](https://badgen.net/github/contributors/duo-labs/cloudtracker)[![watchers](https://badgen.net/github/watchers/duo-labs/cloudtracker)](https://badgen.net/github/watchers/duo-labs/cloudtracker)[![last-commit](https://badgen.net/github/last-commit/duo-labs/cloudtracker)](https://badgen.net/github/last-commit/duo-labs/cloudtracker) [![open-issues](https://badgen.net/github/open-issues/duo-labs/cloudtracker)](https://badgen.net/github/open-issues/duo-labs/cloudtracker) [![closed-issues](https://badgen.net/github/closed-issues/duo-labs/cloudtracker)](https://badgen.net/github/closed-issues/duo-labs/cloudtracker) |

| **[AWS Security Benchmarks](https://github.com/awslabs/aws-security-benchmark)** | scripts and templates guidance related to the AWS CIS Foundation framework (Python) |[![stars](https://badgen.net/github/stars/awslabs/aws-security-benchmark)](https://badgen.net/github/stars/awslabs/aws-security-benchmark)| [![contributors](https://badgen.net/github/contributors/awslabs/aws-security-benchmark)](https://badgen.net/github/contributors/awslabs/aws-security-benchmark)[![watchers](https://badgen.net/github/watchers/awslabs/aws-security-benchmark)](https://badgen.net/github/watchers/awslabs/aws-security-benchmark)[![last-commit](https://badgen.net/github/last-commit/awslabs/aws-security-benchmark)](https://badgen.net/github/last-commit/awslabs/aws-security-benchmark) [![open-issues](https://badgen.net/github/open-issues/awslabs/aws-security-benchmark)](https://badgen.net/github/open-issues/awslabs/aws-security-benchmark) [![closed-issues](https://badgen.net/github/closed-issues/awslabs/aws-security-benchmark)](https://badgen.net/github/closed-issues/awslabs/aws-security-benchmark) |

| **[AWS Public IPs](https://github.com/arkadiyt/aws_public_ips)** | Fetch all public IP addresses tied to your AWS account. Works with IPv4/IPv6  Classic/VPC networking  and across all AWS services (Ruby) |[![stars](https://badgen.net/github/stars/arkadiyt/aws_public_ips)](https://badgen.net/github/stars/arkadiyt/aws_public_ips)| [![contributors](https://badgen.net/github/contributors/arkadiyt/aws_public_ips)](https://badgen.net/github/contributors/arkadiyt/aws_public_ips)[![watchers](https://badgen.net/github/watchers/arkadiyt/aws_public_ips)](https://badgen.net/github/watchers/arkadiyt/aws_public_ips)[![last-commit](https://badgen.net/github/last-commit/arkadiyt/aws_public_ips)](https://badgen.net/github/last-commit/arkadiyt/aws_public_ips) [![open-issues](https://badgen.net/github/open-issues/arkadiyt/aws_public_ips)](https://badgen.net/github/open-issues/arkadiyt/aws_public_ips) [![closed-issues](https://badgen.net/github/closed-issues/arkadiyt/aws_public_ips)](https://badgen.net/github/closed-issues/arkadiyt/aws_public_ips) |

| **[PMapper](https://github.com/nccgroup/PMapper)** | Advanced and Automated AWS IAM Evaluation (Python) |[![stars](https://badgen.net/github/stars/nccgroup/PMapper)](https://badgen.net/github/stars/nccgroup/PMapper)| [![contributors](https://badgen.net/github/contributors/nccgroup/PMapper)](https://badgen.net/github/contributors/nccgroup/PMapper)[![watchers](https://badgen.net/github/watchers/nccgroup/PMapper)](https://badgen.net/github/watchers/nccgroup/PMapper)[![last-commit](https://badgen.net/github/last-commit/nccgroup/PMapper)](https://badgen.net/github/last-commit/nccgroup/PMapper) [![open-issues](https://badgen.net/github/open-issues/nccgroup/PMapper)](https://badgen.net/github/open-issues/nccgroup/PMapper) [![closed-issues](https://badgen.net/github/closed-issues/nccgroup/PMapper)](https://badgen.net/github/closed-issues/nccgroup/PMapper) |

| **[nccgroup AWS-Inventory](https://github.com/nccgroup/aws-inventory)** | Make a inventory of all your resources across regions (Python) |[![stars](https://badgen.net/github/stars/nccgroup/aws-inventory)](https://badgen.net/github/stars/nccgroup/aws-inventory)| [![contributors](https://badgen.net/github/contributors/nccgroup/aws-inventory)](https://badgen.net/github/contributors/nccgroup/aws-inventory)[![watchers](https://badgen.net/github/watchers/nccgroup/aws-inventory)](https://badgen.net/github/watchers/nccgroup/aws-inventory)[![last-commit](https://badgen.net/github/last-commit/nccgroup/aws-inventory)](https://badgen.net/github/last-commit/nccgroup/aws-inventory) [![open-issues](https://badgen.net/github/open-issues/nccgroup/aws-inventory)](https://badgen.net/github/open-issues/nccgroup/aws-inventory) [![closed-issues](https://badgen.net/github/closed-issues/nccgroup/aws-inventory)](https://badgen.net/github/closed-issues/nccgroup/aws-inventory) |

| **[Resource Counter](https://github.com/disruptops/resource-counter)** | Counts number of resources in categories across regions |[![stars](https://badgen.net/github/stars/disruptops/resource-counter)](https://badgen.net/github/stars/disruptops/resource-counter)| [![contributors](https://badgen.net/github/contributors/disruptops/resource-counter)](https://badgen.net/github/contributors/disruptops/resource-counter)[![watchers](https://badgen.net/github/watchers/disruptops/resource-counter)](https://badgen.net/github/watchers/disruptops/resource-counter)[![last-commit](https://badgen.net/github/last-commit/disruptops/resource-counter)](https://badgen.net/github/last-commit/disruptops/resource-counter) [![open-issues](https://badgen.net/github/open-issues/disruptops/resource-counter)](https://badgen.net/github/open-issues/disruptops/resource-counter) [![closed-issues](https://badgen.net/github/closed-issues/disruptops/resource-counter)](https://badgen.net/github/closed-issues/disruptops/resource-counter) |

| **[SkyArk](https://github.com/cyberark/SkyArk)** | SkyArk provides advanced discovery and security assessment for the most privileged entities in the tested AWS.  |[![stars](https://badgen.net/github/stars/cyberark/SkyArk)](https://badgen.net/github/stars/cyberark/SkyArk)| [![contributors](https://badgen.net/github/contributors/cyberark/SkyArk)](https://badgen.net/github/contributors/cyberark/SkyArk)[![watchers](https://badgen.net/github/watchers/cyberark/SkyArk)](https://badgen.net/github/watchers/cyberark/SkyArk)[![last-commit](https://badgen.net/github/last-commit/cyberark/SkyArk)](https://badgen.net/github/last-commit/cyberark/SkyArk) [![open-issues](https://badgen.net/github/open-issues/cyberark/SkyArk)](https://badgen.net/github/open-issues/cyberark/SkyArk) [![closed-issues](https://badgen.net/github/closed-issues/cyberark/SkyArk)](https://badgen.net/github/closed-issues/cyberark/SkyArk) |

| **[findmytakeover](https://github.com/anirudhbiyani/findmytakeover)** | find dangling domains in a multi cloud environment | [![stars](https://badgen.net/github/stars/anirudhbiyani/findmytakeover)](https://badgen.net/github/stars/anirudhbiyani/findmytakeover) | [![contributors](https://badgen.net/github/contributors/anirudhbiyani/findmytakeover)](https://badgen.net/github/contributors/anirudhbiyani/findmytakeover)  [![watchers](https://badgen.net/github/watchers/anirudhbiyani/findmytakeover)](https://badgen.net/github/watchers/anirudhbiyani/findmytakeover)  [![last-commit](https://badgen.net/github/last-commit/anirudhbiyani/findmytakeover)](https://badgen.net/github/last-commit/anirudhbiyani/findmytakeover) [![open-issues](https://badgen.net/github/open-issues/anirudhbiyani/findmytakeover)](https://badgen.net/github/open-issues/anirudhbiyani/findmytakeover) [![closed-issues](https://badgen.net/github/closed-issues/anirudhbiyani/findmytakeover)](https://badgen.net/github/closed-issues/anirudhbiyani/findmytakeover) |

| **[Trailblazer AWS](https://github.com/willbengtson/trailblazer-aws)** | Trailblazer AWS  determine what AWS API calls are logged by CloudTrail and what they are logged as. You can also use TrailBlazer as an attack simulation framework. |[![stars](https://badgen.net/github/stars/willbengtson/trailblazer-aws)](https://badgen.net/github/stars/willbengtson/trailblazer-aws)| [![contributors](https://badgen.net/github/contributors/willbengtson/trailblazer-aws)](https://badgen.net/github/contributors/willbengtson/trailblazer-aws)[![watchers](https://badgen.net/github/watchers/willbengtson/trailblazer-aws)](https://badgen.net/github/watchers/willbengtson/trailblazer-aws)[![last-commit](https://badgen.net/github/last-commit/willbengtson/trailblazer-aws)](https://badgen.net/github/last-commit/willbengtson/trailblazer-aws) [![open-issues](https://badgen.net/github/open-issues/willbengtson/trailblazer-aws)](https://badgen.net/github/open-issues/willbengtson/trailblazer-aws) [![closed-issues](https://badgen.net/github/closed-issues/willbengtson/trailblazer-aws)](https://badgen.net/github/closed-issues/willbengtson/trailblazer-aws) |

| **[Lunar](https://github.com/lateralblast/lunar)** | Security auditing tool based on several security frameworks (it does some AWS checks) |[![stars](https://badgen.net/github/stars/lateralblast/lunar)](https://badgen.net/github/stars/lateralblast/lunar)| [![contributors](https://badgen.net/github/contributors/lateralblast/lunar)](https://badgen.net/github/contributors/lateralblast/lunar)[![watchers](https://badgen.net/github/watchers/lateralblast/lunar)](https://badgen.net/github/watchers/lateralblast/lunar)[![last-commit](https://badgen.net/github/last-commit/lateralblast/lunar)](https://badgen.net/github/last-commit/lateralblast/lunar) [![open-issues](https://badgen.net/github/open-issues/lateralblast/lunar)](https://badgen.net/github/open-issues/lateralblast/lunar) [![closed-issues](https://badgen.net/github/closed-issues/lateralblast/lunar)](https://badgen.net/github/closed-issues/lateralblast/lunar) |

| **[Cloud-reports](https://github.com/tensult/cloud-reports)** | Scans your AWS cloud resources and generates reports |[![stars](https://badgen.net/github/stars/tensult/cloud-reports)](https://badgen.net/github/stars/tensult/cloud-reports)| [![contributors](https://badgen.net/github/contributors/tensult/cloud-reports)](https://badgen.net/github/contributors/tensult/cloud-reports)[![watchers](https://badgen.net/github/watchers/tensult/cloud-reports)](https://badgen.net/github/watchers/tensult/cloud-reports)[![last-commit](https://badgen.net/github/last-commit/tensult/cloud-reports)](https://badgen.net/github/last-commit/tensult/cloud-reports) [![open-issues](https://badgen.net/github/open-issues/tensult/cloud-reports)](https://badgen.net/github/open-issues/tensult/cloud-reports) [![closed-issues](https://badgen.net/github/closed-issues/tensult/cloud-reports)](https://badgen.net/github/closed-issues/tensult/cloud-reports) |

| **[Pacbot](https://github.com/tmobile/pacbot)** | Platform for continuous compliance monitoring  compliance reporting and security automation for the cloud |[![stars](https://badgen.net/github/stars/tmobile/pacbot)](https://badgen.net/github/stars/tmobile/pacbot)| [![contributors](https://badgen.net/github/contributors/tmobile/pacbot)](https://badgen.net/github/contributors/tmobile/pacbot)[![watchers](https://badgen.net/github/watchers/tmobile/pacbot)](https://badgen.net/github/watchers/tmobile/pacbot)[![last-commit](https://badgen.net/github/last-commit/tmobile/pacbot)](https://badgen.net/github/last-commit/tmobile/pacbot) [![open-issues](https://badgen.net/github/open-issues/tmobile/pacbot)](https://badgen.net/github/open-issues/tmobile/pacbot) [![closed-issues](https://badgen.net/github/closed-issues/tmobile/pacbot)](https://badgen.net/github/closed-issues/tmobile/pacbot) |

| **[cs-suite](https://github.com/SecurityFTW/cs-suite)** | Integrates tools like Scout2 and Prowler among others  |[![stars](https://badgen.net/github/stars/SecurityFTW/cs-suite)](https://badgen.net/github/stars/SecurityFTW/cs-suite)| [![contributors](https://badgen.net/github/contributors/SecurityFTW/cs-suite)](https://badgen.net/github/contributors/SecurityFTW/cs-suite)[![watchers](https://badgen.net/github/watchers/SecurityFTW/cs-suite)](https://badgen.net/github/watchers/SecurityFTW/cs-suite)[![last-commit](https://badgen.net/github/last-commit/SecurityFTW/cs-suite)](https://badgen.net/github/last-commit/SecurityFTW/cs-suite) [![open-issues](https://badgen.net/github/open-issues/SecurityFTW/cs-suite)](https://badgen.net/github/open-issues/SecurityFTW/cs-suite) [![closed-issues](https://badgen.net/github/closed-issues/SecurityFTW/cs-suite)](https://badgen.net/github/closed-issues/SecurityFTW/cs-suite) |

| **[aws-key-disabler](https://github.com/te-papa/aws-key-disabler)** | A small lambda script that will disable access keys older than a given amount of days |[![stars](https://badgen.net/github/stars/te-papa/aws-key-disabler)](https://badgen.net/github/stars/te-papa/aws-key-disabler)| [![contributors](https://badgen.net/github/contributors/te-papa/aws-key-disabler)](https://badgen.net/github/contributors/te-papa/aws-key-disabler)[![watchers](https://badgen.net/github/watchers/te-papa/aws-key-disabler)](https://badgen.net/github/watchers/te-papa/aws-key-disabler)[![last-commit](https://badgen.net/github/last-commit/te-papa/aws-key-disabler)](https://badgen.net/github/last-commit/te-papa/aws-key-disabler) [![open-issues](https://badgen.net/github/open-issues/te-papa/aws-key-disabler)](https://badgen.net/github/open-issues/te-papa/aws-key-disabler) [![closed-issues](https://badgen.net/github/closed-issues/te-papa/aws-key-disabler)](https://badgen.net/github/closed-issues/te-papa/aws-key-disabler) |

| **[Antiope](https://github.com/turnerlabs/antiope)** | AWS Inventory and Compliance Framework |[![stars](https://badgen.net/github/stars/turnerlabs/antiope)](https://badgen.net/github/stars/turnerlabs/antiope)| [![contributors](https://badgen.net/github/contributors/turnerlabs/antiope)](https://badgen.net/github/contributors/turnerlabs/antiope)[![watchers](https://badgen.net/github/watchers/turnerlabs/antiope)](https://badgen.net/github/watchers/turnerlabs/antiope)[![last-commit](https://badgen.net/github/last-commit/turnerlabs/antiope)](https://badgen.net/github/last-commit/turnerlabs/antiope) [![open-issues](https://badgen.net/github/open-issues/turnerlabs/antiope)](https://badgen.net/github/open-issues/turnerlabs/antiope) [![closed-issues](https://badgen.net/github/closed-issues/turnerlabs/antiope)](https://badgen.net/github/closed-issues/turnerlabs/antiope) |

| **[Cloud Reports](https://github.com/tensult/cloud-reports)** | Scans your AWS cloud resources and generates reports and includes security best practices. |[![stars](https://badgen.net/github/stars/tensult/cloud-reports)](https://badgen.net/github/stars/tensult/cloud-reports)| [![contributors](https://badgen.net/github/contributors/tensult/cloud-reports)](https://badgen.net/github/contributors/tensult/cloud-reports)[![watchers](https://badgen.net/github/watchers/tensult/cloud-reports)](https://badgen.net/github/watchers/tensult/cloud-reports)[![last-commit](https://badgen.net/github/last-commit/tensult/cloud-reports)](https://badgen.net/github/last-commit/tensult/cloud-reports) [![open-issues](https://badgen.net/github/open-issues/tensult/cloud-reports)](https://badgen.net/github/open-issues/tensult/cloud-reports) [![closed-issues](https://badgen.net/github/closed-issues/tensult/cloud-reports)](https://badgen.net/github/closed-issues/tensult/cloud-reports) |

| **[Terraform AWS Secure Baseline](https://github.com/nozaq/terraform-aws-secure-baseline)** | Terraform module to set up your AWS account with the secure |[![stars](https://badgen.net/github/stars/nozaq/terraform-aws-secure-baseline)](https://badgen.net/github/stars/nozaq/terraform-aws-secure-baseline)| [![contributors](https://badgen.net/github/contributors/nozaq/terraform-aws-secure-baseline)](https://badgen.net/github/contributors/nozaq/terraform-aws-secure-baseline)[![watchers](https://badgen.net/github/watchers/nozaq/terraform-aws-secure-baseline)](https://badgen.net/github/watchers/nozaq/terraform-aws-secure-baseline)[![last-commit](https://badgen.net/github/last-commit/nozaq/terraform-aws-secure-baseline)](https://badgen.net/github/last-commit/nozaq/terraform-aws-secure-baseline) [![open-issues](https://badgen.net/github/open-issues/nozaq/terraform-aws-secure-baseline)](https://badgen.net/github/open-issues/nozaq/terraform-aws-secure-baseline) [![closed-issues](https://badgen.net/github/closed-issues/nozaq/terraform-aws-secure-baseline)](https://badgen.net/github/closed-issues/nozaq/terraform-aws-secure-baseline) |

| **[ZeusCloud](https://github.com/Zeus-Labs/ZeusCloud)** | Discover, prioritize, and remediate security risks in your AWS cloud environments.  | [![stars](https://badgen.net/github/stars/Zeus-Labs/ZeusCloud)](https://badgen.net/github/stars/Zeus-Labs/ZeusCloud)| [![contributors](https://badgen.net/github/contributors/Zeus-Labs/ZeusCloud)](https://badgen.net/github/contributors/Zeus-Labs/ZeusCloud) [![watchers](https://badgen.net/github/watchers/Zeus-Labs/ZeusCloud)](https://badgen.net/github/watchers/Zeus-Labs/ZeusCloud) [![last-commit](https://badgen.net/github/last-commit/Zeus-Labs/ZeusCloud)](https://badgen.net/github/last-commit/Zeus-Labs/ZeusCloud) [![open-issues](https://badgen.net/github/open-issues/Zeus-Labs/ZeusCloud)](https://badgen.net/github/open-issues/Zeus-Labs/ZeusCloud) [![closed-issues](https://badgen.net/github/closed-issues/Zeus-Labs/ZeusCloud)](https://badgen.net/github/closed-issues/Zeus-Labs/ZeusCloud) |

| **[Cartography](https://github.com/lyft/cartography)** | Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database.  |[![stars](https://badgen.net/github/stars/lyft/cartography)](https://badgen.net/github/stars/lyft/cartography)| [![contributors](https://badgen.net/github/contributors/lyft/cartography)](https://badgen.net/github/contributors/lyft/cartography)[![watchers](https://badgen.net/github/watchers/lyft/cartography)](https://badgen.net/github/watchers/lyft/cartography)[![last-commit](https://badgen.net/github/last-commit/lyft/cartography)](https://badgen.net/github/last-commit/lyft/cartography) [![open-issues](https://badgen.net/github/open-issues/lyft/cartography)](https://badgen.net/github/open-issues/lyft/cartography) [![closed-issues](https://badgen.net/github/closed-issues/lyft/cartography)](https://badgen.net/github/closed-issues/lyft/cartography) |

| **[TrailScraper](https://github.com/flosell/trailscraper)** | A command-line tool to get valuable information out of AWS CloudTrail |[![stars](https://badgen.net/github/stars/flosell/trailscraper)](https://badgen.net/github/stars/flosell/trailscraper)| [![contributors](https://badgen.net/github/contributors/flosell/trailscraper)](https://badgen.net/github/contributors/flosell/trailscraper)[![watchers](https://badgen.net/github/watchers/flosell/trailscraper)](https://badgen.net/github/watchers/flosell/trailscraper)[![last-commit](https://badgen.net/github/last-commit/flosell/trailscraper)](https://badgen.net/github/last-commit/flosell/trailscraper) [![open-issues](https://badgen.net/github/open-issues/flosell/trailscraper)](https://badgen.net/github/open-issues/flosell/trailscraper) [![closed-issues](https://badgen.net/github/closed-issues/flosell/trailscraper)](https://badgen.net/github/closed-issues/flosell/trailscraper) |

| **[Komiser](https://github.com/mlabouardy/komiser)** | Cloud Environment Inspector analyze and manage cloud cost usage security and governance in one place. |[![stars](https://badgen.net/github/stars/mlabouardy/komiser)](https://badgen.net/github/stars/mlabouardy/komiser)| [![contributors](https://badgen.net/github/contributors/mlabouardy/komiser)](https://badgen.net/github/contributors/mlabouardy/komiser)[![watchers](https://badgen.net/github/watchers/mlabouardy/komiser)](https://badgen.net/github/watchers/mlabouardy/komiser)[![last-commit](https://badgen.net/github/last-commit/mlabouardy/komiser)](https://badgen.net/github/last-commit/mlabouardy/komiser) [![open-issues](https://badgen.net/github/open-issues/mlabouardy/komiser)](https://badgen.net/github/open-issues/mlabouardy/komiser) [![closed-issues](https://badgen.net/github/closed-issues/mlabouardy/komiser)](https://badgen.net/github/closed-issues/mlabouardy/komiser) |

| **[Perimeterator](https://github.com/darkarnium/perimeterator)** | AWS perimeter monitoring. Periodically scan internet facing AWS resources to detect misconfigured services |[![stars](https://badgen.net/github/stars/darkarnium/perimeterator)](https://badgen.net/github/stars/darkarnium/perimeterator)| [![contributors](https://badgen.net/github/contributors/darkarnium/perimeterator)](https://badgen.net/github/contributors/darkarnium/perimeterator)[![watchers](https://badgen.net/github/watchers/darkarnium/perimeterator)](https://badgen.net/github/watchers/darkarnium/perimeterator)[![last-commit](https://badgen.net/github/last-commit/darkarnium/perimeterator)](https://badgen.net/github/last-commit/darkarnium/perimeterator) [![open-issues](https://badgen.net/github/open-issues/darkarnium/perimeterator)](https://badgen.net/github/open-issues/darkarnium/perimeterator) [![closed-issues](https://badgen.net/github/closed-issues/darkarnium/perimeterator)](https://badgen.net/github/closed-issues/darkarnium/perimeterator) |

| **[PolicySentry](https://github.com/salesforce/policy_sentry)** | IAM Least Privilege Policy Generator auditor and analysis database |[![stars](https://badgen.net/github/stars/salesforce/policy_sentry)](https://badgen.net/github/stars/salesforce/policy_sentry)| [![contributors](https://badgen.net/github/contributors/salesforce/policy_sentry)](https://badgen.net/github/contributors/salesforce/policy_sentry)[![watchers](https://badgen.net/github/watchers/salesforce/policy_sentry)](https://badgen.net/github/watchers/salesforce/policy_sentry)[![last-commit](https://badgen.net/github/last-commit/salesforce/policy_sentry)](https://badgen.net/github/last-commit/salesforce/policy_sentry) [![open-issues](https://badgen.net/github/open-issues/salesforce/policy_sentry)](https://badgen.net/github/open-issues/salesforce/policy_sentry) [![closed-issues](https://badgen.net/github/closed-issues/salesforce/policy_sentry)](https://badgen.net/github/closed-issues/salesforce/policy_sentry) |

| **[Zeus](https://github.com/DenizParlak/Zeus)** | AWS Auditing & Hardening Tool  |[![stars](https://badgen.net/github/stars/DenizParlak/Zeus)](https://badgen.net/github/stars/DenizParlak/Zeus)| [![contributors](https://badgen.net/github/contributors/DenizParlak/Zeus)](https://badgen.net/github/contributors/DenizParlak/Zeus)[![watchers](https://badgen.net/github/watchers/DenizParlak/Zeus)](https://badgen.net/github/watchers/DenizParlak/Zeus)[![last-commit](https://badgen.net/github/last-commit/DenizParlak/Zeus)](https://badgen.net/github/last-commit/DenizParlak/Zeus) [![open-issues](https://badgen.net/github/open-issues/DenizParlak/Zeus)](https://badgen.net/github/open-issues/DenizParlak/Zeus) [![closed-issues](https://badgen.net/github/closed-issues/DenizParlak/Zeus)](https://badgen.net/github/closed-issues/DenizParlak/Zeus) |

| **[janiko71 AWS-inventory](https://github.com/janiko71/aws-inventory)** | Python script for AWS resources inventory |[![stars](https://badgen.net/github/stars/janiko71/aws-inventory)](https://badgen.net/github/stars/janiko71/aws-inventory)| [![contributors](https://badgen.net/github/contributors/janiko71/aws-inventory)](https://badgen.net/github/contributors/janiko71/aws-inventory)[![watchers](https://badgen.net/github/watchers/janiko71/aws-inventory)](https://badgen.net/github/watchers/janiko71/aws-inventory)[![last-commit](https://badgen.net/github/last-commit/janiko71/aws-inventory)](https://badgen.net/github/last-commit/janiko71/aws-inventory) [![open-issues](https://badgen.net/github/open-issues/janiko71/aws-inventory)](https://badgen.net/github/open-issues/janiko71/aws-inventory) [![closed-issues](https://badgen.net/github/closed-issues/janiko71/aws-inventory)](https://badgen.net/github/closed-issues/janiko71/aws-inventory) |

| **[awspx](https://github.com/fsecurelabs/awspx)** | A graph-based tool for visualizing effective access and resource relationships in AWS environments |[![stars](https://badgen.net/github/stars/fsecurelabs/awspx)](https://badgen.net/github/stars/fsecurelabs/awspx)| [![contributors](https://badgen.net/github/contributors/fsecurelabs/awspx)](https://badgen.net/github/contributors/fsecurelabs/awspx)[![watchers](https://badgen.net/github/watchers/fsecurelabs/awspx)](https://badgen.net/github/watchers/fsecurelabs/awspx)[![last-commit](https://badgen.net/github/last-commit/fsecurelabs/awspx)](https://badgen.net/github/last-commit/fsecurelabs/awspx) [![open-issues](https://badgen.net/github/open-issues/fsecurelabs/awspx)](https://badgen.net/github/open-issues/fsecurelabs/awspx) [![closed-issues](https://badgen.net/github/closed-issues/fsecurelabs/awspx)](https://badgen.net/github/closed-issues/fsecurelabs/awspx) |

| **[clinv](https://github.com/lyz-code/clinv)** | DevSecOps command line asset inventory tool  |[![stars](https://badgen.net/github/stars/lyz-code/clinv)](https://badgen.net/github/stars/lyz-code/clinv)| [![contributors](https://badgen.net/github/contributors/lyz-code/clinv)](https://badgen.net/github/contributors/lyz-code/clinv)[![watchers](https://badgen.net/github/watchers/lyz-code/clinv)](https://badgen.net/github/watchers/lyz-code/clinv)[![last-commit](https://badgen.net/github/last-commit/lyz-code/clinv)](https://badgen.net/github/last-commit/lyz-code/clinv) [![open-issues](https://badgen.net/github/open-issues/lyz-code/clinv)](https://badgen.net/github/open-issues/lyz-code/clinv) [![closed-issues](https://badgen.net/github/closed-issues/lyz-code/clinv)](https://badgen.net/github/closed-issues/lyz-code/clinv) |

| **[aws-gate](https://github.com/xen0l/aws-gate)** | Enhanced AWS SSM Session manager CLI client |[![stars](https://badgen.net/github/stars/xen0l/aws-gate)](https://badgen.net/github/stars/xen0l/aws-gate)| [![contributors](https://badgen.net/github/contributors/xen0l/aws-gate)](https://badgen.net/github/contributors/xen0l/aws-gate) [![watchers](https://badgen.net/github/watchers/xen0l/aws-gate)](https://badgen.net/github/watchers/xen0l/aws-gate) [![last-commit](https://badgen.net/github/last-commit/xen0l/aws-gate)](https://badgen.net/github/last-commit/xen0l/aws-gate)  [![open-issues](https://badgen.net/github/open-issues/xen0l/aws-gate)](https://badgen.net/github/open-issues/xen0l/aws-gate) [![closed-issues](https://badgen.net/github/closed-issues/xen0l/aws-gate)](https://badgen.net/github/closed-issues/xen0l/aws-gate) |

| **[Detecting Credential Compromise](https://github.com/Netflix-Skunkworks/aws-credential-compromise-detection)** | Detecting of your compromised credential in AWS  |[![stars](https://badgen.net/github/stars/Netflix-Skunkworks/aws-credential-compromise-detection)](https://badgen.net/github/stars/Netflix-Skunkworks/aws-credential-compromise-detection)| [![contributors](https://badgen.net/github/contributors/Netflix-Skunkworks/aws-credential-compromise-detection)](https://badgen.net/github/contributors/Netflix-Skunkworks/aws-credential-compromise-detection)[![watchers](https://badgen.net/github/watchers/Netflix-Skunkworks/aws-credential-compromise-detection)](https://badgen.net/github/watchers/Netflix-Skunkworks/aws-credential-compromise-detection)[![last-commit](https://badgen.net/github/last-commit/Netflix-Skunkworks/aws-credential-compromise-detection)](https://badgen.net/github/last-commit/Netflix-Skunkworks/aws-credential-compromise-detection) [![open-issues](https://badgen.net/github/open-issues/Netflix-Skunkworks/aws-credential-compromise-detection)](https://badgen.net/github/open-issues/Netflix-Skunkworks/aws-credential-compromise-detection) [![closed-issues](https://badgen.net/github/closed-issues/Netflix-Skunkworks/aws-credential-compromise-detection)](https://badgen.net/github/closed-issues/Netflix-Skunkworks/aws-credential-compromise-detection)|

| **[AWS-Security-Toolbox (AST)](https://github.com/z0ph/aws-security-toolbox)** | AWS Security Toolbox (Docker Image) for Security Assessments |[![stars](https://badgen.net/github/stars/z0ph/aws-security-toolbox)](https://badgen.net/github/stars/z0ph/aws-security-toolbox)| [![contributors](https://badgen.net/github/contributors/z0ph/aws-security-toolbox)](https://badgen.net/github/contributors/z0ph/aws-security-toolbox) [![watchers](https://badgen.net/github/watchers/z0ph/aws-security-toolbox)](https://badgen.net/github/watchers/z0ph/aws-security-toolbox) [![last-commit](https://badgen.net/github/last-commit/z0ph/aws-security-toolbox)](https://badgen.net/github/last-commit/z0ph/aws-security-toolbox)  [![open-issues](https://badgen.net/github/open-issues/z0ph/aws-security-toolbox)](https://badgen.net/github/open-issues/z0ph/aws-security-toolbox) [![closed-issues](https://badgen.net/github/closed-issues/z0ph/aws-security-toolbox)](https://badgen.net/github/closed-issues/z0ph/aws-security-toolbox) |

| **[iam-lint](https://github.com/xen0l/iam-lint)** | Github action for linting AWS IAM policy documents for correctness and possible security issues |[![stars](https://badgen.net/github/stars/xen0l/iam-lint)](https://badgen.net/github/stars/xen0l/iam-lint)| [![contributors](https://badgen.net/github/contributors/xen0l/iam-lint)](https://badgen.net/github/contributors/xen0l/iam-lint) [![watchers](https://badgen.net/github/watchers/xen0l/iam-lint)](https://badgen.net/github/watchers/xen0l/iam-lint) [![last-commit](https://badgen.net/github/last-commit/xen0l/iam-lint)](https://badgen.net/github/last-commit/xen0l/iam-lint) [![open-issues](https://badgen.net/github/open-issues/xen0l/iam-lint)](https://badgen.net/github/open-issues/xen0l/iam-lint) [![closed-issues](https://badgen.net/github/closed-issues/xen0l/iam-lint)](https://badgen.net/github/closed-issues/xen0l/iam-lint) |

| **[aws-security-viz](https://github.com/anaynayak/aws-security-viz)** | A tool to visualize aws security groups. |[![stars](https://badgen.net/github/stars/anaynayak/aws-security-viz)](https://badgen.net/github/stars/anaynayak/aws-security-viz)| [![contributors](https://badgen.net/github/contributors/anaynayak/aws-security-viz)](https://badgen.net/github/contributors/anaynayak/aws-security-viz) [![watchers](https://badgen.net/github/watchers/anaynayak/aws-security-viz)](https://badgen.net/github/watchers/anaynayak/aws-security-viz) [![last-commit](https://badgen.net/github/last-commit/anaynayak/aws-security-viz)](https://badgen.net/github/last-commit/anaynayak/aws-security-viz) [![open-issues](https://badgen.net/github/open-issues/anaynayak/aws-security-viz)](https://badgen.net/github/open-issues/anaynayak/aws-security-viz) [![closed-issues](https://badgen.net/github/closed-issues/anaynayak/aws-security-viz)](https://badgen.net/github/closed-issues/anaynayak/aws-security-viz) |

| **[AirIAM](https://github.com/bridgecrewio/AirIAM)** | Least privilege AWS IAM using Terraform |[![stars](https://badgen.net/github/stars/bridgecrewio/AirIAM)](https://badgen.net/github/stars/bridgecrewio/AirIAM)| [![contributors](https://badgen.net/github/contributors/bridgecrewio/AirIAM)](https://badgen.net/github/contributors/bridgecrewio/AirIAM) [![watchers](https://badgen.net/github/watchers/bridgecrewio/AirIAM)](https://badgen.net/github/watchers/bridgecrewio/AirIAM) [![last-commit](https://badgen.net/github/last-commit/bridgecrewio/AirIAM)](https://badgen.net/github/last-commit/bridgecrewio/AirIAM) [![open-issues](https://badgen.net/github/open-issues/bridgecrewio/AirIAM)](https://badgen.net/github/open-issues/bridgecrewio/AirIAM) [![closed-issues](https://badgen.net/github/closed-issues/bridgecrewio/AirIAM)](https://badgen.net/github/closed-issues/bridgecrewio/AirIAM) |

| **[Cloudsplaining](https://github.com/salesforce/cloudsplaining)** | AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized HTML report. |[![stars](https://badgen.net/github/stars/salesforce/cloudsplaining)](https://badgen.net/github/stars/salesforce/cloudsplaining)| [![contributors](https://badgen.net/github/contributors/salesforce/cloudsplaining)](https://badgen.net/github/contributors/salesforce/cloudsplaining) [![watchers](https://badgen.net/github/watchers/salesforce/cloudsplaining)](https://badgen.net/github/watchers/salesforce/cloudsplaining) [![last-commit](https://badgen.net/github/last-commit/salesforce/cloudsplaining)](https://badgen.net/github/last-commit/salesforce/cloudsplaining) [![open-issues](https://badgen.net/github/open-issues/salesforce/cloudsplaining)](https://badgen.net/github/open-issues/salesforce/cloudsplaining) [![closed-issues](https://badgen.net/github/closed-issues/salesforce/cloudsplaining)](https://badgen.net/github/closed-issues/salesforce/cloudsplaining) |

| **[iam-policy-generator](https://github.com/aletheia/iam-policy-generator)** | A simple library to generate IAM policy statements with no need to remember all the actions APIs | [![stars](https://badgen.net/github/stars/aletheia/iam-policy-generator)](https://badgen.net/github/stars/aletheia/iam-policy-generator) | [![contributors](https://badgen.net/github/contributors/aletheia/iam-policy-generator)](https://badgen.net/github/contributors/aletheia/iam-policy-generator) [![watchers](https://badgen.net/github/watchers/aletheia/iam-policy-generator)](https://badgen.net/github/watchers/aletheia/iam-policy-generator) [![last-commit](https://badgen.net/github/last-commit/aletheia/iam-policy-generator)](https://badgen.net/github/last-commit/aletheia/iam-policy-generator) [![open-issues](https://badgen.net/github/open-issues/aletheia/iam-policy-generator)](https://badgen.net/github/open-issues/aletheia/iam-policy-generator) [![closed-issues](https://badgen.net/github/closed-issues/aletheia/iam-policy-generator)](https://badgen.net/github/closed-issues/aletheia/iam-policy-generator) |

| **[SkyWrapper](https://github.com/cyberark/SkyWrapper)** | SkyWrapper helps to discover suspicious creation forms and uses of temporary tokens in AWS | [![stars](https://badgen.net/github/stars/cyberark/SkyWrapper)](https://badgen.net/github/stars/cyberark/SkyWrapper) | [![contributors](https://badgen.net/github/contributors/cyberark/SkyWrapper)](https://badgen.net/github/contributors/cyberark/SkyWrapper) [![watchers](https://badgen.net/github/watchers/cyberark/SkyWrapper)](https://badgen.net/github/watchers/cyberark/SkyWrapper) [![last-commit](https://badgen.net/github/last-commit/cyberark/SkyWrapper)](https://badgen.net/github/last-commit/cyberark/SkyWrapper) [![open-issues](https://badgen.net/github/open-issues/cyberark/SkyWrapper)](https://badgen.net/github/open-issues/cyberark/SkyWrapper) [![closed-issues](https://badgen.net/github/closed-issues/cyberark/SkyWrapper)](https://badgen.net/github/closed-issues/cyberark/SkyWrapper) |

| **[aws-recon](https://github.com/darkbitio/aws-recon)** | Multi-threaded AWS inventory collection tool | [![stars](https://badgen.net/github/stars/darkbitio/aws-recon)](https://badgen.net/github/stars/darkbitio/aws-recon) | [![contributors](https://badgen.net/github/contributors/darkbitio/aws-recon)](https://badgen.net/github/contributors/darkbitio/aws-recon) [![watchers](https://badgen.net/github/watchers/darkbitio/aws-recon)](https://badgen.net/github/watchers/darkbitio/aws-recon) [![last-commit](https://badgen.net/github/last-commit/darkbitio/aws-recon)](https://badgen.net/github/last-commit/darkbitio/aws-recon) [![open-issues](https://badgen.net/github/open-issues/darkbitio/aws-recon)](https://badgen.net/github/open-issues/darkbitio/aws-recon) [![closed-issues](https://badgen.net/github/closed-issues/darkbitio/aws-recon)](https://badgen.net/github/closed-issues/darkbitio/aws-recon) |

| **[iam-policies-cli](https://github.com/mhlabs/iam-policies-cli)** | A CLI tool for building simple to complex IAM policies | [![stars](https://badgen.net/github/stars/mhlabs/iam-policies-cli)](https://badgen.net/github/stars/mhlabs/iam-policies-cli) | [![contributors](https://badgen.net/github/contributors/mhlabs/iam-policies-cli)](https://badgen.net/github/contributors/mhlabs/iam-policies-cli) [![watchers](https://badgen.net/github/watchers/mhlabs/iam-policies-cli)](https://badgen.net/github/watchers/mhlabs/iam-policies-cli) [![last-commit](https://badgen.net/github/last-commit/mhlabs/iam-policies-cli)](https://badgen.net/github/last-commit/mhlabs/iam-policies-cli) [![open-issues](https://badgen.net/github/open-issues/mhlabs/iam-policies-cli)](https://badgen.net/github/open-issues/mhlabs/iam-policies-cli) [![closed-issues](https://badgen.net/github/closed-issues/mhlabs/iam-policies-cli)](https://badgen.net/github/closed-issues/mhlabs/iam-policies-cli) |

| **[Aaia](https://github.com/rams3sh/Aaia)** | AWS Identity and Access Management Visualizer and Anomaly Finder | [![stars](https://badgen.net/github/stars/rams3sh/Aaia)](https://badgen.net/github/stars/rams3sh/Aaia) | [![contributors](https://badgen.net/github/contributors/rams3sh/Aaia)](https://badgen.net/github/contributors/rams3sh/Aaia) [![watchers](https://badgen.net/github/watchers/rams3sh/Aaia)](https://badgen.net/github/watchers/rams3sh/Aaia) [![last-commit](https://badgen.net/github/last-commit/rams3sh/Aaia)](https://badgen.net/github/last-commit/rams3sh/Aaia) [![open-issues](https://badgen.net/github/open-issues/rams3sh/Aaia)](https://badgen.net/github/open-issues/rams3sh/Aaia) [![closed-issues](https://badgen.net/github/closed-issues/rams3sh/Aaia)](https://badgen.net/github/closed-issues/rams3sh/Aaia) |

| **[iam-floyd](https://github.com/udondan/iam-floyd)** | IAM policy statement generator with fluent interface - Available for Node.js, Python, .Net and Java | [![stars](https://badgen.net/github/stars/udondan/iam-floyd)](https://badgen.net/github/stars/udondan/iam-floyd) | [![contributors](https://badgen.net/github/contributors/udondan/iam-floyd)](https://badgen.net/github/contributors/udondan/iam-floyd) [![watchers](https://badgen.net/github/watchers/udondan/iam-floyd)](https://badgen.net/github/watchers/udondan/iam-floyd) [![last-commit](https://badgen.net/github/last-commit/udondan/iam-floyd)](https://badgen.net/github/last-commit/udondan/iam-floyd) [![open-issues](https://badgen.net/github/open-issues/udondan/iam-floyd)](https://badgen.net/github/open-issues/udondan/iam-floyd) [![closed-issues](https://badgen.net/github/closed-issues/udondan/iam-floyd)](https://badgen.net/github/closed-issues/udondan/iam-floyd) |

| **[rpCheckup](https://github.com/goldfiglabs/rpCheckup)** | AWS resource policy security checkup tool that identifies public, external account access, intra-org account access, and private resources. | [![stars](https://badgen.net/github/stars/goldfiglabs/rpCheckup)](https://badgen.net/github/stars/goldfiglabs/rpCheckup) | [![contributors](https://badgen.net/github/contributors/goldfiglabs/rpCheckup)](https://badgen.net/github/contributors/goldfiglabs/rpCheckup) [![watchers](https://badgen.net/github/watchers/goldfiglabs/rpCheckup)](https://badgen.net/github/watchers/goldfiglabs/rpCheckup) [![last-commit](https://badgen.net/github/last-commit/goldfiglabs/rpCheckup)](https://badgen.net/github/last-commit/goldfiglabs/rpCheckup) [![open-issues](https://badgen.net/github/open-issues/goldfiglabs/rpCheckup)](https://badgen.net/github/open-issues/goldfiglabs/rpCheckup) [![closed-issues](https://badgen.net/github/closed-issues/goldfiglabs/rpCheckup)](https://badgen.net/github/closed-issues/goldfiglabs/rpCheckup) |

| **[S3 Exif Cleaner](https://github.com/seisvelas/S3-Exif-Cleaner)** | Remove EXIF data from all objects in an S3 bucket |[![stars](https://badgen.net/github/stars/seisvelas/S3-Exif-Cleaner)](https://badgen.net/github/stars/seisvelas/S3-Exif-Cleaner)| [![contributors](https://badgen.net/github/contributors/seisvelas/S3-Exif-Cleaner)](https://badgen.net/github/contributors/seisvelas/S3-Exif-Cleaner)[![watchers](https://badgen.net/github/watchers/seisvelas/S3-Exif-Cleaner)](https://badgen.net/github/watchers/seisvelas/S3-Exif-Cleaner)[![last-commit](https://badgen.net/github/last-commit/seisvelas/S3-Exif-Cleaner)](https://badgen.net/github/last-commit/seisvelas/S3-Exif-Cleaner) [![open-issues](https://badgen.net/github/open-issues/seisvelas/S3-Exif-Cleaner)](https://badgen.net/github/open-issues/seisvelas/S3-Exif-Cleaner) [![closed-issues](https://badgen.net/github/closed-issues/seisvelas/S3-Exif-Cleaner)](https://badgen.net/github/closed-issues/seisvelas/S3-Exif-Cleaner) |

| **[Steampipe](https://github.com/turbot/steampipe)** | Use SQL to instantly query your cloud services (AWS, Azure, GCP and more). Open source CLI. No DB required. (SQL) |[![stars](https://badgen.net/github/stars/turbot/steampipe)](https://badgen.net/github/stars/turbot/steampipe)| [![contributors](https://badgen.net/github/contributors/turbot/steampipe)](https://badgen.net/github/contributors/turbot/steampipe)[![watchers](https://badgen.net/github/watchers/turbot/steampipe)](https://badgen.net/github/watchers/turbot/steampipe)[![last-commit](https://badgen.net/github/last-commit/turbot/steampipe/main)](https://badgen.net/github/last-commit/turbot/steampipe/main) [![open-issues](https://badgen.net/github/open-issues/turbot/steampipe)](https://badgen.net/github/open-issues/turbot/steampipe) [![closed-issues](https://badgen.net/github/closed-issues/turbot/steampipe)](https://badgen.net/github/closed-issues/turbot/steampipe) |

| **[access-undenied-aws](https://github.com/ermetic/access-undenied-aws)** | Parses AWS AccessDenied CloudTrail events, explains the reasons for them, and offers actionable remediation steps. |  [![stars](https://badgen.net/github/stars/ermetic/access-undenied-aws)](https://badgen.net/github/stars/ermetic/access-undenied-aws) | [![contributors](https://badgen.net/github/contributors/ermetic/access-undenied-aws)](https://badgen.net/github/contributors/ermetic/access-undenied-aws) [![watchers](https://badgen.net/github/watchers/ermetic/access-undenied-aws)](https://badgen.net/github/watchers/ermetic/access-undenied-aws) [![last-commit](https://badgen.net/github/last-commit/ermetic/access-undenied-aws)](https://badgen.net/github/last-commit/ermetic/access-undenied-aws) [![open-issues](https://badgen.net/github/open-issues/ermetic/access-undenied-aws)](https://badgen.net/github/open-issues/ermetic/access-undenied-aws) [![closed-issues](https://badgen.net/github/closed-issues/ermetic/access-undenied-aws)](https://badgen.net/github/closed-issues/ermetic/access-undenied-aws) |

| **[Metabadger](https://github.com/salesforce/metabadger)** | Prevent SSRF attacks on AWS EC2 via automated upgrades to the more secure Instance Metadata Service v2 (IMDSv2). |[![stars](https://badgen.net/github/stars/salesforce/metabadger)](https://badgen.net/github/stars/salesforce/metabadger)| [![contributors](https://badgen.net/github/contributors/salesforce/metabadger)](https://badgen.net/github/contributors/salesforce/metabadger)[![watchers](https://badgen.net/github/watchers/salesforce/metabadger)](https://badgen.net/github/watchers/salesforce/metabadger)[![last-commit](https://badgen.net/github/last-commit/salesforce/metabadger/main)](https://badgen.net/github/last-commit/salesforce/metabadger) [![open-issues](https://badgen.net/github/open-issues/salesforce/metabadger)](https://badgen.net/github/open-issues/salesforce/metabadger) [![closed-issues](https://badgen.net/github/closed-issues/salesforce/metabadger)](https://badgen.net/github/closed-issues/salesforce/metabadger) |

| **[AWS-Firewall Factory](https://github.com/globaldatanet/aws-firewall-factory)** | Deploy, update, and stage your WAFs while managing them centrally via FMS (CDK) |[![stars](https://badgen.net/github/stars/globaldatanet/aws-firewall-factory)](https://badgen.net/github/stars/globaldatanet/aws-firewall-factory)| [![contributors](https://badgen.net/github/contributors/globaldatanet/aws-firewall-factory)](https://badgen.net/github/contributors/globaldatanet/aws-firewall-factory) [![watchers](https://badgen.net/github/watchers/globaldatanet/aws-firewall-factory)](https://badgen.net/github/watchers/globaldatanet/aws-firewall-factory) [![last-commit](https://badgen.net/github/last-commit/globaldatanet/aws-firewall-factory)](https://badgen.net/github/last-commit/globaldatanet/aws-firewall-factory) [![open-issues](https://badgen.net/github/open-issues/globaldatanet/aws-firewall-factory)](https://badgen.net/github/open-issues/globaldatanet/aws-firewall-factory) [![closed-issues](https://badgen.net/github/closed-issues/globaldatanet/aws-firewall-factory)](https://badgen.net/github/closed-issues/globaldatanet/aws-firewall-factory) |

| **[IAMSpy](https://github.com/WithSecureLabs/IAMSpy)** | A library that utilises the Z3 prover to attempt to answer questions about AWS IAM. |[![stars](https://badgen.net/github/stars/WithSecureLabs/IAMSpy)](https://badgen.net/github/stars/WithSecureLabs/IAMSpy)| [![contributors](https://badgen.net/github/contributors/WithSecureLabs/IAMSpy)](https://badgen.net/github/contributors/WithSecureLabs/IAMSpy) [![watchers](https://badgen.net/github/watchers/WithSecureLabs/IAMSpy)](https://badgen.net/github/watchers/WithSecureLabs/IAMSpy) [![last-commit](https://badgen.net/github/last-commit/WithSecureLabs/IAMSpy)](https://badgen.net/github/last-commit/WithSecureLabs/IAMSpy) [![open-issues](https://badgen.net/github/open-issues/WithSecureLabs/IAMSpy)](https://badgen.net/github/open-issues/WithSecureLabs/IAMSpy) [![closed-issues](https://badgen.net/github/closed-issues/WithSecureLabs/IAMSpy)](https://badgen.net/github/closed-issues/WithSecureLabs/IAMSpy) |

| **[nuvola](https://github.com/primait/nuvola)** | Dump and perform automatic and manual security analysis on AWS environments configurations and services using predefined, extensible and custom rules created using a simple Yaml syntax |[![stars](https://badgen.net/github/stars/primait/nuvola)](https://badgen.net/github/stars/primait/nuvola)| [![contributors](https://badgen.net/github/contributors/primait/nuvola)](https://badgen.net/github/contributors/primait/nuvola)[![watchers](https://badgen.net/github/watchers/primait/nuvola)](https://badgen.net/github/watchers/primait/nuvola)[![last-commit](https://badgen.net/github/last-commit/primait/nuvola)](https://badgen.net/github/last-commit/primait/nuvola) [![open-issues](https://badgen.net/github/open-issues/primait/nuvola)](https://badgen.net/github/open-issues/primait/nuvola) [![closed-issues](https://badgen.net/github/closed-issues/primait/nuvola)](https://badgen.net/github/closed-issues/primait/nuvola) |

| **[aws-security-architectures](https://github.com/cjsrkd3321/aws-security-architectures)** | Architectures for AWS security. (Detect, Alarm, Macie, etc.) Many architectures will be added in the future. |[![stars](https://badgen.net/github/stars/cjsrkd3321/aws-security-architectures)](https://badgen.net/github/stars/cjsrkd3321/aws-security-architectures)| [![contributors](https://badgen.net/github/contributors/cjsrkd3321/aws-security-architectures)](https://badgen.net/github/contributors/cjsrkd3321/aws-security-architectures) [![watchers](https://badgen.net/github/watchers/cjsrkd3321/aws-security-architectures)](https://badgen.net/github/watchers/cjsrkd3321/aws-security-architectures) [![last-commit](https://badgen.net/github/last-commit/cjsrkd3321/aws-security-architectures)](https://badgen.net/github/last-commit/cjsrkd3321/aws-security-architectures) [![open-issues](https://badgen.net/github/open-issues/cjsrkd3321/aws-security-architectures)](https://badgen.net/github/open-issues/cjsrkd3321/aws-security-architectures) [![closed-issues](https://badgen.net/github/closed-issues/cjsrkd3321/aws-security-architectures)](https://badgen.net/github/closed-issues/cjsrkd3321/aws-security-architectures) |

| **[MetaHub for AWS Security Hub](https://github.com/gabrielsoltz/metahub)** | MetaHub is the CLI utility for AWS Security Hub which provides you with extra functionality like grouping your findings by affected reources, executing MetaChecks and MetaTags directly in the affected resource for enriching your findings, filters on top of MetaChecks and MetaTags, different reports like CSV, JSON and HTML, bulk updates, and enriching your findings directly in AWS Security Hub. | [![stars](https://badgen.net/github/stars/gabrielsoltz/metahub)](https://badgen.net/github/stars/gabrielsoltz/metahub) | [![contributors](https://badgen.net/github/contributors/gabrielsoltz/metahub)](https://badgen.net/github/contributors/gabrielsoltz/metahub)  [![watchers](https://badgen.net/github/watchers/gabrielsoltz/metahub)](https://badgen.net/github/watchers/gabrielsoltz/metahub)  [![last-commit](https://badgen.net/github/last-commit/gabrielsoltz/metahub)](https://badgen.net/github/last-commit/gabrielsoltz/metahub) [![open-issues](https://badgen.net/github/open-issues/gabrielsoltz/metahub)](https://badgen.net/github/open-issues/gabrielsoltz/metahub) [![closed-issues](https://badgen.net/github/closed-issues/gabrielsoltz/metahub)](https://badgen.net/github/closed-issues/gabrielsoltz/metahub) |

| **[Matano](https://github.com/matanolabs/matano)** | Matano is an open source cloud-native security lake platform (SIEM alternative) for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS.  | [![stars](https://badgen.net/github/stars/matanolabs/matano)](https://badgen.net/github/stars/matanolabs/matano) | [![contributors](https://badgen.net/github/contributors/matanolabs/matano)](https://badgen.net/github/contributors/matanolabs/matano)  [![watchers](https://badgen.net/github/watchers/matanolabs/matano)](https://badgen.net/github/watchers/matanolabs/matano)  [![last-commit](https://badgen.net/github/last-commit/matanolabs/matano)](https://badgen.net/github/last-commit/matanolabs/matano) [![open-issues](https://badgen.net/github/open-issues/matanolabs/matano)](https://badgen.net/github/open-issues/matanolabs/matano) [![closed-issues](https://badgen.net/github/closed-issues/matanolabs/matano)](https://badgen.net/github/closed-issues/matanolabs/matano) |

| **[aws-list-resources](https://github.com/welldone-cloud/aws-list-resources)** | Uses the AWS Cloud Control API to list resources that are present in a given AWS account and region(s). Discovered resources are written to a JSON output file. | [![stars](https://badgen.net/github/stars/welldone-cloud/aws-list-resources)](https://badgen.net/github/stars/welldone-cloud/aws-list-resources) | [![contributors](https://badgen.net/github/contributors/welldone-cloud/aws-list-resources)](https://badgen.net/github/contributors/welldone-cloud/aws-list-resources)  [![watchers](https://badgen.net/github/watchers/welldone-cloud/aws-list-resources)](https://badgen.net/github/watchers/welldone-cloud/aws-list-resources)  [![last-commit](https://badgen.net/github/last-commit/welldone-cloud/aws-list-resources)](https://badgen.net/github/last-commit/welldone-cloud/aws-list-resources) [![open-issues](https://badgen.net/github/open-issues/welldone-cloud/aws-list-resources)](https://badgen.net/github/open-issues/welldone-cloud/aws-list-resources) [![closed-issues](https://badgen.net/github/closed-issues/welldone-cloud/aws-list-resources)](https://badgen.net/github/closed-issues/welldone-cloud/aws-list-resources) |

| **[aws-summarize-account-activity](https://github.com/welldone-cloud/aws-summarize-account-activity)** | Analyzes CloudTrail data of a given AWS account and generates a summary of recently active IAM principals, API calls they made and regions that were used. The summary is written to a JSON output file and can optionally be visualized as PNG files. | [![stars](https://badgen.net/github/stars/welldone-cloud/aws-summarize-account-activity)](https://badgen.net/github/stars/welldone-cloud/aws-summarize-account-activity) | [![contributors](https://badgen.net/github/contributors/welldone-cloud/aws-summarize-account-activity)](https://badgen.net/github/contributors/welldone-cloud/aws-summarize-account-activity)  [![watchers](https://badgen.net/github/watchers/welldone-cloud/aws-summarize-account-activity)](https://badgen.net/github/watchers/welldone-cloud/aws-summarize-account-activity)  [![last-commit](https://badgen.net/github/last-commit/welldone-cloud/aws-summarize-account-activity)](https://badgen.net/github/last-commit/welldone-cloud/aws-summarize-account-activity) [![open-issues](https://badgen.net/github/open-issues/welldone-cloud/aws-summarize-account-activity)](https://badgen.net/github/open-issues/welldone-cloud/aws-summarize-account-activity) [![closed-issues](https://badgen.net/github/closed-issues/welldone-cloud/aws-summarize-account-activity)](https://badgen.net/github/closed-issues/welldone-cloud/aws-summarize-account-activity) |

| **[aws-lint-iam-policies](https://github.com/welldone-cloud/aws-lint-iam-policies)** | Runs IAM policy linting checks against either a single AWS account or all accounts of an AWS Organization. Reports on policies that violate security best practices or contain errors. Supports both identity-based and resource-based policies. | [![stars](https://badgen.net/github/stars/welldone-cloud/aws-lint-iam-policies)](https://badgen.net/github/stars/welldone-cloud/aws-lint-iam-policies) | [![contributors](https://badgen.net/github/contributors/welldone-cloud/aws-lint-iam-policies)](https://badgen.net/github/contributors/welldone-cloud/aws-lint-iam-policies)  [![watchers](https://badgen.net/github/watchers/welldone-cloud/aws-lint-iam-policies)](https://badgen.net/github/watchers/welldone-cloud/aws-lint-iam-policies)  [![last-commit](https://badgen.net/github/last-commit/welldone-cloud/aws-lint-iam-policies)](https://badgen.net/github/last-commit/welldone-cloud/aws-lint-iam-policies) [![open-issues](https://badgen.net/github/open-issues/welldone-cloud/aws-lint-iam-policies)](https://badgen.net/github/open-issues/welldone-cloud/aws-lint-iam-policies) [![closed-issues](https://badgen.net/github/closed-issues/welldone-cloud/aws-lint-iam-policies)](https://badgen.net/github/closed-issues/welldone-cloud/aws-lint-iam-policies) |

## Offensive

| Name | Description | Popularity | Metadata |

| ---------- | :---------- | :----------: | :----------: |

| **[cloudfox](https://github.com/BishopFox/cloudfox)** | Find exploitable attack paths in cloud infrastructure |[![stars](https://badgen.net/github/stars/BishopFox/cloudfox)](https://badgen.net/github/stars/BishopFox/cloudfox)| [![contributors](https://badgen.net/github/contributors/BishopFox/cloudfox)](https://badgen.net/github/contributors/BishopFox/cloudfox)[![watchers](https://badgen.net/github/watchers/BishopFox/cloudfox)](https://badgen.net/github/watchers/BishopFox/cloudfox)[![last-commit](https://badgen.net/github/last-commit/BishopFox/cloudfox)](https://badgen.net/github/last-commit/BishopFox/cloudfox) [![open-issues](https://badgen.net/github/open-issues/BishopFox/cloudfox)](https://badgen.net/github/open-issues/BishopFox/cloudfox) [![closed-issues](https://badgen.net/github/closed-issues/BishopFox/cloudfox)](https://badgen.net/github/closed-issues/BishopFox/cloudfox) |

| **[WeirdAAL](https://github.com/carnal0wnage/weirdAAL)** | AWS Attack Library |[![stars](https://badgen.net/github/stars/carnal0wnage/weirdAAL)](https://badgen.net/github/stars/carnal0wnage/weirdAAL)| [![contributors](https://badgen.net/github/contributors/carnal0wnage/weirdAAL)](https://badgen.net/github/contributors/carnal0wnage/weirdAAL)[![watchers](https://badgen.net/github/watchers/carnal0wnage/weirdAAL)](https://badgen.net/github/watchers/carnal0wnage/weirdAAL)[![last-commit](https://badgen.net/github/last-commit/carnal0wnage/weirdAAL)](https://badgen.net/github/last-commit/carnal0wnage/weirdAAL) [![open-issues](https://badgen.net/github/open-issues/carnal0wnage/weirdAAL)](https://badgen.net/github/open-issues/carnal0wnage/weirdAAL) [![closed-issues](https://badgen.net/github/closed-issues/carnal0wnage/weirdAAL)](https://badgen.net/github/closed-issues/carnal0wnage/weirdAAL) |

| **[Pacu](https://github.com/RhinoSecurityLabs/pacu)** | AWS penetration testing toolkit |[![stars](https://badgen.net/github/stars/RhinoSecurityLabs/pacu)](https://badgen.net/github/stars/RhinoSecurityLabs/pacu)| [![contributors](https://badgen.net/github/contributors/RhinoSecurityLabs/pacu)](https://badgen.net/github/contributors/RhinoSecurityLabs/pacu)[![watchers](https://badgen.net/github/watchers/RhinoSecurityLabs/pacu)](https://badgen.net/github/watchers/RhinoSecurityLabs/pacu)[![last-commit](https://badgen.net/github/last-commit/RhinoSecurityLabs/pacu)](https://badgen.net/github/last-commit/RhinoSecurityLabs/pacu) [![open-issues](https://badgen.net/github/open-issues/RhinoSecurityLabs/pacu)](https://badgen.net/github/open-issues/RhinoSecurityLabs/pacu) [![closed-issues](https://badgen.net/github/closed-issues/RhinoSecurityLabs/pacu)](https://badgen.net/github/closed-issues/RhinoSecurityLabs/pacu) |

| **[Cred Scanner](https://github.com/disruptops/cred_scanner)** | A simple file-based scanner to look for potential AWS access and secret keys in files  |[![stars](https://badgen.net/github/stars/disruptops/cred_scanner)](https://badgen.net/github/stars/disruptops/cred_scanner)| [![contributors](https://badgen.net/github/contributors/disruptops/cred_scanner)](https://badgen.net/github/contributors/disruptops/cred_scanner)[![watchers](https://badgen.net/github/watchers/disruptops/cred_scanner)](https://badgen.net/github/watchers/disruptops/cred_scanner)[![last-commit](https://badgen.net/github/last-commit/disruptops/cred_scanner)](https://badgen.net/github/last-commit/disruptops/cred_scanner) [![open-issues](https://badgen.net/github/open-issues/disruptops/cred_scanner)](https://badgen.net/github/open-issues/disruptops/cred_scanner) [![closed-issues](https://badgen.net/github/closed-issues/disruptops/cred_scanner)](https://badgen.net/github/closed-issues/disruptops/cred_scanner) |

| **[AWS PWN](https://github.com/dagrz/aws_pwn)** | A collection of AWS penetration testing junk  |[![stars](https://badgen.net/github/stars/dagrz/aws_pwn)](https://badgen.net/github/stars/dagrz/aws_pwn)| [![contributors](https://badgen.net/github/contributors/dagrz/aws_pwn)](https://badgen.net/github/contributors/dagrz/aws_pwn)[![watchers](https://badgen.net/github/watchers/dagrz/aws_pwn)](https://badgen.net/github/watchers/dagrz/aws_pwn)[![last-commit](https://badgen.net/github/last-commit/dagrz/aws_pwn)](https://badgen.net/github/last-commit/dagrz/aws_pwn) [![open-issues](https://badgen.net/github/open-issues/dagrz/aws_pwn)](https://badgen.net/github/open-issues/dagrz/aws_pwn) [![closed-issues](https://badgen.net/github/closed-issues/dagrz/aws_pwn)](https://badgen.net/github/closed-issues/dagrz/aws_pwn) |

| **[Cloudfrunt](https://github.com/MindPointGroup/cloudfrunt)** | A tool for identifying misconfigured CloudFront domains  |[![stars](https://badgen.net/github/stars/MindPointGroup/cloudfrunt)](https://badgen.net/github/stars/MindPointGroup/cloudfrunt)| [![contributors](https://badgen.net/github/contributors/MindPointGroup/cloudfrunt)](https://badgen.net/github/contributors/MindPointGroup/cloudfrunt)[![watchers](https://badgen.net/github/watchers/MindPointGroup/cloudfrunt)](https://badgen.net/github/watchers/MindPointGroup/cloudfrunt)[![last-commit](https://badgen.net/github/last-commit/MindPointGroup/cloudfrunt)](https://badgen.net/github/last-commit/MindPointGroup/cloudfrunt) [![open-issues](https://badgen.net/github/open-issues/MindPointGroup/cloudfrunt)](https://badgen.net/github/open-issues/MindPointGroup/cloudfrunt) [![closed-issues](https://badgen.net/github/closed-issues/MindPointGroup/cloudfrunt)](https://badgen.net/github/closed-issues/MindPointGroup/cloudfrunt) |

| **[Cloudjack](https://github.com/prevade/cloudjack)** | Route53/CloudFront Vulnerability Assessment Utility  |[![stars](https://badgen.net/github/stars/prevade/cloudjack)](https://badgen.net/github/stars/prevade/cloudjack)| [![contributors](https://badgen.net/github/contributors/prevade/cloudjack)](https://badgen.net/github/contributors/prevade/cloudjack)[![watchers](https://badgen.net/github/watchers/prevade/cloudjack)](https://badgen.net/github/watchers/prevade/cloudjack)[![last-commit](https://badgen.net/github/last-commit/prevade/cloudjack)](https://badgen.net/github/last-commit/prevade/cloudjack) [![open-issues](https://badgen.net/github/open-issues/prevade/cloudjack)](https://badgen.net/github/open-issues/prevade/cloudjack) [![closed-issues](https://badgen.net/github/closed-issues/prevade/cloudjack)](https://badgen.net/github/closed-issues/prevade/cloudjack) |

| **[Nimbostratus](https://github.com/andresriancho/nimbostratus)** | Tools for fingerprinting and exploiting Amazon cloud infrastructures  |[![stars](https://badgen.net/github/stars/andresriancho/nimbostratus)](https://badgen.net/github/stars/andresriancho/nimbostratus)| [![contributors](https://badgen.net/github/contributors/andresriancho/nimbostratus)](https://badgen.net/github/contributors/andresriancho/nimbostratus)[![watchers](https://badgen.net/github/watchers/andresriancho/nimbostratus)](https://badgen.net/github/watchers/andresriancho/nimbostratus)[![last-commit](https://badgen.net/github/last-commit/andresriancho/nimbostratus)](https://badgen.net/github/last-commit/andresriancho/nimbostratus) [![open-issues](https://badgen.net/github/open-issues/andresriancho/nimbostratus)](https://badgen.net/github/open-issues/andresriancho/nimbostratus) [![closed-issues](https://badgen.net/github/closed-issues/andresriancho/nimbostratus)](https://badgen.net/github/closed-issues/andresriancho/nimbostratus) |

| **[GitLeaks](https://github.com/zricethezav/gitleaks)** | Audit git repos for secrets |[![stars](https://badgen.net/github/stars/zricethezav/gitleaks)](https://badgen.net/github/stars/zricethezav/gitleaks)| [![contributors](https://badgen.net/github/contributors/zricethezav/gitleaks)](https://badgen.net/github/contributors/zricethezav/gitleaks)[![watchers](https://badgen.net/github/watchers/zricethezav/gitleaks)](https://badgen.net/github/watchers/zricethezav/gitleaks)[![last-commit](https://badgen.net/github/last-commit/zricethezav/gitleaks)](https://badgen.net/github/last-commit/zricethezav/gitleaks) [![open-issues](https://badgen.net/github/open-issues/zricethezav/gitleaks)](https://badgen.net/github/open-issues/zricethezav/gitleaks) [![closed-issues](https://badgen.net/github/closed-issues/zricethezav/gitleaks)](https://badgen.net/github/closed-issues/zricethezav/gitleaks) |

| **[TruffleHog](https://github.com/dxa4481/truffleHog)** | Searches through git repositories for high entropy strings and secrets  digging deep into commit history |[![stars](https://badgen.net/github/stars/dxa4481/truffleHog)](https://badgen.net/github/stars/dxa4481/truffleHog)| [![contributors](https://badgen.net/github/contributors/dxa4481/truffleHog)](https://badgen.net/github/contributors/dxa4481/truffleHog)[![watchers](https://badgen.net/github/watchers/dxa4481/truffleHog)](https://badgen.net/github/watchers/dxa4481/truffleHog)[![last-commit](https://badgen.net/github/last-commit/dxa4481/truffleHog)](https://badgen.net/github/last-commit/dxa4481/truffleHog) [![open-issues](https://badgen.net/github/open-issues/dxa4481/truffleHog)](https://badgen.net/github/open-issues/dxa4481/truffleHog) [![closed-issues](https://badgen.net/github/closed-issues/dxa4481/truffleHog)](https://badgen.net/github/closed-issues/dxa4481/truffleHog) |

| **[DumpsterDiver](https://github.com/securing/DumpsterDiver)** | "Tool to search secrets in various filetypes  like keys (e.g. AWS Access Key  Azure Share Key or SSH keys) or passwords." |[![stars](https://badgen.net/github/stars/securing/DumpsterDiver)](https://badgen.net/github/stars/securing/DumpsterDiver)| [![contributors](https://badgen.net/github/contributors/securing/DumpsterDiver)](https://badgen.net/github/contributors/securing/DumpsterDiver)[![watchers](https://badgen.net/github/watchers/securing/DumpsterDiver)](https://badgen.net/github/watchers/securing/DumpsterDiver)[![last-commit](https://badgen.net/github/last-commit/securing/DumpsterDiver)](https://badgen.net/github/last-commit/securing/DumpsterDiver) [![open-issues](https://badgen.net/github/open-issues/securing/DumpsterDiver)](https://badgen.net/github/open-issues/securing/DumpsterDiver) [![closed-issues](https://badgen.net/github/closed-issues/securing/DumpsterDiver)](https://badgen.net/github/closed-issues/securing/DumpsterDiver) |

| **[Mad-King](https://github.com/ThreatResponse/mad-king)** | Proof of Concept Zappa Based AWS Persistence and Attack Platform |[![stars](https://badgen.net/github/stars/ThreatResponse/mad-king)](https://badgen.net/github/stars/ThreatResponse/mad-king)| [![contributors](https://badgen.net/github/contributors/ThreatResponse/mad-king)](https://badgen.net/github/contributors/ThreatResponse/mad-king)[![watchers](https://badgen.net/github/watchers/ThreatResponse/mad-king)](https://badgen.net/github/watchers/ThreatResponse/mad-king)[![last-commit](https://badgen.net/github/last-commit/ThreatResponse/mad-king)](https://badgen.net/github/last-commit/ThreatResponse/mad-king) [![open-issues](https://badgen.net/github/open-issues/ThreatResponse/mad-king)](https://badgen.net/github/open-issues/ThreatResponse/mad-king) [![closed-issues](https://badgen.net/github/closed-issues/ThreatResponse/mad-king)](https://badgen.net/github/closed-issues/ThreatResponse/mad-king) |

| **[Cloud-Nuke](https://github.com/gruntwork-io/cloud-nuke)** | A tool for cleaning up your cloud accounts by nuking (deleting) all resources within it |[![stars](https://badgen.net/github/stars/gruntwork-io/cloud-nuke)](https://badgen.net/github/stars/gruntwork-io/cloud-nuke)| [![contributors](https://badgen.net/github/contributors/gruntwork-io/cloud-nuke)](https://badgen.net/github/contributors/gruntwork-io/cloud-nuke)[![watchers](https://badgen.net/github/watchers/gruntwork-io/cloud-nuke)](https://badgen.net/github/watchers/gruntwork-io/cloud-nuke)[![last-commit](https://badgen.net/github/last-commit/gruntwork-io/cloud-nuke)](https://badgen.net/github/last-commit/gruntwork-io/cloud-nuke) [![open-issues](https://badgen.net/github/open-issues/gruntwork-io/cloud-nuke)](https://badgen.net/github/open-issues/gruntwork-io/cloud-nuke) [![closed-issues](https://badgen.net/github/closed-issues/gruntwork-io/cloud-nuke)](https://badgen.net/github/closed-issues/gruntwork-io/cloud-nuke) |

| **[MozDef - The Mozilla Defense Platform](https://github.com/mozilla/MozDef)** | The Mozilla Defense Platform (MozDef) seeks to automate the security incident handling process and facilitate the real-time activities of incident handlers. |[![stars](https://badgen.net/github/stars/mozilla/MozDef)](https://badgen.net/github/stars/mozilla/MozDef)| [![contributors](https://badgen.net/github/contributors/mozilla/MozDef)](https://badgen.net/github/contributors/mozilla/MozDef)[![watchers](https://badgen.net/github/watchers/mozilla/MozDef)](https://badgen.net/github/watchers/mozilla/MozDef)[![last-commit](https://badgen.net/github/last-commit/mozilla/MozDef)](https://badgen.net/github/last-commit/mozilla/MozDef) [![open-issues](https://badgen.net/github/open-issues/mozilla/MozDef)](https://badgen.net/github/open-issues/mozilla/MozDef) [![closed-issues](https://badgen.net/github/closed-issues/mozilla/MozDef)](https://badgen.net/github/closed-issues/mozilla/MozDef) |

| **[Lambda-Proxy](https://github.com/puresec/lambda-proxy)** | A bridge between SQLMap and AWS Lambda  which lets you use SQLMap to natively test AWS Lambda functions for SQL Injection vulnerabilities. |[![stars](https://badgen.net/github/stars/puresec/lambda-proxy)](https://badgen.net/github/stars/puresec/lambda-proxy)| [![contributors](https://badgen.net/github/contributors/puresec/lambda-proxy)](https://badgen.net/github/contributors/puresec/lambda-proxy)[![watchers](https://badgen.net/github/watchers/puresec/lambda-proxy)](https://badgen.net/github/watchers/puresec/lambda-proxy)[![last-commit](https://badgen.net/github/last-commit/puresec/lambda-proxy)](https://badgen.net/github/last-commit/puresec/lambda-proxy) [![open-issues](https://badgen.net/github/open-issues/puresec/lambda-proxy)](https://badgen.net/github/open-issues/puresec/lambda-proxy) [![closed-issues](https://badgen.net/github/closed-issues/puresec/lambda-proxy)](https://badgen.net/github/closed-issues/puresec/lambda-proxy) |

| **[CloudCopy](https://github.com/Static-Flow/CloudCopy)** | Cloud version of the Shadow Copy attack against domain controllers running in AWS using only the EC2:CreateSnapshot permission |[![stars](https://badgen.net/github/stars/Static-Flow/CloudCopy)](https://badgen.net/github/stars/Static-Flow/CloudCopy)| [![contributors](https://badgen.net/github/contributors/Static-Flow/CloudCopy)](https://badgen.net/github/contributors/Static-Flow/CloudCopy)[![watchers](https://badgen.net/github/watchers/Static-Flow/CloudCopy)](https://badgen.net/github/watchers/Static-Flow/CloudCopy)[![last-commit](https://badgen.net/github/last-commit/Static-Flow/CloudCopy)](https://badgen.net/github/last-commit/Static-Flow/CloudCopy) [![open-issues](https://badgen.net/github/open-issues/Static-Flow/CloudCopy)](https://badgen.net/github/open-issues/Static-Flow/CloudCopy) [![closed-issues](https://badgen.net/github/closed-issues/Static-Flow/CloudCopy)](https://badgen.net/github/closed-issues/Static-Flow/CloudCopy) |

| **[enumerate-iam](https://github.com/andresriancho/enumerate-iam)** | Enumerate the permissions associated with AWS credential set |[![stars](https://badgen.net/github/stars/andresriancho/enumerate-iam)](https://badgen.net/github/stars/andresriancho/enumerate-iam)| [![contributors](https://badgen.net/github/contributors/andresriancho/enumerate-iam)](https://badgen.net/github/contributors/andresriancho/enumerate-iam)[![watchers](https://badgen.net/github/watchers/andresriancho/enumerate-iam)](https://badgen.net/github/watchers/andresriancho/enumerate-iam)[![last-commit](https://badgen.net/github/last-commit/andresriancho/enumerate-iam)](https://badgen.net/github/last-commit/andresriancho/enumerate-iam) [![open-issues](https://badgen.net/github/open-issues/andresriancho/enumerate-iam)](https://badgen.net/github/open-issues/andresriancho/enumerate-iam) [![closed-issues](https://badgen.net/github/closed-issues/andresriancho/enumerate-iam)](https://badgen.net/github/closed-issues/andresriancho/enumerate-iam) |

| **[Barq](https://github.com/Voulnet/barq)** | A post-exploitation framework that allows you to easily perform attacks on a running AWS infrastructure |[![stars](https://badgen.net/github/stars/Voulnet/barq)](https://badgen.net/github/stars/Voulnet/barq)| [![contributors](https://badgen.net/github/contributors/Voulnet/barq)](https://badgen.net/github/contributors/Voulnet/barq)[![watchers](https://badgen.net/github/watchers/Voulnet/barq)](https://badgen.net/github/watchers/Voulnet/barq)[![last-commit](https://badgen.net/github/last-commit/Voulnet/barq)](https://badgen.net/github/last-commit/Voulnet/barq) [![open-issues](https://badgen.net/github/open-issues/Voulnet/barq)](https://badgen.net/github/open-issues/Voulnet/barq) [![closed-issues](https://badgen.net/github/closed-issues/Voulnet/barq)](https://badgen.net/github/closed-issues/Voulnet/barq) |

| **[CCAT](https://github.com/RhinoSecurityLabs/ccat)** | Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments |[![stars](https://badgen.net/github/stars/RhinoSecurityLabs/ccat)](https://badgen.net/github/stars/RhinoSecurityLabs/ccat)| [![contributors](https://badgen.net/github/contributors/RhinoSecurityLabs/ccat)](https://badgen.net/github/contributors/RhinoSecurityLabs/ccat)[![watchers](https://badgen.net/github/watchers/RhinoSecurityLabs/ccat)](https://badgen.net/github/watchers/RhinoSecurityLabs/ccat)[![last-commit](https://badgen.net/github/last-commit/RhinoSecurityLabs/ccat)](https://badgen.net/github/last-commit/RhinoSecurityLabs/ccat) [![open-issues](https://badgen.net/github/open-issues/RhinoSecurityLabs/ccat)](https://badgen.net/github/open-issues/RhinoSecurityLabs/ccat) [![closed-issues](https://badgen.net/github/closed-issues/RhinoSecurityLabs/ccat)](https://badgen.net/github/closed-issues/RhinoSecurityLabs/ccat) |

| **[Dufflebag](https://github.com/bishopfox/dufflebag)** | Search exposed EBS volumes for secrets | [![stars](https://badgen.net/github/stars/bishopfox/dufflebag)](https://badgen.net/github/stars/bishopfox/dufflebag) | [![contributors](https://badgen.net/github/contributors/bishopfox/dufflebag)](https://badgen.net/github/contributors/bishopfox/dufflebag) [![watchers](https://badgen.net/github/watchers/bishopfox/dufflebag)](https://badgen.net/github/watchers/bishopfox/dufflebag) [![last-commit](https://badgen.net/github/last-commit/bishopfox/dufflebag)](https://badgen.net/github/last-commit/bishopfox/dufflebag) [![open-issues](https://badgen.net/github/open-issues/bishopfox/dufflebag)](https://badgen.net/github/open-issues/bishopfox/dufflebag) [![closed-issues](https://badgen.net/github/closed-issues/bishopfox/dufflebag)](https://badgen.net/github/closed-issues/bishopfox/dufflebag) |

| **[attack_range](https://github.com/splunk/attack_range)** | A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data into Splunk | [![stars](https://badgen.net/github/stars/splunk/attack_range)](https://badgen.net/github/stars/splunk/attack_range) | [![contributors](https://badgen.net/github/contributors/splunk/attack_range)](https://badgen.net/github/contributors/splunk/attack_range) [![watchers](https://badgen.net/github/watchers/splunk/attack_range)](https://badgen.net/github/watchers/splunk/attack_range) [![last-commit](https://badgen.net/github/last-commit/splunk/attack_range)](https://badgen.net/github/last-commit/splunk/attack_range) [![open-issues](https://badgen.net/github/open-issues/splunk/attack_range)](https://badgen.net/github/open-issues/splunk/attack_range) [![closed-issues](https://badgen.net/github/closed-issues/splunk/attack_range)](https://badgen.net/github/closed-issues/splunk/attack_range) |

| **[whispers](https://github.com/Skyscanner/whispers)** | Identify hardcoded secrets and dangerous behaviours | [![stars](https://badgen.net/github/stars/Skyscanner/whispers)](https://badgen.net/github/stars/Skyscanner/whispers) | [![contributors](https://badgen.net/github/contributors/Skyscanner/whispers)](https://badgen.net/github/contributors/Skyscanner/whispers) [![watchers](https://badgen.net/github/watchers/Skyscanner/whispers)](https://badgen.net/github/watchers/Skyscanner/whispers) [![last-commit](https://badgen.net/github/last-commit/Skyscanner/whispers)](https://badgen.net/github/last-commit/Skyscanner/whispers) [![open-issues](https://badgen.net/github/open-issues/Skyscanner/whispers)](https://badgen.net/github/open-issues/Skyscanner/whispers) [![closed-issues](https://badgen.net/github/closed-issues/Skyscanner/whispers)](https://badgen.net/github/closed-issues/Skyscanner/whispers) |

| **[Redboto](https://github.com/elitest/Redboto)** | Red Team AWS Scripts | [![stars](https://badgen.net/github/stars/elitest/Redboto)](https://badgen.net/github/stars/elitest/Redboto) | [![contributors](https://badgen.net/github/contributors/elitest/Redboto)](https://badgen.net/github/contributors/elitest/Redboto) [![watchers](https://badgen.net/github/watchers/elitest/Redboto)](https://badgen.net/github/watchers/elitest/Redboto) [![last-commit](https://badgen.net/github/last-commit/elitest/Redboto)](https://badgen.net/github/last-commit/elitest/Redboto) [![open-issues](https://badgen.net/github/open-issues/elitest/Redboto)](https://badgen.net/github/open-issues/elitest/Redboto) [![closed-issues](https://badgen.net/github/closed-issues/elitest/Redboto)](https://badgen.net/github/closed-issues/elitest/Redboto) |

| **[CloudBrute](https://github.com/0xsha/cloudbrute)** | A tool to find a company (target) infrastructure, files, and apps on the top cloud providers | [![stars](https://badgen.net/github/stars/0xsha/cloudbrute)](https://badgen.net/github/stars/0xsha/cloudbrute) | [![contributors](https://badgen.net/github/contributors/0xsha/cloudbrute)](https://badgen.net/github/contributors/0xsha/cloudbrute) [![watchers](https://badgen.net/github/watchers/0xsha/cloudbrute)](https://badgen.net/github/watchers/0xsha/cloudbrute) [![last-commit](https://badgen.net/github/last-commit/0xsha/cloudbrute)](https://badgen.net/github/last-commit/0xsha/cloudbrute) [![open-issues](https://badgen.net/github/open-issues/0xsha/cloudbrute)](https://badgen.net/github/open-issues/0xsha/cloudbrute) [![closed-issues](https://badgen.net/github/closed-issues/0xsha/cloudbrute)](https://badgen.net/github/closed-issues/0xsha/cloudbrute) |

## Purple Teaming & Adversary Emulation

| Name | Description | Popularity | Metadata |

| ---------- | :---------- | :----------: | :----------: |

| **[Stratus Red Team](https://github.com/datadog/stratus-red-team)** | Granular, Actionable Adversary Emulation for the Cloud  | [![stars](https://badgen.net/github/stars/datadog/stratus-red-team)](https://badgen.net/github/stars/datadog/stratus-red-team) | [![contributors](https://badgen.net/github/contributors/datadog/stratus-red-team)](https://badgen.net/github/contributors/datadog/stratus-red-team) [![watchers](https://badgen.net/github/watchers/datadog/stratus-red-team)](https://badgen.net/github/watchers/datadog/stratus-red-team) [![last-commit](https://badgen.net/github/last-commit/datadog/stratus-red-team)](https://badgen.net/github/last-commit/datadog/stratus-red-team) [![open-issues](https://badgen.net/github/open-issues/datadog/stratus-red-team)](https://badgen.net/github/open-issues/datadog/stratus-red-team) [![closed-issues](https://badgen.net/github/closed-issues/datadog/stratus-red-team)](https://badgen.net/github/closed-issues/datadog/stratus-red-team) |

| **[Leonidas](https://github.com/fsecurelabs/leonidas)** | Automated Attack Simulation in the Cloud complete with detection use cases.  | [![stars](https://badgen.net/github/stars/fsecurelabs/leonidas)](https://badgen.net/github/stars/fsecurelabs/leonidas) | [![contributors](https://badgen.net/github/contributors/fsecurelabs/leonidas)](https://badgen.net/github/contributors/fsecurelabs/leonidas) [![watchers](https://badgen.net/github/watchers/fsecurelabs/leonidas)](https://badgen.net/github/watchers/fsecurelabs/leonidas) [![last-commit](https://badgen.net/github/last-commit/fsecurelabs/leonidas)](https://badgen.net/github/last-commit/fsecurelabs/leonidas) [![open-issues](https://badgen.net/github/open-issues/fsecurelabs/leonidas)](https://badgen.net/github/open-issues/fsecurelabs/leonidas) [![closed-issues](https://badgen.net/github/closed-issues/fsecurelabs/leonidas)](https://badgen.net/github/closed-issues/fsecurelabs/leonidas) |

| **[Amazon Guardduty Tester](https://github.com/awslabs/amazon-guardduty-tester)** | This script is used to generate some basic detections of the GuardDuty service | [![stars](https://badgen.net/github/stars/awslabs/amazon-guardduty-tester)](https://badgen.net/github/stars/awslabs/amazon-guardduty-tester) | [![contributors](https://badgen.net/github/contributors/awslabs/amazon-guardduty-tester)](https://badgen.net/github/contributors/awslabs/amazon-guardduty-tester) [![watchers](https://badgen.net/github/watchers/awslabs/amazon-guardduty-tester)](https://badgen.net/github/watchers/awslabs/amazon-guardduty-tester) [![last-commit](https://badgen.net/github/last-commit/awslabs/amazon-guardduty-tester)](https://badgen.net/github/last-commit/awslabs/amazon-guardduty-tester) [![open-issues](https://badgen.net/github/open-issues/awslabs/amazon-guardduty-tester)](https://badgen.net/github/open-issues/awslabs/amazon-guardduty-tester) [![closed-issues](https://badgen.net/github/closed-issues/awslabs/amazon-guardduty-tester)](https://badgen.net/github/closed-issues/awslabs/amazon-guardduty-tester) |

## Continuous Security Auditing

| Name | Description | Popularity | Metadata |

| ---------- | :---------- | :----------: | :----------: |

| **[Security Monkey](https://github.com/Netflix/security_monkey)** |  |[![stars](https://badgen.net/github/stars/Netflix/security_monkey)](https://badgen.net/github/stars/Netflix/security_monkey)| [![contributors](https://badgen.net/github/contributors/Netflix/security_monkey)](https://badgen.net/github/contributors/Netflix/security_monkey)[![watchers](https://badgen.net/github/watchers/Netflix/security_monkey)](https://badgen.net/github/watchers/Netflix/security_monkey)[![last-commit](https://badgen.net/github/last-commit/Netflix/security_monkey)](https://badgen.net/github/last-commit/Netflix/security_monkey) [![open-issues](https://badgen.net/github/open-issues/Netflix/security_monkey)](https://badgen.net/github/open-issues/Netflix/security_monkey) [![closed-issues](https://badgen.net/github/closed-issues/Netflix/security_monkey)](https://badgen.net/github/closed-issues/Netflix/security_monkey) |

| **[Krampus](https://github.com/sendgrid/krampus)** |  |[![stars](https://badgen.net/github/stars/sendgrid/krampus)](https://badgen.net/github/stars/sendgrid/krampus)| [![contributors](https://badgen.net/github/contributors/sendgrid/krampus)](https://badgen.net/github/contributors/sendgrid/krampus)[![watchers](https://badgen.net/github/watchers/sendgrid/krampus)](https://badgen.net/github/watchers/sendgrid/krampus)[![last-commit](https://badgen.net/github/last-commit/sendgrid/krampus)](https://badgen.net/github/last-commit/sendgrid/krampus) [![open-issues](https://badgen.net/github/open-issues/sendgrid/krampus)](https://badgen.net/github/open-issues/sendgrid/krampus) [![closed-issues](https://badgen.net/github/closed-issues/sendgrid/krampus)](https://badgen.net/github/closed-issues/sendgrid/krampus) |

| **[Cloud Inquisitor](https://github.com/RiotGames/cloud-inquisitor)** |  |[![stars](https://badgen.net/github/stars/RiotGames/cloud-inquisitor)](https://badgen.net/github/stars/RiotGames/cloud-inquisitor)| [![contributors](https://badgen.net/github/contributors/RiotGames/cloud-inquisitor)](https://badgen.net/github/contributors/RiotGames/cloud-inquisitor)[![watchers](https://badgen.net/github/watchers/RiotGames/cloud-inquisitor)](https://badgen.net/github/watchers/RiotGames/cloud-inquisitor)[![last-commit](https://badgen.net/github/last-commit/RiotGames/cloud-inquisitor)](https://badgen.net/github/last-commit/RiotGames/cloud-inquisitor) [![open-issues](https://badgen.net/github/open-issues/RiotGames/cloud-inquisitor)](https://badgen.net/github/open-issues/RiotGames/cloud-inquisitor) [![closed-issues](https://badgen.net/github/closed-issues/RiotGames/cloud-inquisitor)](https://badgen.net/github/closed-issues/RiotGames/cloud-inquisitor) |

| **[Disable keys after X days](https://github.com/te-papa/aws-key-disabler)** |  |[![stars](https://badgen.net/github/stars/te-papa/aws-key-disabler)](https://badgen.net/github/stars/te-papa/aws-key-disabler)| [![contributors](https://badgen.net/github/contributors/te-papa/aws-key-disabler)](https://badgen.net/github/contributors/te-papa/aws-key-disabler)[![watchers](https://badgen.net/github/watchers/te-papa/aws-key-disabler)](https://badgen.net/github/watchers/te-papa/aws-key-disabler)[![last-commit](https://badgen.net/github/last-commit/te-papa/aws-key-disabler)](https://badgen.net/github/last-commit/te-papa/aws-key-disabler) [![open-issues](https://badgen.net/github/open-issues/te-papa/aws-key-disabler)](https://badgen.net/github/open-issues/te-papa/aws-key-disabler) [![closed-issues](https://badgen.net/github/closed-issues/te-papa/aws-key-disabler)](https://badgen.net/github/closed-issues/te-papa/aws-key-disabler) |

| **[Repokid Least Privilege](https://github.com/Netflix/repokid)** |  |[![stars](https://badgen.net/github/stars/Netflix/repokid)](https://badgen.net/github/stars/Netflix/repokid)| [![contributors](https://badgen.net/github/contributors/Netflix/repokid)](https://badgen.net/github/contributors/Netflix/repokid)[![watchers](https://badgen.net/github/watchers/Netflix/repokid)](https://badgen.net/github/watchers/Netflix/repokid)[![last-commit](https://badgen.net/github/last-commit/Netflix/repokid)](https://badgen.net/github/last-commit/Netflix/repokid) [![open-issues](https://badgen.net/github/open-issues/Netflix/repokid)](https://badgen.net/github/open-issues/Netflix/repokid) [![closed-issues](https://badgen.net/github/closed-issues/Netflix/repokid)](https://badgen.net/github/closed-issues/Netflix/repokid) |

| **[Wazuh CloudTrail module](https://github.com/wazuh/wazuh)** |  |[![stars](https://badgen.net/github/stars/wazuh/wazuh)](https://badgen.net/github/stars/wazuh/wazuh)| [![contributors](https://badgen.net/github/contributors/wazuh/wazuh)](https://badgen.net/github/contributors/wazuh/wazuh)[![watchers](https://badgen.net/github/watchers/wazuh/wazuh)](https://badgen.net/github/watchers/wazuh/wazuh)[![last-commit](https://badgen.net/github/last-commit/wazuh/wazuh)](https://badgen.net/github/last-commit/wazuh/wazuh) [![open-issues](https://badgen.net/github/open-issues/wazuh/wazuh)](https://badgen.net/github/open-issues/wazuh/wazuh) [![closed-issues](https://badgen.net/github/closed-issues/wazuh/wazuh)](https://badgen.net/github/closed-issues/wazuh/wazuh) |

| **[Hammer](https://github.com/dowjones/hammer)** |  |[![stars](https://badgen.net/github/stars/dowjones/hammer)](https://badgen.net/github/stars/dowjones/hammer)| [![contributors](https://badgen.net/github/contributors/dowjones/hammer)](https://badgen.net/github/contributors/dowjones/hammer)[![watchers](https://badgen.net/github/watchers/dowjones/hammer)](https://badgen.net/github/watchers/dowjones/hammer)[![last-commit](https://badgen.net/github/last-commit/dowjones/hammer)](https://badgen.net/github/last-commit/dowjones/hammer) [![open-issues](https://badgen.net/github/open-issues/dowjones/hammer)](https://badgen.net/github/open-issues/dowjones/hammer) [![closed-issues](https://badgen.net/github/closed-issues/dowjones/hammer)](https://badgen.net/github/closed-issues/dowjones/hammer) |

| **[Streamalert](https://github.com/airbnb/streamalert)** |  |[![stars](https://badgen.net/github/stars/airbnb/streamalert)](https://badgen.net/github/stars/airbnb/streamalert)| [![contributors](https://badgen.net/github/contributors/airbnb/streamalert)](https://badgen.net/github/contributors/airbnb/streamalert)[![watchers](https://badgen.net/github/watchers/airbnb/streamalert)](https://badgen.net/github/watchers/airbnb/streamalert)[![last-commit](https://badgen.net/github/last-commit/airbnb/streamalert)](https://badgen.net/github/last-commit/airbnb/streamalert) [![open-issues](https://badgen.net/github/open-issues/airbnb/streamalert)](https://badgen.net/github/open-issues/airbnb/streamalert) [![closed-issues](https://badgen.net/github/closed-issues/airbnb/streamalert)](https://badgen.net/github/closed-issues/airbnb/streamalert) |

| **[Billing Alerts CFN templates](https://github.com/btkrausen/AWS)** |  |[![stars](https://badgen.net/github/stars/btkrausen/AWS)](https://badgen.net/github/stars/btkrausen/AWS)| [![contributors](https://badgen.net/github/contributors/btkrausen/AWS)](https://badgen.net/github/contributors/btkrausen/AWS)[![watchers](https://badgen.net/github/watchers/btkrausen/AWS)](https://badgen.net/github/watchers/btkrausen/AWS)[![last-commit](https://badgen.net/github/last-commit/btkrausen/AWS)](https://badgen.net/github/last-commit/btkrausen/AWS) [![open-issues](https://badgen.net/github/open-issues/btkrausen/AWS)](https://badgen.net/github/open-issues/btkrausen/AWS) [![closed-issues](https://badgen.net/github/closed-issues/btkrausen/AWS)](https://badgen.net/github/closed-issues/btkrausen/AWS) |

| **[Watchmen](https://github.com/iagcl/watchmen)** | AWS account compliance using centrally managed Config Rules |[![stars](https://badgen.net/github/stars/iagcl/watchmen)](https://badgen.net/github/stars/iagcl/watchmen)| [![contributors](https://badgen.net/github/contributors/iagcl/watchmen)](https://badgen.net/github/contributors/iagcl/watchmen)[![watchers](https://badgen.net/github/watchers/iagcl/watchmen)](https://badgen.net/github/watchers/iagcl/watchmen)[![last-commit](https://badgen.net/github/last-commit/iagcl/watchmen)](https://badgen.net/github/last-commit/iagcl/watchmen) [![open-issues](https://badgen.net/github/open-issues/iagcl/watchmen)](https://badgen.net/github/open-issues/iagcl/watchmen) [![closed-issues](https://badgen.net/github/closed-issues/iagcl/watchmen)](https://badgen.net/github/closed-issues/iagcl/watchmen) |

| **[ElectricEye](https://github.com/jonrau1/ElectricEye)** | Continuously monitor your AWS services for configurations that can lead to degradation of confidentiality, integrity or availability | [![stars](https://badgen.net/github/stars/jonrau1/ElectricEye)](https://badgen.net/github/stars/jonrau1/ElectricEye) | [![contributors](https://badgen.net/github/contributors/jonrau1/ElectricEye)](https://badgen.net/github/contributors/jonrau1/ElectricEye) [![watchers](https://badgen.net/github/watchers/jonrau1/ElectricEye)](https://badgen.net/github/watchers/jonrau1/ElectricEye) [![last-commit](https://badgen.net/github/last-commit/jonrau1/ElectricEye)](https://badgen.net/github/last-commit/jonrau1/ElectricEye) [![open-issues](https://badgen.net/github/open-issues/jonrau1/ElectricEye)](https://badgen.net/github/open-issues/jonrau1/ElectricEye) [![closed-issues](https://badgen.net/github/closed-issues/jonrau1/ElectricEye)](https://badgen.net/github/closed-issues/jonrau1/ElectricEye) |

| **[SyntheticSun](https://github.com/jonrau1/SyntheticSun)** | a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, managed AWS security services and, serverless technologies to continuously prevent, detect and respond to threats | [![stars](https://badgen.net/github/stars/jonrau1/SyntheticSun)](https://badgen.net/github/stars/jonrau1/SyntheticSun) | [![contributors](https://badgen.net/github/contributors/jonrau1/SyntheticSun)](https://badgen.net/github/contributors/jonrau1/SyntheticSun) [![watchers](https://badgen.net/github/watchers/jonrau1/SyntheticSun)](https://badgen.net/github/watchers/jonrau1/SyntheticSun) [![last-commit](https://badgen.net/github/last-commit/jonrau1/SyntheticSun)](https://badgen.net/github/last-commit/jonrau1/SyntheticSun) [![open-issues](https://badgen.net/github/open-issues/jonrau1/SyntheticSun)](https://badgen.net/github/open-issues/jonrau1/SyntheticSun) [![closed-issues](https://badgen.net/github/closed-issues/jonrau1/SyntheticSun)](https://badgen.net/github/closed-issues/jonrau1/SyntheticSun) |

| **[CloudQuery](https://github.com/cloudquery/cloudquery/)** | cloudquery exposes your cloud configuration and metadata as sql tables, providing powerful analysis and monitoring for compliance and security |[![stars](https://badgen.net/github/stars/cloudquery/cloudquery/)](https://badgen.net/github/stars/cloudquery/cloudquery/)| [![contributors](https://badgen.net/github/contributors/cloudquery/cloudquery/)](https://badgen.net/github/contributors/cloudquery/cloudquery/)[![watchers](https://badgen.net/github/watchers/cloudquery/cloudquery/)](https://badgen.net/github/watchers/cloudquery/cloudquery/)[![last-commit](https://badgen.net/github/last-commit/cloudquery/cloudquery/)](https://badgen.net/github/last-commit/cloudquery/cloudquery/) [![open-issues](https://badgen.net/github/open-issues/cloudquery/cloudquery/)](https://badgen.net/github/open-issues/cloudquery/cloudquery/) [![closed-issues](https://badgen.net/github/closed-issues/cloudquery/cloudquery/)](https://badgen.net/github/closed-issues/cloudquery/cloudquery/) |

| **[PrismX](https://github.com/omaidf/PrismX)** | Cloud Security Dashboard for AWS - based on ScoutSuite | [![stars](https://badgen.net/github/stars/omaidf/PrismX)](https://badgen.net/github/stars/omaidf/PrismX) | [![contributors](https://badgen.net/github/contributors/omaidf/PrismX)](https://badgen.net/github/contributors/omaidf/PrismX) [![watchers](https://badgen.net/github/watchers/omaidf/PrismX)](https://badgen.net/github/watchers/omaidf/PrismX) [![last-commit](https://badgen.net/github/last-commit/omaidf/PrismX)](https://badgen.net/github/last-commit/omaidf/PrismX) [![open-issues](https://badgen.net/github/open-issues/omaidf/PrismX)](https://badgen.net/github/open-issues/omaidf/PrismX) [![closed-issues](https://badgen.net/github/closed-issues/omaidf/PrismX)](https://badgen.net/github/closed-issues/omaidf/PrismX) |

| **[Falco](https://github.com/falcosecurity/falco)** | Threat detection and response for containers, hosts, Kubernetes and the cloud | [![stars](https://badgen.net/github/stars/falcosecurity/falco)](https://badgen.net/github/stars/falcosecurity/falco) | [![contributors](https://badgen.net/github/contributors/falcosecurity/falco)](https://badgen.net/github/contributors/falcosecurity/falco) [![watchers](https://badgen.net/github/watchers/falcosecurity/falco)](https://badgen.net/github/watchers/falcosecurity/falco) [![last-commit](https://badgen.net/github/last-commit/falcosecurity/falco)](https://badgen.net/github/last-commit/falcosecurity/falco) [![open-issues](https://badgen.net/github/open-issues/falcosecurity/falco)](https://badgen.net/github/open-issues/falcosecurity/falco) [![closed-issues](https://badgen.net/github/closed-issues/falcosecurity/falco)](https://badgen.net/github/closed-issues/falcosecurity/falco) |

## Digital Forensics and Incident Response

| Name | Description | Popularity | Metadata |

| ---------- | :---------- | :----------: | :----------: |

| **[AWS IR](https://github.com/ThreatResponse/aws_ir)** | AWS specific Incident Response and Forensics Tool |[![stars](https://badgen.net/github/stars/ThreatResponse/aws_ir)](https://badgen.net/github/stars/ThreatResponse/aws_ir)| [![contributors](https://badgen.net/github/contributors/ThreatResponse/aws_ir)](https://badgen.net/github/contributors/ThreatResponse/aws_ir)[![watchers](https://badgen.net/github/watchers/ThreatResponse/aws_ir)](https://badgen.net/github/watchers/ThreatResponse/aws_ir)[![last-commit](https://badgen.net/github/last-commit/ThreatResponse/aws_ir)](https://badgen.net/github/last-commit/ThreatResponse/aws_ir) [![open-issues](https://badgen.net/github/open-issues/ThreatResponse/aws_ir)](https://badgen.net/github/open-issues/ThreatResponse/aws_ir) [![closed-issues](https://badgen.net/github/closed-issues/ThreatResponse/aws_ir)](https://badgen.net/github/closed-issues/ThreatResponse/aws_ir) |

| **[Margaritashotgun](https://github.com/ThreatResponse/margaritashotgun)** | Linux memory remote acquisition tool |[![stars](https://badgen.net/github/stars/ThreatResponse/margaritashotgun)](https://badgen.net/github/stars/ThreatResponse/margaritashotgun)| [![contributors](https://badgen.net/github/contributors/ThreatResponse/margaritashotgun)](https://badgen.net/github/contributors/ThreatResponse/margaritashotgun)[![watchers](https://badgen.net/github/watchers/ThreatResponse/margaritashotgun)](https://badgen.net/github/watchers/ThreatResponse/margaritashotgun)[![last-commit](https://badgen.net/github/last-commit/ThreatResponse/margaritashotgun)](https://badgen.net/github/last-commit/ThreatResponse/margaritashotgun) [![open-issues](https://badgen.net/github/open-issues/ThreatResponse/margaritashotgun)](https://badgen.net/github/open-issues/ThreatResponse/margaritashotgun) [![closed-issues](https://badgen.net/github/closed-issues/ThreatResponse/margaritashotgun)](https://badgen.net/github/closed-issues/ThreatResponse/margaritashotgun) |

| **[Diffy](https://github.com/Netflix-Skunkworks/diffy)** | Triage tool used during cloud-centric security incidents |[![stars](https://badgen.net/github/stars/Netflix-Skunkworks/diffy)](https://badgen.net/github/stars/Netflix-Skunkworks/diffy)| [![contributors](https://badgen.net/github/contributors/Netflix-Skunkworks/diffy)](https://badgen.net/github/contributors/Netflix-Skunkworks/diffy)[![watchers](https://badgen.net/github/watchers/Netflix-Skunkworks/diffy)](https://badgen.net/github/watchers/Netflix-Skunkworks/diffy)[![last-commit](https://badgen.net/github/last-commit/Netflix-Skunkworks/diffy)](https://badgen.net/github/last-commit/Netflix-Skunkworks/diffy) [![open-issues](https://badgen.net/github/open-issues/Netflix-Skunkworks/diffy)](https://badgen.net/github/open-issues/Netflix-Skunkworks/diffy) [![closed-issues](https://badgen.net/github/closed-issues/Netflix-Skunkworks/diffy)](https://badgen.net/github/closed-issues/Netflix-Skunkworks/diffy) |

| **[AWS Security Automation](https://github.com/awslabs/aws-security-automation)** | AWS scripts and resources for DevSecOps and automated incident response |[![stars](https://badgen.net/github/stars/awslabs/aws-security-automation)](https://badgen.net/github/stars/awslabs/aws-security-automation)| [![contributors](https://badgen.net/github/contributors/awslabs/aws-security-automation)](https://badgen.net/github/contributors/awslabs/aws-security-automation)[![watchers](https://badgen.net/github/watchers/awslabs/aws-security-automation)](https://badgen.net/github/watchers/awslabs/aws-security-automation)[![last-commit](https://badgen.net/github/last-commit/awslabs/aws-security-automation)](https://badgen.net/github/last-commit/awslabs/aws-security-automation) [![open-issues](https://badgen.net/github/open-issues/awslabs/aws-security-automation)](https://badgen.net/github/open-issues/awslabs/aws-security-automation) [![closed-issues](https://badgen.net/github/closed-issues/awslabs/aws-security-automation)](https://badgen.net/github/closed-issues/awslabs/aws-security-automation) |

| **[GDPatrol](https://github.com/ansorren/GDPatrol)** | Automated Incident Response based off AWS GuardDuty findings |[![stars](https://badgen.net/github/stars/ansorren/GDPatrol)](https://badgen.net/github/stars/ansorren/GDPatrol)| [![contributors](https://badgen.net/github/contributors/ansorren/GDPatrol)](https://badgen.net/github/contributors/ansorren/GDPatrol)[![watchers](https://badgen.net/github/watchers/ansorren/GDPatrol)](https://badgen.net/github/watchers/ansorren/GDPatrol)[![last-commit](https://badgen.net/github/last-commit/ansorren/GDPatrol)](https://badgen.net/github/last-commit/ansorren/GDPatrol) [![open-issues](https://badgen.net/github/open-issues/ansorren/GDPatrol)](https://badgen.net/github/open-issues/ansorren/GDPatrol) [![closed-issues](https://badgen.net/github/closed-issues/ansorren/GDPatrol)](https://badgen.net/github/closed-issues/ansorren/GDPatrol) |

| **[AWSlog](https://github.com/jaksi/awslog)** | Show the history and changes between configuration versions of AWS resources using AWS Config  |[![stars](https://badgen.net/github/stars/jaksi/awslog)](https://badgen.net/github/stars/jaksi/awslog)| [![contributors](https://badgen.net/github/contributors/jaksi/awslog)](https://badgen.net/github/contributors/jaksi/awslog)[![watchers](https://badgen.net/github/watchers/jaksi/awslog)](https://badgen.net/github/watchers/jaksi/awslog)[![last-commit](https://badgen.net/github/last-commit/jaksi/awslog)](https://badgen.net/github/last-commit/jaksi/awslog) [![open-issues](https://badgen.net/github/open-issues/jaksi/awslog)](https://badgen.net/github/open-issues/jaksi/awslog) [![closed-issues](https://badgen.net/github/closed-issues/jaksi/awslog)](https://badgen.net/github/closed-issues/jaksi/awslog) |

| **[DataCop](https://github.com/damienjburks/DataCop)** | Automated IR process that mitigates vulnerable AWS S3 buckets that are defined by AWS Macie results. | [![stars](https://badgen.net/github/stars/damienjburks/datacop)](https://badgen.net/github/stars/damienjburks/datacop)| [![contributors](https://badgen.net/github/contributors/damienjburks/datacop)](https://badgen.net/github/contributors/damienjburks/datacop) [![watchers](https://badgen.net/github/watchers/damienjburks/datacop)](https://badgen.net/github/watchers/damienjburks/datacop) [![last-commit](https://img.shields.io/github/last-commit/damienjburks/datacop)](https://img.shields.io/github/last-commit/damienjburks/datacop) [![open-issues](https://badgen.net/github/open-issues/damienjburks/datacop)](https://badgen.net/github/open-issues/damienjburks/datacop) [![closed-issues](https://badgen.net/github/closed-issues/damienjburks/datacop)](https://badgen.net/github/closed-issues/damienjburks/datacop) |

| **[AWS_Responder](https://github.com/prolsen/aws_responder)** | AWS Digital Forensic and Incident Response (DFIR) Response Python Scripts |[![stars](https://badgen.net/github/stars/prolsen/aws_responder)](https://badgen.net/github/stars/prolsen/aws_responder)| [![contributors](https://badgen.net/github/contributors/prolsen/aws_responder)](https://badgen.net/github/contributors/prolsen/aws_responder)[![watchers](https://badgen.net/github/watchers/prolsen/aws_responder)](https://badgen.net/github/watchers/prolsen/aws_responder)[![last-commit](https://badgen.net/github/last-commit/prolsen/aws_responder)](https://badgen.net/github/last-commit/prolsen/aws_responder) [![open-issues](https://badgen.net/github/open-issues/prolsen/aws_responder)](https://badgen.net/github/open-issues/prolsen/aws_responder) [![closed-issues](https://badgen.net/github/closed-issues/prolsen/aws_responder)](https://badgen.net/github/closed-issues/prolsen/aws_responder) |

| **[SSM-Acquire](https://github.com/mozilla/ssm-acquire)** | A python module for orchestrating content acquisitions and analysis via Amazon SSM |[![stars](https://badgen.net/github/stars/mozilla/ssm-acquire)](https://badgen.net/github/stars/mozilla/ssm-acquire)| [![contributors](https://badgen.net/github/contributors/mozilla/ssm-acquire)](https://badgen.net/github/contributors/mozilla/ssm-acquire)[![watchers](https://badgen.net/github/watchers/mozilla/ssm-acquire)](https://badgen.net/github/watchers/mozilla/ssm-acquire)[![last-commit](https://badgen.net/github/last-commit/mozilla/ssm-acquire)](https://badgen.net/github/last-commit/mozilla/ssm-acquire) [![open-issues](https://badgen.net/github/open-issues/mozilla/ssm-acquire)](https://badgen.net/github/open-issues/mozilla/ssm-acquire) [![closed-issues](https://badgen.net/github/closed-issues/mozilla/ssm-acquire)](https://badgen.net/github/closed-issues/mozilla/ssm-acquire) |

| **[cloudtrail-partitioner](https://github.com/duo-labs/cloudtrail-partitioner)** | This project sets up partitioned Athena tables for your CloudTrail logs and updates the partitions nightly. Makes CloudTrail logs queries easier. | [![stars](https://badgen.net/github/stars/duo-labs/cloudtrail-partitioner)](https://badgen.net/github/stars/duo-labs/cloudtrail-partitioner)| [![contributors](https://badgen.net/github/contributors/duo-labs/cloudtrail-partitioner)](https://badgen.net/github/contributors/duo-labs/cloudtrail-partitioner)[![watchers](https://badgen.net/github/watchers/duo-labs/cloudtrail-partitioner)](https://badgen.net/github/watchers/duo-labs/cloudtrail-partitioner)[![last-commit](https://badgen.net/github/last-commit/duo-labs/cloudtrail-partitioner)](https://badgen.net/github/last-commit/duo-labs/cloudtrail-partitioner) [![open-issues](https://badgen.net/github/open-issues/duo-labs/cloudtrail-partitioner)](https://badgen.net/github/open-issues/duo-labs/cloudtrail-partitioner) [![closed-issues](https://badgen.net/github/closed-issues/duo-labs/cloudtrail-partitioner)](https://badgen.net/github/closed-issues/duo-labs/cloudtrail-partitioner) |

| **[fargate-ir](https://github.com/andrewkrug/fargate-ir)** | Proof of concept incident response demo using SSM and AWS Fargate. |[![stars](https://badgen.net/github/stars/andrewkrug/fargate-ir)](https://badgen.net/github/stars/andrewkrug/fargate-ir)| [![contributors](https://badgen.net/github/contributors/andrewkrug/fargate-ir)](https://badgen.net/github/contributors/andrewkrug/fargate-ir) [![watchers](https://badgen.net/github/watchers/andrewkrug/fargate-ir)](https://badgen.net/github/watchers/andrewkrug/fargate-ir) [![last-commit](https://badgen.net/github/last-commit/andrewkrug/fargate-ir)](https://badgen.net/github/last-commit/andrewkrug/fargate-ir) [![open-issues](https://badgen.net/github/open-issues/andrewkrug/fargate-ir)](https://badgen.net/github/open-issues/andrewkrug/fargate-ir) [![closed-issues](https://badgen.net/github/closed-issues/andrewkrug/fargate-ir)](https://badgen.net/github/closed-issues/andrewkrug/fargate-ir) |

| **[aws-logsearch](https://github.com/endgameinc/aws-logsearch)** | Search AWS CloudWatch logs all at once on the command line. | [![stars](https://badgen.net/github/stars/endgameinc/aws-logsearch)](https://badgen.net/github/stars/endgameinc/aws-logsearch) | [![contributors](https://badgen.net/github/contributors/endgameinc/aws-logsearch)](https://badgen.net/github/contributors/endgameinc/aws-logsearch) [![watchers](https://badgen.net/github/watchers/endgameinc/aws-logsearch)](https://badgen.net/github/watchers/endgameinc/aws-logsearch) [![last-commit](https://badgen.net/github/last-commit/endgameinc/aws-logsearch)](https://badgen.net/github/last-commit/endgameinc/aws-logsearch) [![open-issues](https://badgen.net/github/open-issues/endgameinc/aws-logsearch)](https://badgen.net/github/open-issues/endgameinc/aws-logsearch) [![closed-issues](https://badgen.net/github/closed-issues/endgameinc/aws-logsearch)](https://badgen.net/github/closed-issues/endgameinc/aws-logsearch) |

| **[Varna](https://github.com/endgameinc/varna)** | Quick & Cheap AWS CloudTrail Monitoring with Event Query Language (EQL) | [![stars](https://badgen.net/github/stars/endgameinc/varna)](https://badgen.net/github/stars/endgameinc/varna) | [![contributors](https://badgen.net/github/contributors/endgameinc/varna)](https://badgen.net/github/contributors/endgameinc/varna) [![watchers](https://badgen.net/github/watchers/endgameinc/varna)](https://badgen.net/github/watchers/endgameinc/varna) [![last-commit](https://badgen.net/github/last-commit/endgameinc/varna)](https://badgen.net/github/last-commit/endgameinc/varna) [![open-issues](https://badgen.net/github/open-issues/endgameinc/varna)](https://badgen.net/github/open-issues/endgameinc/varna) [![closed-issues](https://badgen.net/github/closed-issues/endgameinc/varna)](https://badgen.net/github/closed-issues/endgameinc/varna) |

| **[aws-auto-remediate](https://github.com/servian/aws-auto-remediate)** | Open source application to instantly remediate common security issues through the use of AWS Config  | [![stars](https://badgen.net/github/stars/servian/aws-auto-remediate)](https://badgen.net/github/stars/servian/aws-auto-remediate) | [![contributors](https://badgen.net/github/contributors/servian/aws-auto-remediate)](https://badgen.net/github/contributors/servian/aws-auto-remediate) [![watchers](https://badgen.net/github/watchers/servian/aws-auto-remediate)](https://badgen.net/github/watchers/servian/aws-auto-remediate) [![last-commit](https://badgen.net/github/last-commit/servian/aws-auto-remediate)](https://badgen.net/github/last-commit/servian/aws-auto-remediate) [![open-issues](https://badgen.net/github/open-issues/servian/aws-auto-remediate)](https://badgen.net/github/open-issues/servian/aws-auto-remediate) [![closed-issues](https://badgen.net/github/closed-issues/servian/aws-auto-remediate)](https://badgen.net/github/closed-issues/servian/aws-auto-remediate) |

| **[panther-labs](https://github.com/panther-labs/panther-analysis)** | Detect threats with log data and improve cloud security posture | [![stars](https://badgen.net/github/stars/panther-labs/panther-analysis)](https://badgen.net/github/stars/panther-labs/panther-analysis) | [![contributors](https://badgen.net/github/contributors/panther-labs/panther-analysis)](https://badgen.net/github/contributors/panther-labs/panther-analysis) [![watchers](https://badgen.net/github/watchers/panther-labs/panther-analysis)](https://badgen.net/github/watchers/panther-labs/panther-analysis) [![last-commit](https://badgen.net/github/last-commit/panther-labs/panther-analysis)](https://badgen.net/github/last-commit/panther-labs/panther-analysis) [![open-issues](https://badgen.net/github/open-issues/panther-labs/panther-analysis)](https://badgen.net/github/open-issues/panther-labs/panther-analysis) [![closed-issues](https://badgen.net/github/closed-issues/panther-labs/panther-analysis)](https://badgen.net/github/closed-issues/panther-labs/panther-analysis) |

| **[aws-incident-response](https://github.com/easttimor/aws-incident-response)** | This page is a collection of useful things to look for in CloudTrail using Athena for AWS incident response | [![stars](https://badgen.net/github/stars/easttimor/aws-incident-response)](https://badgen.net/github/stars/easttimor/aws-incident-response) | [![contributors](https://badgen.net/github/contributors/easttimor/aws-incident-response)](https://badgen.net/github/contributors/easttimor/aws-incident-response) [![watchers](https://badgen.net/github/watchers/easttimor/aws-incident-response)](https://badgen.net/github/watchers/easttimor/aws-incident-response) [![last-commit](https://badgen.net/github/last-commit/easttimor/aws-incident-response)](https://badgen.net/github/last-commit/easttimor/aws-incident-response) [![open-issues](https://badgen.net/github/open-issues/easttimor/aws-incident-response)](https://badgen.net/github/open-issues/easttimor/aws-incident-response) [![closed-issues](https://badgen.net/github/closed-issues/easttimor/aws-incident-response)](https://badgen.net/github/closed-issues/easttimor/aws-incident-response) |

| **[cloud-forensics-utils](https://github.com/google/cloud-forensics-utils)** | Python library to carry out DFIR analysis on the Cloud  | [![stars](https://badgen.net/github/stars/google/cloud-forensics-utils)](https://badgen.net/github/stars/google/cloud-forensics-utils) | [![contributors](https://badgen.net/github/contributors/google/cloud-forensics-utils)](https://badgen.net/github/contributors/google/cloud-forensics-utils) [![watchers](https://badgen.net/github/watchers/google/cloud-forensics-utils)](https://badgen.net/github/watchers/google/cloud-forensics-utils) [![last-commit](https://badgen.net/github/last-commit/google/cloud-forensics-utils)](https://badgen.net/github/last-commit/google/cloud-forensics-utils) [![open-issues](https://badgen.net/github/open-issues/google/cloud-forensics-utils)](https://badgen.net/github/open-issues/google/cloud-forensics-utils) [![closed-issues](https://badgen.net/github/closed-issues/google/cloud-forensics-utils)](https://badgen.net/github/closed-issues/google/cloud-forensics-utils) |

| **[aws-fast-fixes](https://github.com/WarnerMedia/aws-fast-fixes)** | Scripts to quickly fix security and compliance issues | [![stars](https://badgen.net/github/stars/WarnerMedia/aws-fast-fixes)](https://badgen.net/github/stars/WarnerMedia/aws-fast-fixes) | [![contributors](https://badgen.net/github/contributors/WarnerMedia/aws-fast-fixes)](https://badgen.net/github/contributors/WarnerMedia/aws-fast-fixes) [![watchers](https://badgen.net/github/watchers/WarnerMedia/aws-fast-fixes)](https://badgen.net/github/watchers/WarnerMedia/aws-fast-fixes) [![last-commit](https://badgen.net/github/last-commit/WarnerMedia/aws-fast-fixes)](https://badgen.net/github/last-commit/WarnerMedia/aws-fast-fixes) [![open-issues](https://badgen.net/github/open-issues/WarnerMedia/aws-fast-fixes)](https://badgen.net/github/open-issues/WarnerMedia/aws-fast-fixes) [![closed-issues](https://badgen.net/github/closed-issues/WarnerMedia/aws-fast-fixes)](https://badgen.net/github/closed-issues/WarnerMedia/aws-fast-fixes) |

## Development Security

| Name | Description | Popularity | Metadata |

| ---------- | :---------- | :----------: | :----------: |

| **[Automated Security Helper (ASH)](https://github.com/aws-samples/automated-security-helper)** |  ASH is a one stop shop for code security scans, and does not require any installation. It will identify the relevant frameworks, and download the relevant, up to date tools. ASH is running on isolated Docker containers, keeping the user environment clean, with a single aggregated report. The following frameworks are supported: Git, Python, Javascript, Cloudformation, Terraform and Jupyter notebook. |[![stars](https://badgen.net/github/stars/aws-samples/automated-security-helper)](https://badgen.net/github/stars/aws-samples/automated-security-helper)| [![contributors](https://badgen.net/github/contributors/aws-samples/automated-security-helper)](https://badgen.net/github/contributors/aws-samples/automated-security-helper)[![watchers](https://badgen.net/github/watchers/aws-samples/automated-security-helper)](https://badgen.net/github/watchers/aws-samples/automated-security-helper)[![last-commit](https://badgen.net/github/last-commit/aws-samples/automated-security-helper)](https://badgen.net/github/last-commit/aws-samples/automated-security-helper) [![open-issues](https://badgen.net/github/open-issues/aws-samples/automated-security-helper)](https://badgen.net/github/open-issues/aws-samples/automated-security-helper) [![closed-issues](https://badgen.net/github/closed-issues/aws-samples/automated-security-helper)](https://badgen.net/github/closed-issues/aws-samples/automated-security-helper) |

| **[CFN NAG](https://github.com/stelligent/cfn_nag)** |  CloudFormation security test (Ruby) |[![stars](https://badgen.net/github/stars/stelligent/cfn_nag)](https://badgen.net/github/stars/stelligent/cfn_nag)| [![contributors](https://badgen.net/github/contributors/stelligent/cfn_nag)](https://badgen.net/github/contributors/stelligent/cfn_nag)[![watchers](https://badgen.net/github/watchers/stelligent/cfn_nag)](https://badgen.net/github/watchers/stelligent/cfn_nag)[![last-commit](https://badgen.net/github/last-commit/stelligent/cfn_nag)](https://badgen.net/github/last-commit/stelligent/cfn_nag) [![open-issues](https://badgen.net/github/open-issues/stelligent/cfn_nag)](https://badgen.net/github/open-issues/stelligent/cfn_nag) [![closed-issues](https://badgen.net/github/closed-issues/stelligent/cfn_nag)](https://badgen.net/github/closed-issues/stelligent/cfn_nag) |

| **[Git-secrets](https://github.com/awslabs/git-secrets)** |  |[![stars](https://badgen.net/github/stars/awslabs/git-secrets)](https://badgen.net/github/stars/awslabs/git-secrets)| [![contributors](https://badgen.net/github/contributors/awslabs/git-secrets)](https://badgen.net/github/contributors/awslabs/git-secrets)[![watchers](https://badgen.net/github/watchers/awslabs/git-secrets)](https://badgen.net/github/watchers/awslabs/git-secrets)[![last-commit](https://badgen.net/github/last-commit/awslabs/git-secrets)](https://badgen.net/github/last-commit/awslabs/git-secrets) [![open-issues](https://badgen.net/github/open-issues/awslabs/git-secrets)](https://badgen.net/github/open-issues/awslabs/git-secrets) [![closed-issues](https://badgen.net/github/closed-issues/awslabs/git-secrets)](https://badgen.net/github/closed-issues/awslabs/git-secrets) |

| **[Repository of sample Custom Rules for AWS Config](https://github.com/awslabs/aws-config-rules)** |  |[![stars](https://badgen.net/github/stars/awslabs/aws-config-rules)](https://badgen.net/github/stars/awslabs/aws-config-rules)| [![contributors](https://badgen.net/github/contributors/awslabs/aws-config-rules)](https://badgen.net/github/contributors/awslabs/aws-config-rules)[![watchers](https://badgen.net/github/watchers/awslabs/aws-config-rules)](https://badgen.net/github/watchers/awslabs/aws-config-rules)[![last-commit](https://badgen.net/github/last-commit/awslabs/aws-config-rules)](https://badgen.net/github/last-commit/awslabs/aws-config-rules) [![open-issues](https://badgen.net/github/open-issues/awslabs/aws-config-rules)](https://badgen.net/github/open-issues/awslabs/aws-config-rules) [![closed-issues](https://badgen.net/github/closed-issues/awslabs/aws-config-rules)](https://badgen.net/github/closed-issues/awslabs/aws-config-rules) |

| **[CFripper](https://github.com/Skyscanner/cfripper)** | "Lambda function to ""rip apart"" a CloudFormation template and check it for security compliance." |[![stars](https://badgen.net/github/stars/Skyscanner/cfripper)](https://badgen.net/github/stars/Skyscanner/cfripper)| [![contributors](https://badgen.net/github/contributors/Skyscanner/cfripper)](https://badgen.net/github/contributors/Skyscanner/cfripper)[![watchers](https://badgen.net/github/watchers/Skyscanner/cfripper)](https://badgen.net/github/watchers/Skyscanner/cfripper)[![last-commit](https://badgen.net/github/last-commit/Skyscanner/cfripper)](https://badgen.net/github/last-commit/Skyscanner/cfripper) [![open-issues](https://badgen.net/github/open-issues/Skyscanner/cfripper)](https://badgen.net/github/open-issues/Skyscanner/cfripper) [![closed-issues](https://badgen.net/github/closed-issues/Skyscanner/cfripper)](https://badgen.net/github/closed-issues/Skyscanner/cfripper) |

| **[Assume](https://github.com/SanderKnape/assume)** | A simple CLI utility that makes it easier to switch between different AWS roles |[![stars](https://badgen.net/github/stars/SanderKnape/assume)](https://badgen.net/github/stars/SanderKnape/assume)| [![contributors](https://badgen.net/github/contributors/SanderKnape/assume)](https://badgen.net/github/contributors/SanderKnape/assume)[![watchers](https://badgen.net/github/watchers/SanderKnape/assume)](https://badgen.net/github/watchers/SanderKnape/assume)[![last-commit](https://badgen.net/github/last-commit/SanderKnape/assume)](https://badgen.net/github/last-commit/SanderKnape/assume) [![open-issues](https://badgen.net/github/open-issues/SanderKnape/assume)](https://badgen.net/github/open-issues/SanderKnape/assume) [![closed-issues](https://badgen.net/github/closed-issues/SanderKnape/assume)](https://badgen.net/github/closed-issues/SanderKnape/assume) |

| **[Terrascan](https://github.com/cesar-rodriguez/terrascan)** | A collection of security and best practice tests for static code analysis of terraform templates using terraform_validate |[![stars](https://badgen.net/github/stars/cesar-rodriguez/terrascan)](https://badgen.net/github/stars/cesar-rodriguez/terrascan)| [![contributors](https://badgen.net/github/contributors/cesar-rodriguez/terrascan)](https://badgen.net/github/contributors/cesar-rodriguez/terrascan)[![watchers](https://badgen.net/github/watchers/cesar-rodriguez/terrascan)](https://badgen.net/github/watchers/cesar-rodriguez/terrascan)[![last-commit](https://badgen.net/github/last-commit/cesar-rodriguez/terrascan)](https://badgen.net/github/last-commit/cesar-rodriguez/terrascan) [![open-issues](https://badgen.net/github/open-issues/cesar-rodriguez/terrascan)](https://badgen.net/github/open-issues/cesar-rodriguez/terrascan) [![closed-issues](https://badgen.net/github/closed-issues/cesar-rodriguez/terrascan)](https://badgen.net/github/closed-issues/cesar-rodriguez/terrascan) |

| **[tfsec](https://github.com/liamg/tfsec)** | Provides static analysis of your terraform templates to spot potential security issues |[![stars](https://badgen.net/github/stars/liamg/tfsec)](https://badgen.net/github/stars/liamg/tfsec)| [![contributors](https://badgen.net/github/contributors/liamg/tfsec)](https://badgen.net/github/contributors/liamg/tfsec)[![watchers](https://badgen.net/github/watchers/liamg/tfsec)](https://badgen.net/github/watchers/liamg/tfsec)[![last-commit](https://badgen.net/github/last-commit/liamg/tfsec)](https://badgen.net/github/last-commit/liamg/tfsec) [![open-issues](https://badgen.net/github/open-issues/liamg/tfsec)](https://badgen.net/github/open-issues/liamg/tfsec) [![closed-issues](https://badgen.net/github/closed-issues/liamg/tfsec)](https://badgen.net/github/closed-issues/liamg/tfsec) |

| **[Checkov](https://github.com/bridgecrewio/checkov)** | Terraform, Cloudformation and Kubernetes static analysis written in python  |[![stars](https://badgen.net/github/stars/bridgecrewio/checkov)](https://badgen.net/github/stars/bridgecrewio/checkov)| [![contributors](https://badgen.net/github/contributors/bridgecrewio/checkov)](https://badgen.net/github/contributors/bridgecrewio/checkov)[![watchers](https://badgen.net/github/watchers/bridgecrewio/checkov)](https://badgen.net/github/watchers/bridgecrewio/checkov)[![last-commit](https://badgen.net/github/last-commit/bridgecrewio/checkov)](https://badgen.net/github/last-commit/bridgecrewio/checkov) [![open-issues](https://badgen.net/github/open-issues/bridgecrewio/checkov)](https://badgen.net/github/open-issues/bridgecrewio/checkov) [![closed-issues](https://badgen.net/github/closed-issues/bridgecrewio/checkov)](https://badgen.net/github/closed-issues/bridgecrewio/checkov) |

| **[Yor](https://github.com/bridgecrewio/yor)** | Automatically tag and trace infrastructure as code frameworks (Terraform, Cloudformation and Serverless)  |[![stars](https://badgen.net/github/stars/bridgecrewio/yor)](https://badgen.net/github/stars/bridgecrewio/yor)| [![contributors](https://badgen.net/github/contributors/bridgecrewio/yor)](https://badgen.net/github/contributors/bridgecrewio/yor)[![watchers](https://badgen.net/github/watchers/bridgecrewio/yor)](https://badgen.net/github/watchers/bridgecrewio/yor)[![last-commit](https://badgen.net/github/last-commit/bridgecrewio/yor)](https://badgen.net/github/last-commit/bridgecrewio/yor) [![open-issues](https://badgen.net/github/open-issues/bridgecrewio/yor)](https://badgen.net/github/open-issues/bridgecrewio/yor) [![closed-issues](https://badgen.net/github/closed-issues/bridgecrewio/yor)](https://badgen.net/github/closed-issues/bridgecrewio/yor) |

| **[pytest-services](https://github.com/mozilla-services/pytest-services)** | Unit testing framework for test driven security of AWS configurations and more |[![stars](https://badgen.net/github/stars/mozilla-services/pytest-services)](https://badgen.net/github/stars/mozilla-services/pytest-services)| [![contributors](https://badgen.net/github/contributors/mozilla-services/pytest-services)](https://badgen.net/github/contributors/mozilla-services/pytest-services)[![watchers](https://badgen.net/github/watchers/mozilla-services/pytest-services)](https://badgen.net/github/watchers/mozilla-services/pytest-services)[![last-commit](https://badgen.net/github/last-commit/mozilla-services/pytest-services)](https://badgen.net/github/last-commit/mozilla-services/pytest-services) [![open-issues](https://badgen.net/github/open-issues/mozilla-services/pytest-services)](https://badgen.net/github/open-issues/mozilla-services/pytest-services) [![closed-issues](https://badgen.net/github/closed-issues/mozilla-services/pytest-services)](https://badgen.net/github/closed-issues/mozilla-services/pytest-services) |

| **[IAM Least-Privileged Role Generator](https://github.com/puresec/serverless-puresec-cli)** | A Serverless framework plugin that statically analyzes AWS Lambda function code and automagically generates least-privileged IAM roles. |[![stars](https://badgen.net/github/stars/puresec/serverless-puresec-cli)](https://badgen.net/github/stars/puresec/serverless-puresec-cli)| [![contributors](https://badgen.net/github/contributors/puresec/serverless-puresec-cli)](https://badgen.net/github/contributors/puresec/serverless-puresec-cli)[![watchers](https://badgen.net/github/watchers/puresec/serverless-puresec-cli)](https://badgen.net/github/watchers/puresec/serverless-puresec-cli)[![last-commit](https://badgen.net/github/last-commit/puresec/serverless-puresec-cli)](https://badgen.net/github/last-commit/puresec/serverless-puresec-cli) [![open-issues](https://badgen.net/github/open-issues/puresec/serverless-puresec-cli)](https://badgen.net/github/open-issues/puresec/serverless-puresec-cli) [![closed-issues](https://badgen.net/github/closed-issues/puresec/serverless-puresec-cli)](https://badgen.net/github/closed-issues/puresec/serverless-puresec-cli) |

| **[AWS Vault](https://github.com/99designs/aws-vault)** | A vault for securely storing and accessing AWS credentials in development environments  |[![stars](https://badgen.net/github/stars/99designs/aws-vault)](https://badgen.net/github/stars/99designs/aws-vault)| [![contributors](https://badgen.net/github/contributors/99designs/aws-vault)](https://badgen.net/github/contributors/99designs/aws-vault)[![watchers](https://badgen.net/github/watchers/99designs/aws-vault)](https://badgen.net/github/watchers/99designs/aws-vault)[![last-commit](https://badgen.net/github/last-commit/99designs/aws-vault)](https://badgen.net/github/last-commit/99designs/aws-vault) [![open-issues](https://badgen.net/github/open-issues/99designs/aws-vault)](https://badgen.net/github/open-issues/99designs/aws-vault) [![closed-issues](https://badgen.net/github/closed-issues/99designs/aws-vault)](https://badgen.net/github/closed-issues/99designs/aws-vault) |

| **[AWS Service Control Policies](https://github.com/jchrisfarris/aws-service-control-policies)** | Collection of semi-useful Service Control Policies and scripts to manage them  |[![stars](https://badgen.net/github/stars/jchrisfarris/aws-service-control-policies)](https://badgen.net/github/stars/jchrisfarris/aws-service-control-policies)| [![contributors](https://badgen.net/github/contributors/jchrisfarris/aws-service-control-policies)](https://badgen.net/github/contributors/jchrisfarris/aws-service-control-policies)[![watchers](https://badgen.net/github/watchers/jchrisfarris/aws-service-control-policies)](https://badgen.net/github/watchers/jchrisfarris/aws-service-control-policies)[![last-commit](https://badgen.net/github/last-commit/jchrisfarris/aws-service-control-policies)](https://badgen.net/github/last-commit/jchrisfarris/aws-service-control-policies) [![open-issues](https://badgen.net/github/open-issues/jchrisfarris/aws-service-control-policies)](https://badgen.net/github/open-issues/jchrisfarris/aws-service-control-policies) [![closed-issues](https://badgen.net/github/closed-issues/jchrisfarris/aws-service-control-policies)](https://badgen.net/github/closed-issues/jchrisfarris/aws-service-control-policies) |

| **[Terraform-compliance](https://github.com/eerkunt/terraform-compliance)** | A lightweight security focused BDD test framework against terraform (with helpful code for AWS) |[![stars](https://badgen.net/github/stars/eerkunt/terraform-compliance)](https://badgen.net/github/stars/eerkunt/terraform-compliance)| [![contributors](https://badgen.net/github/contributors/eerkunt/terraform-compliance)](https://badgen.net/github/contributors/eerkunt/terraform-compliance)[![watchers](https://badgen.net/github/watchers/eerkunt/terraform-compliance)](https://badgen.net/github/watchers/eerkunt/terraform-compliance)[![last-commit](https://badgen.net/github/last-commit/eerkunt/terraform-compliance)](https://badgen.net/github/last-commit/eerkunt/terraform-compliance) [![open-issues](https://badgen.net/github/open-issues/eerkunt/terraform-compliance)](https://badgen.net/github/open-issues/eerkunt/terraform-compliance) [![closed-issues](https://badgen.net/github/closed-issues/eerkunt/terraform-compliance)](https://badgen.net/github/closed-issues/eerkunt/terraform-compliance) |

| **[Get a List of AWS Managed Policies](https://github.com/RyPeck/aws_managed_policies)** | a way to get a list of all AWS managed policies |[![stars](https://badgen.net/github/stars/RyPeck/aws_managed_policies)](https://badgen.net/github/stars/RyPeck/aws_managed_policies)| [![contributors](https://badgen.net/github/contributors/RyPeck/aws_managed_policies)](https://badgen.net/github/contributors/RyPeck/aws_managed_policies)[![watchers](https://badgen.net/github/watchers/RyPeck/aws_managed_policies)](https://badgen.net/github/watchers/RyPeck/aws_managed_policies)[![last-commit](https://badgen.net/github/last-commit/RyPeck/aws_managed_policies)](https://badgen.net/github/last-commit/RyPeck/aws_managed_policies) [![open-issues](https://badgen.net/github/open-issues/RyPeck/aws_managed_policies)](https://badgen.net/github/open-issues/RyPeck/aws_managed_policies) [![closed-issues](https://badgen.net/github/closed-issues/RyPeck/aws_managed_policies)](https://badgen.net/github/closed-issues/RyPeck/aws_managed_policies) |

| **[Parliament](https://github.com/duo-labs/parliament)** | AWS IAM linting library  |[![stars](https://badgen.net/github/stars/duo-labs/parliament)](https://badgen.net/github/stars/duo-labs/parliament)| [![contributors](https://badgen.net/github/contributors/duo-labs/parliament)](https://badgen.net/github/contributors/duo-labs/parliament)[![watchers](https://badgen.net/github/watchers/duo-labs/parliament)](https://badgen.net/github/watchers/duo-labs/parliament) [![last-commit](https://badgen.net/github/last-commit/duo-labs/parliament)](https://badgen.net/github/last-commit/duo-labs/parliament) [![open-issues](https://badgen.net/github/open-issues/duo-labs/parliament)](https://badgen.net/github/open-issues/duo-labs/parliament) [![closed-issues](https://badgen.net/github/closed-issues/duo-labs/parliament)](https://badgen.net/github/closed-issues/duo-labs/parliament) |

| **[AWS-ComplianceMachineDontStop](https://github.com/jonrau1/AWS-ComplianceMachineDontStop)** | Proof of Value Terraform Scripts to utilize Amazon Web Services (AWS) Security  Identity & Compliance Services to Support your AWS Account Security Posture |[![stars](https://badgen.net/github/stars/jonrau1/AWS-ComplianceMachineDontStop)](https://badgen.net/github/stars/jonrau1/AWS-ComplianceMachineDontStop)| [![contributors](https://badgen.net/github/contributors/jonrau1/AWS-ComplianceMachineDontStop)](https://badgen.net/github/contributors/jonrau1/AWS-ComplianceMachineDontStop)[![watchers](https://badgen.net/github/watchers/jonrau1/AWS-ComplianceMachineDontStop)](https://badgen.net/github/watchers/jonrau1/AWS-ComplianceMachineDontStop)[![last-commit](https://badgen.net/github/last-commit/jonrau1/AWS-ComplianceMachineDontStop)](https://badgen.net/github/last-commit/jonrau1/AWS-ComplianceMachineDontStop) [![open-issues](https://badgen.net/github/open-issues/jonrau1/AWS-ComplianceMachineDontStop)](https://badgen.net/github/open-issues/jonrau1/AWS-ComplianceMachineDontStop) [![closed-issues](https://badgen.net/github/closed-issues/jonrau1/AWS-ComplianceMachineDontStop)](https://badgen.net/github/closed-issues/jonrau1/AWS-ComplianceMachineDontStop) |

| **[detect-secrets](https://github.com/Yelp/detect-secrets)** | An enterprise friendly way of detecting and preventing secrets in code. |[![stars](https://badgen.net/github/stars/yelp/detect-secrets)](https://badgen.net/github/stars/yelp/detect-secrets)| [![contributors](https://badgen.net/github/contributors/yelp/detect-secrets)](https://badgen.net/github/contributors/yelp/detect-secrets)[![watchers](https://badgen.net/github/watchers/yelp/detect-secrets)](https://badgen.net/github/watchers/yelp/detect-secrets)[![last-commit](https://badgen.net/github/last-commit/yelp/detect-secrets)](https://badgen.net/github/last-commit/yelp/detect-secrets) [![open-issues](https://badgen.net/github/open-issues/yelp/detect-secrets)](https://badgen.net/github/open-issues/yelp/detect-secrets) [![closed-issues](https://badgen.net/github/closed-issues/yelp/detect-secrets)](https://badgen.net/github/closed-issues/yelp/detect-secrets) |

| **[tf-parliament](https://github.com/rdkls/tf-parliament)** | Run Parliament AWS IAM Checker on Terraform Files |[![stars](https://badgen.net/github/stars/rdkls/tf-parliament)](https://badgen.net/github/stars/rdkls/tf-parliament)| [![contributors](https://badgen.net/github/contributors/rdkls/tf-parliament)](https://badgen.net/github/contributors/rdkls/tf-parliament) [![watchers](https://badgen.net/github/watchers/rdkls/tf-parliament)](https://badgen.net/github/watchers/rdkls/tf-parliament) [![last-commit](https://badgen.net/github/last-commit/rdkls/tf-parliament)](https://badgen.net/github/last-commit/rdkls/tf-parliament)  [![open-issues](https://badgen.net/github/open-issues/rdkls/tf-parliament)](https://badgen.net/github/open-issues/rdkls/tf-parliament) [![closed-issues](https://badgen.net/github/closed-issues/rdkls/tf-parliament)](https://badgen.net/github/closed-issues/rdkls/tf-parliament) |

| **[aws-gate](https://github.com/xen0l/aws-gate)** | Better AWS SSM Session manager CLI client | [![stars](https://badgen.net/github/stars/xen0l/aws-gate)](https://badgen.net/github/stars/xen0l/aws-gate)| [![contributors](https://badgen.net/github/contributors/xen0l/aws-gate)](https://badgen.net/github/contributors/xen0l/aws-gate) [![watchers](https://badgen.net/github/watchers/xen0l/aws-gate)](https://badgen.net/github/watchers/xen0l/aws-gate) [![last-commit](https://badgen.net/github/last-commit/xen0l/aws-gate)](https://badgen.net/github/last-commit/xen0l/aws-gate)  [![open-issues](https://badgen.net/github/open-issues/xen0l/aws-gate)](https://badgen.net/github/open-issues/xen0l/aws-gate) [![closed-issues](https://badgen.net/github/closed-issues/xen0l/aws-gate)](https://badgen.net/github/closed-issues/xen0l/aws-gate) |

| **[iam-lint](https://github.com/xen0l/iam-lint)** | Github action for linting AWS IAM policy documents for correctness and possible security issues |[![stars](https://badgen.net/github/stars/xen0l/iam-lint)](https://badgen.net/github/stars/xen0l/iam-lint) | [![contributors](https://badgen.net/github/contributors/xen0l/iam-lint)](https://badgen.net/github/contributors/xen0l/iam-lint) [![watchers](https://badgen.net/github/watchers/xen0l/iam-lint)](https://badgen.net/github/watchers/xen0l/iam-lint) [![last-commit](https://badgen.net/github/last-commit/xen0l/iam-lint)](https://badgen.net/github/last-commit/xen0l/iam-lint) [![open-issues](https://badgen.net/github/open-issues/xen0l/iam-lint)](https://badgen.net/github/open-issues/xen0l/iam-lint) [![closed-issues](https://badgen.net/github/closed-issues/xen0l/iam-lint)](https://badgen.net/github/closed-issues/xen0l/iam-lint) |

| **[Regula](https://github.com/fugue/regula)** | Regula checks Terraform for AWS security and compliance using Open Policy Agent/Rego | [![stars](https://badgen.net/github/stars/fugue/regula)](https://badgen.net/github/stars/fugue/regula) | [![contributors](https://badgen.net/github/contributors/fugue/regula)](https://badgen.net/github/contributors/fugue/regula) [![watchers](https://badgen.net/github/watchers/fugue/regula)](https://badgen.net/github/watchers/fugue/regula) [![last-commit](https://badgen.net/github/last-commit/fugue/regula)](https://badgen.net/github/last-commit/fugue/regula) [![open-issues](https://badgen.net/github/open-issues/fugue/regula)](https://badgen.net/github/open-issues/fugue/regula) [![closed-issues](https://badgen.net/github/closed-issues/fugue/regula)](https://badgen.net/github/closed-issues/fugue/regula) |

| **[whispers](https://github.com/Skyscanner/whispers)** | Identify hardcoded secrets and dangerous behaviours | [![stars](https://badgen.net/github/stars/Skyscanner/whispers)](https://badgen.net/github/stars/Skyscanner/whispers) | [![contributors](https://badgen.net/github/contributors/Skyscanner/whispers)](https://badgen.net/github/contributors/Skyscanner/whispers) [![watchers](https://badgen.net/github/watchers/Skyscanner/whispers)](https://badgen.net/github/watchers/Skyscanner/whispers) [![last-commit](https://badgen.net/github/last-commit/Skyscanner/whispers)](https://badgen.net/github/last-commit/Skyscanner/whispers) [![open-issues](https://badgen.net/github/open-issues/Skyscanner/whispers)](https://badgen.net/github/open-issues/Skyscanner/whispers) [![closed-issues](https://badgen.net/github/closed-issues/Skyscanner/whispers)](https://badgen.net/github/closed-issues/Skyscanner/whispers) |

| **[cloudformation-guard](https://github.com/aws-cloudformation/cloudformation-guard)** | A set of tools to check AWS CloudFormation templates for policy compliance using a simple, policy-as-code, declarative syntax. | [![stars](https://badgen.net/github/stars/aws-cloudformation/cloudformation-guard)](https://badgen.net/github/stars/aws-cloudformation/cloudformation-guard) | [![contributors](https://badgen.net/github/contributors/aws-cloudformation/cloudformation-guard)](https://badgen.net/github/contributors/aws-cloudformation/cloudformation-guard) [![watchers](https://badgen.net/github/watchers/aws-cloudformation/cloudformation-guard)](https://badgen.net/github/watchers/aws-cloudformation/cloudformation-guard) [![last-commit](https://badgen.net/github/last-commit/aws-cloudformation/cloudformation-guard)](https://badgen.net/github/last-commit/aws-cloudformation/cloudformation-guard) [![open-issues](https://badgen.net/github/open-issues/aws-cloudformation/cloudformation-guard)](https://badgen.net/github/open-issues/aws-cloudformation/cloudformation-guard) [![closed-issues](https://badgen.net/github/closed-issues/aws-cloudformation/cloudformation-guard)](https://badgen.net/github/closed-issues/aws-cloudformation/cloudformation-guard) |

| **[IAMFinder](https://github.com/prisma-cloud/IAMFinder)** | Enumerates and finds users and IAM roles in a target AWS account | [![stars](https://badgen.net/github/stars/prisma-cloud/IAMFinder)](https://badgen.net/github/stars/prisma-cloud/IAMFinder)| [![contributors](https://badgen.net/github/contributors/prisma-cloud/IAMFinder)](https://badgen.net/github/contributors/prisma-cloud/IAMFinder) [![watchers](https://badgen.net/github/watchers/prisma-cloud/IAMFinder)](https://badgen.net/github/watchers/prisma-cloud/IAMFinder) [![last-commit](https://badgen.net/github/last-commit/prisma-cloud/IAMFinder)](https://badgen.net/github/last-commit/prisma-cloud/IAMFinder) [![open-issues](https://badgen.net/github/open-issues/prisma-cloud/IAMFinder)](https://badgen.net/github/open-issues/prisma-cloud/IAMFinder) [![closed-issues](https://badgen.net/github/closed-issues/prisma-cloud/IAMFinder)](https://badgen.net/github/closed-issues/prisma-cloud/IAMFinder) |

| **[iamlive](https://github.com/iann0036/iamlive)** | Generate a basic IAM policy from AWS client-side monitoring (CSM) | [![stars](https://badgen.net/github/stars/iann0036/iamlive)](https://badgen.net/github/stars/iann0036/iamlive) | [![contributors](https://badgen.net/github/contributors/iann0036/iamlive)](https://badgen.net/github/contributors/iann0036/iamlive) [![watchers](https://badgen.net/github/watchers/iann0036/iamlive)](https://badgen.net/github/watchers/iann0036/iamlive) [![last-commit](https://badgen.net/github/last-commit/iann0036/iamlive)](https://badgen.net/github/last-commit/iann0036/iamlive) [![open-issues](https://badgen.net/github/open-issues/iann0036/iamlive)](https://badgen.net/github/open-issues/iann0036/iamlive) [![closed-issues](https://badgen.net/github/closed-issues/iann0036/iamlive)](https://badgen.net/github/closed-issues/iann0036/iamlive) |

| **[aws-allowlister](https://github.com/salesforce/aws-allowlister)** | Automatically compile an AWS Service Control Policy that ONLY allows AWS services that are compliant with your preferred compliance frameworks. | [![stars](https://badgen.net/github/stars/salesforce/aws-allowlister)](https://badgen.net/github/stars/salesforce/aws-allowlister) | [![contributors](https://badgen.net/github/contributors/salesforce/aws-allowlister)](https://badgen.net/github/contributors/salesforce/aws-allowlister) [![watchers](https://badgen.net/github/watchers/salesforce/aws-allowlister)](https://badgen.net/github/watchers/salesforce/aws-allowlister) [![last-commit](https://badgen.net/github/last-commit/salesforce/aws-allowlister)](https://badgen.net/github/last-commit/salesforce/aws-allowlister) [![open-issues](https://badgen.net/github/open-issues/salesforce/aws-allowlister)](https://badgen.net/github/open-issues/salesforce/aws-allowlister) [![closed-issues](https://badgen.net/github/closed-issues/salesforce/aws-allowlister)](https://badgen.net/github/closed-issues/salesforce/aws-allowlister) |

| **[Leapp](https://github.com/Noovolari/leapp)** | Cross-platform app for managing AWS credentials programmatically, based on Electron |[![stars](https://badgen.net/github/stars/Noovolari/leapp)](https://badgen.net/github/stars/Noovolari/leapp)| [![contributors](https://badgen.net/github/contributors/Noovolari/leapp)](https://badgen.net/github/contributors/Noovolari/leapp)[![watchers](https://badgen.net/github/watchers/Noovolari/leapp)](https://badgen.net/github/watchers/Noovolari/leapp)[![last-commit](https://badgen.net/github/last-commit/Noovolari/leapp)](https://badgen.net/github/last-commit/Noovolari/leapp) [![open-issues](https://badgen.net/github/open-issues/Noovolari/leapp)](https://badgen.net/github/open-issues/Noovolari/leapp) [![closed-issues](https://badgen.net/github/closed-issues/Noovolari/leapp)](https://badgen.net/github/closed-issues/Noovolari/leapp) |

| **[KICS](https://github.com/Checkmarx/kics)** | Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code |[![stars](https://badgen.net/github/stars/Checkmarx/kics)](https://badgen.net/github/stars/Checkmarx/kics)| [![contributors](https://badgen.net/github/contributors/Checkmarx/kics)](https://badgen.net/github/contributors/Checkmarx/kics)[![watchers](https://badgen.net/github/watchers/Checkmarx/kics)](https://badgen.net/github/watchers/Checkmarx/kics)[![last-commit](https://badgen.net/github/last-commit/Checkmarx/kics)](https://badgen.net/github/last-commit/Checkmarx/kics) [![open-issues](https://badgen.net/github/open-issues/Checkmarx/kics)](https://badgen.net/github/open-issues/Checkmarx/kics) [![closed-issues](https://badgen.net/github/closed-issues/Checkmarx/kics)](https://badgen.net/github/closed-issues/Checkmarx/kics) |

| **[SecurityHub CIS Compliance Automator](https://github.com/NickTheSecurityDude/AWS-SecurityHub-CIS-Compliance-Automation)** | Automatically configure your AWS Account to meet 95% of the 200+ controls for CIS Compliance, PCI DSS Compliance and AWS Security Best Practice |[![stars](https://badgen.net/github/stars/NickTheSecurityDude/AWS-SecurityHub-CIS-Compliance-Automation)](https://badgen.net/github/stars/NickTheSecurityDude/AWS-SecurityHub-CIS-Compliance-Automation)| [![contributors](https://badgen.net/github/contributors/NickTheSecurityDude/AWS-SecurityHub-CIS-Compliance-Automation)](https://badgen.net/github/contributors/NickTheSecurityDude/AWS-SecurityHub-CIS-Compliance-Automation)[![watchers](https://badgen.net/github/watchers/NickTheSecurityDude/AWS-SecurityHub-CIS-Compliance-Automation)](https://badgen.net/github/watchers/NickTheSecurityDude/AWS-SecurityHub-CIS-Compliance-Automation)[![last-commit](https://badgen.net/github/last-commit/NickTheSecurityDude/AWS-SecurityHub-CIS-Compliance-Automation)](https://badgen.net/github/last-commit/NickTheSecurityDude/AWS-SecurityHub-CIS-Compliance-Automation) [![open-issues](https://badgen.net/github/open-issues/NickTheSecurityDude/AWS-SecurityHub-CIS-Compliance-Automation)](https://badgen.net/github/open-issues/NickTheSecurityDude/AWS-SecurityHub-CIS-Compliance-Automation) [![closed-issues](https://badgen.net/github/closed-issues/NickTheSecurityDude/AWS-SecurityHub-CIS-Compliance-Automation)](https://badgen.net/github/closed-issues/NickTheSecurityDude/AWS-SecurityHub-CIS-Compliance-Automation) |

| **[SCPkit](https://github.com/aquia-inc/scpkit)** | A SCP management tool that helps condense policies |[![stars](https://badgen.net/github/stars/aquia-inc/scpkit)](https://badgen.net/github/stars/aquia-inc/scpkit)| [![contributors](https://badgen.net/github/contributors/aquia-inc/scpkit)](https://badgen.net/github/contributors/aquia-inc/scpkit)[![watchers](https://badgen.net/github/watchers/aquia-inc/scpkit)](https://badgen.net/github/watchers/aquia-inc/scpkit)[![last-commit](https://badgen.net/github/last-commit/aquia-inc/scpkit)](https://badgen.net/github/last-commit/aquia-inc/scpkit) [![open-issues](https://badgen.net/github/open-issues/aquia-inc/scpkit)](https://badgen.net/github/open-issues/aquia-inc/scpkit) [![closed-issues](https://badgen.net/github/closed-issues/aquia-inc/scpkit)](https://badgen.net/github/closed-issues/aquia-inc/scpkit) |

| **[Codemodder](https://github.com/pixee/codemodder-java)** | A pluggable framework for building expressive codemods. Use Codemodder when you need more than a linter or code formatting tool. Use it to fix non-trivial security issues and other code quality problems |[![stars](https://badgen.net/github/stars/pixee/codemodder-java)](https://badgen.net/github/stars/pixee/codemodder-java) |[![contributors](https://badgen.net/github/contributors/pixee/codemodder-java)](https://badgen.net/github/stars/pixee/codemodder-java) [![watchers](https://badgen.net/github/watchers/pixee/codemodder-java)](https://badgen.net/github/watchers/pixee/codemodder-java) [![last-commit](https://badgen.net/github/last-commit/pixee/codemodder-java)](https://badgen.net/github/last-commit/pixee/codemodder-java) [![open-issues](https://badgen.net/github/open-issues/pixee/codemodder-java)](https://badgen.net/github/open-issues/pixee/codemodder-java) [![closed-issues](https://badgen.net/github/closed-issues/pixee/codemodder-java)](https://badgen.net/github/closed-issues/pixee/codemodder-java) |

## S3 Buckets Auditing

| Name | Description | Popularity | Metadata |

| ---------- | :---------- | :----------: | :----------: |

| **[mass3](https://github.com/smiegles/mass3)** | enumerate through a pre-compiled list of AWS S3 buckets using DNS instead of HTTP with a list of DNS resolvers and multi-threading |[![stars](https://badgen.net/github/stars/smiegles/mass3)](https://badgen.net/github/stars/smiegles/mass3)| [![contributors](https://badgen.net/github/contributors/smiegles/mass3)](https://badgen.net/github/contributors/smiegles/mass3)[![watchers](https://badgen.net/github/watchers/smiegles/mass3)](https://badgen.net/github/watchers/smiegles/mass3)[![last-commit](https://badgen.net/github/last-commit/smiegles/mass3)](https://badgen.net/github/last-commit/smiegles/mass3) [![open-issues](https://badgen.net/github/open-issues/smiegles/mass3)](https://badgen.net/github/open-issues/smiegles/mass3) [![closed-issues](https://badgen.net/github/closed-issues/smiegles/mass3)](https://badgen.net/github/closed-issues/smiegles/mass3) |

| **[teh_s3_bucketeers](https://github.com/tomdev/teh_s3_bucketeers)** |  |[![stars](https://badgen.net/github/stars/tomdev/teh_s3_bucketeers)](https://badgen.net/github/stars/tomdev/teh_s3_bucketeers)| [![contributors](https://badgen.net/github/contributors/tomdev/teh_s3_bucketeers)](https://badgen.net/github/contributors/tomdev/teh_s3_bucketeers)[![watchers](https://badgen.net/github/watchers/tomdev/teh_s3_bucketeers)](https://badgen.net/github/watchers/tomdev/teh_s3_bucketeers)[![last-commit](https://badgen.net/github/last-commit/tomdev/teh_s3_bucketeers)](https://badgen.net/github/last-commit/tomdev/teh_s3_bucketeers) [![open-issues](https://badgen.net/github/open-issues/tomdev/teh_s3_bucketeers)](https://badgen.net/github/open-issues/tomdev/teh_s3_bucketeers) [![closed-issues](https://badgen.net/github/closed-issues/tomdev/teh_s3_bucketeers)](https://badgen.net/github/closed-issues/tomdev/teh_s3_bucketeers) |

| **[bucket-stream](https://github.com/eth0izzle/bucket-stream)** | Find interesting Amazon S3 Buckets by watching certificate transparency logs |[![stars](https://badgen.net/github/stars/eth0izzle/bucket-stream)](https://badgen.net/github/stars/eth0izzle/bucket-stream)| [![contributors](https://badgen.net/github/contributors/eth0izzle/bucket-stream)](https://badgen.net/github/contributors/eth0izzle/bucket-stream)[![watchers](https://badgen.net/github/watchers/eth0izzle/bucket-stream)](https://badgen.net/github/watchers/eth0izzle/bucket-stream)[![last-commit](https://badgen.net/github/last-commit/eth0izzle/bucket-stream)](https://badgen.net/github/last-commit/eth0izzle/bucket-stream) [![open-issues](https://badgen.net/github/open-issues/eth0izzle/bucket-stream)](https://badgen.net/github/open-issues/eth0izzle/bucket-stream) [![closed-issues](https://badgen.net/github/closed-issues/eth0izzle/bucket-stream)](https://badgen.net/github/closed-issues/eth0izzle/bucket-stream) |

| **[s3-buckets-finder](https://github.com/gwen001/s3-buckets-finder)** | brute force Amazon S3 bucket |[![stars](https://badgen.net/github/stars/gwen001/s3-buckets-finder)](https://badgen.net/github/stars/gwen001/s3-buckets-finder)| [![contributors](https://badgen.net/github/contributors/gwen001/s3-buckets-finder)](https://badgen.net/github/contributors/gwen001/s3-buckets-finder)[![watchers](https://badgen.net/github/watchers/gwen001/s3-buckets-finder)](https://badgen.net/github/watchers/gwen001/s3-buckets-finder)[![last-commit](https://badgen.net/github/last-commit/gwen001/s3-buckets-finder)](https://badgen.net/github/last-commit/gwen001/s3-buckets-finder) [![open-issues](https://badgen.net/github/open-issues/gwen001/s3-buckets-finder)](https://badgen.net/github/open-issues/gwen001/s3-buckets-finder) [![closed-issues](https://badgen.net/github/closed-issues/gwen001/s3-buckets-finder)](https://badgen.net/github/closed-issues/gwen001/s3-buckets-finder) |

| **[s3find](https://github.com/aaparmeggiani/s3find)** | find S3 public buckets |[![stars](https://badgen.net/github/stars/aaparmeggiani/s3find)](https://badgen.net/github/stars/aaparmeggiani/s3find)| [![contributors](https://badgen.net/github/contributors/aaparmeggiani/s3find)](https://badgen.net/github/contributors/aaparmeggiani/s3find)[![watchers](https://badgen.net/github/watchers/aaparmeggiani/s3find)](https://badgen.net/github/watchers/aaparmeggiani/s3find)[![last-commit](https://badgen.net/github/last-commit/aaparmeggiani/s3find)](https://badgen.net/github/last-commit/aaparmeggiani/s3find) [![open-issues](https://badgen.net/github/open-issues/aaparmeggiani/s3find)](https://badgen.net/github/open-issues/aaparmeggiani/s3find) [![closed-issues](https://badgen.net/github/closed-issues/aaparmeggiani/s3find)](https://badgen.net/github/closed-issues/aaparmeggiani/s3find) |

| **[slurp-robbie](https://github.com/random-robbie/slurp)** | Enumerate S3 buckets via certstream, domain, or keywords  |[![stars](https://badgen.net/github/stars/random-robbie/slurp)](https://badgen.net/github/stars/random-robbie/slurp)| [![contributors](https://badgen.net/github/contributors/random-robbie/slurp)](https://badgen.net/github/contributors/random-robbie/slurp)[![watchers](https://badgen.net/github/watchers/random-robbie/slurp)](https://badgen.net/github/watchers/random-robbie/slurp)[![last-commit](https://badgen.net/github/last-commit/random-robbie/slurp)](https://badgen.net/github/last-commit/random-robbie/slurp) [![open-issues](https://badgen.net/github/open-issues/random-robbie/slurp)](https://badgen.net/github/open-issues/random-robbie/slurp) [![closed-issues](https://badgen.net/github/closed-issues/random-robbie/slurp)](https://badgen.net/github/closed-issues/random-robbie/slurp) |

| **[s3-inspector](https://github.com/clario-tech/s3-inspector)** | check AWS S3 bucket permissions |[![stars](https://badgen.net/github/stars/clario-tech/s3-inspector)](https://badgen.net/github/stars/clario-tech/s3-inspector)| [![contributors](https://badgen.net/github/contributors/clario-tech/s3-inspector)](https://badgen.net/github/contributors/clario-tech/s3-inspector)[![watchers](https://badgen.net/github/watchers/clario-tech/s3-inspector)](https://badgen.net/github/watchers/clario-tech/s3-inspector)[![last-commit](https://badgen.net/github/last-commit/clario-tech/s3-inspector)](https://badgen.net/github/last-commit/clario-tech/s3-inspector) [![open-issues](https://badgen.net/github/open-issues/clario-tech/s3-inspector)](https://badgen.net/github/open-issues/clario-tech/s3-inspector) [![closed-issues](https://badgen.net/github/closed-issues/clario-tech/s3-inspector)](https://badgen.net/github/closed-issues/clario-tech/s3-inspector) |

| **[s3-fuzzer](https://github.com/pbnj/s3-fuzzer)** |  |[![stars](https://badgen.net/github/stars/pbnj/s3-fuzzer)](https://badgen.net/github/stars/pbnj/s3-fuzzer)| [![contributors](https://badgen.net/github/contributors/pbnj/s3-fuzzer)](https://badgen.net/github/contributors/pbnj/s3-fuzzer)[![watchers](https://badgen.net/github/watchers/pbnj/s3-fuzzer)](https://badgen.net/github/watchers/pbnj/s3-fuzzer)[![last-commit](https://badgen.net/github/last-commit/pbnj/s3-fuzzer)](https://badgen.net/github/last-commit/pbnj/s3-fuzzer) [![open-issues](https://badgen.net/github/open-issues/pbnj/s3-fuzzer)](https://badgen.net/github/open-issues/pbnj/s3-fuzzer) [![closed-issues](https://badgen.net/github/closed-issues/pbnj/s3-fuzzer)](https://badgen.net/github/closed-issues/pbnj/s3-fuzzer) |

| **[AWSBucketDump](https://github.com/jordanpotti/AWSBucketDump)** | Look For Interesting Files in S3 Buckets  |[![stars](https://badgen.net/github/stars/jordanpotti/AWSBucketDump)](https://badgen.net/github/stars/jordanpotti/AWSBucketDump)| [![contributors](https://badgen.net/github/contributors/jordanpotti/AWSBucketDump)](https://badgen.net/github/contributors/jordanpotti/AWSBucketDump)[![watchers](https://badgen.net/github/watchers/jordanpotti/AWSBucketDump)](https://badgen.net/github/watchers/jordanpotti/AWSBucketDump)[![last-commit](https://badgen.net/github/last-commit/jordanpotti/AWSBucketDump)](https://badgen.net/github/last-commit/jordanpotti/AWSBucketDump) [![open-issues](https://badgen.net/github/open-issues/jordanpotti/AWSBucketDump)](https://badgen.net/github/open-issues/jordanpotti/AWSBucketDump) [![closed-issues](https://badgen.net/github/closed-issues/jordanpotti/AWSBucketDump)](https://badgen.net/github/closed-issues/jordanpotti/AWSBucketDump) |

| **[s3scan](https://github.com/bear/s3scan)** | scan s3 buckets for security issues  |[![stars](https://badgen.net/github/stars/bear/s3scan)](https://badgen.net/github/stars/bear/s3scan)| [![contributors](https://badgen.net/github/contributors/bear/s3scan)](https://badgen.net/github/contributors/bear/s3scan)[![watchers](https://badgen.net/github/watchers/bear/s3scan)](https://badgen.net/github/watchers/bear/s3scan)[![last-commit](https://badgen.net/github/last-commit/bear/s3scan)](https://badgen.net/github/last-commit/bear/s3scan) [![open-issues](https://badgen.net/github/open-issues/bear/s3scan)](https://badgen.net/github/open-issues/bear/s3scan) [![closed-issues](https://badgen.net/github/closed-issues/bear/s3scan)](https://badgen.net/github/closed-issues/bear/s3scan) |

| **[S3Scanner](https://github.com/sa7mon/S3Scanner)** | Scan for open AWS S3 buckets and dump the contents  |[![stars](https://badgen.net/github/stars/sa7mon/S3Scanner)](https://badgen.net/github/stars/sa7mon/S3Scanner)| [![contributors](https://badgen.net/github/contributors/sa7mon/S3Scanner)](https://badgen.net/github/contributors/sa7mon/S3Scanner)[![watchers](https://badgen.net/github/watchers/sa7mon/S3Scanner)](https://badgen.net/github/watchers/sa7mon/S3Scanner)[![last-commit](https://badgen.net/github/last-commit/sa7mon/S3Scanner)](https://badgen.net/github/last-commit/sa7mon/S3Scanner) [![open-issues](https://badgen.net/github/open-issues/sa7mon/S3Scanner)](https://badgen.net/github/open-issues/sa7mon/S3Scanner) [![closed-issues](https://badgen.net/github/closed-issues/sa7mon/S3Scanner)](https://badgen.net/github/closed-issues/sa7mon/S3Scanner) |

| **[s3finder](https://github.com/magisterquis/s3finder)** | open S3 bucket finder  |[![stars](https://badgen.net/github/stars/magisterquis/s3finder)](https://badgen.net/github/stars/magisterquis/s3finder)| [![contributors](https://badgen.net/github/contributors/magisterquis/s3finder)](https://badgen.net/github/contributors/magisterquis/s3finder)[![watchers](https://badgen.net/github/watchers/magisterquis/s3finder)](https://badgen.net/github/watchers/magisterquis/s3finder)[![last-commit](https://badgen.net/github/last-commit/magisterquis/s3finder)](https://badgen.net/github/last-commit/magisterquis/s3finder) [![open-issues](https://badgen.net/github/open-issues/magisterquis/s3finder)](https://badgen.net/github/open-issues/magisterquis/s3finder) [![closed-issues](https://badgen.net/github/closed-issues/magisterquis/s3finder)](https://badgen.net/github/closed-issues/magisterquis/s3finder) |

| **[S3Scan](https://github.com/abhn/S3Scan)** | spider a website and find publicly open S3 buckets |[![stars](https://badgen.net/github/stars/abhn/S3Scan)](https://badgen.net/github/stars/abhn/S3Scan)| [![contributors](https://badgen.net/github/contributors/abhn/S3Scan)](https://badgen.net/github/contributors/abhn/S3Scan)[![watchers](https://badgen.net/github/watchers/abhn/S3Scan)](https://badgen.net/github/watchers/abhn/S3Scan)[![last-commit](https://badgen.net/github/last-commit/abhn/S3Scan)](https://badgen.net/github/last-commit/abhn/S3Scan) [![open-issues](https://badgen.net/github/open-issues/abhn/S3Scan)](https://badgen.net/github/open-issues/abhn/S3Scan) [![closed-issues](https://badgen.net/github/closed-issues/abhn/S3Scan)](https://badgen.net/github/closed-issues/abhn/S3Scan) |

| **[s3-meta](https://github.com/whitfin/s3-meta)** | Gather metadata about your S3 buckets |[![stars](https://badgen.net/github/stars/whitfin/s3-meta)](https://badgen.net/github/stars/whitfin/s3-meta)| [![contributors](https://badgen.net/github/contributors/whitfin/s3-meta)](https://badgen.net/github/contributors/whitfin/s3-meta)[![watchers](https://badgen.net/github/watchers/whitfin/s3-meta)](https://badgen.net/github/watchers/whitfin/s3-meta)[![last-commit](https://badgen.net/github/last-commit/whitfin/s3-meta)](https://badgen.net/github/last-commit/whitfin/s3-meta) [![open-issues](https://badgen.net/github/open-issues/whitfin/s3-meta)](https://badgen.net/github/open-issues/whitfin/s3-meta) [![closed-issues](https://badgen.net/github/closed-issues/whitfin/s3-meta)](https://badgen.net/github/closed-issues/whitfin/s3-meta) |

| **[s3-utils](https://github.com/whitfin/s3-utils)** |  Utilities and tools based around Amazon S3 to provide convenience APIs in a CLI |[![stars](https://badgen.net/github/stars/whitfin/s3-utils)](https://badgen.net/github/stars/whitfin/s3-utils)| [![contributors](https://badgen.net/github/contributors/whitfin/s3-utils)](https://badgen.net/github/contributors/whitfin/s3-utils)[![watchers](https://badgen.net/github/watchers/whitfin/s3-utils)](https://badgen.net/github/watchers/whitfin/s3-utils)[![last-commit](https://badgen.net/github/last-commit/whitfin/s3-utils)](https://badgen.net/github/last-commit/whitfin/s3-utils) [![open-issues](https://badgen.net/github/open-issues/whitfin/s3-utils)](https://badgen.net/github/open-issues/whitfin/s3-utils) [![closed-issues](https://badgen.net/github/closed-issues/whitfin/s3-utils)](https://badgen.net/github/closed-issues/whitfin/s3-utils) |

| **[S3PublicBucketsCheck](https://github.com/vr00n/Amazon-Web-Shenanigans)** | A lambda function that checks your account for Public buckets and emails you whenever a new public s3 bucket is created |[![stars](https://badgen.net/github/stars/vr00n/Amazon-Web-Shenanigans)](https://badgen.net/github/stars/vr00n/Amazon-Web-Shenanigans)| [![contributors](https://badgen.net/github/contributors/vr00n/Amazon-Web-Shenanigans)](https://badgen.net/github/contributors/vr00n/Amazon-Web-Shenanigans)[![watchers](https://badgen.net/github/watchers/vr00n/Amazon-Web-Shenanigans)](https://badgen.net/github/watchers/vr00n/Amazon-Web-Shenanigans)[![last-commit](https://badgen.net/github/last-commit/vr00n/Amazon-Web-Shenanigans)](https://badgen.net/github/last-commit/vr00n/Amazon-Web-Shenanigans) [![open-issues](https://badgen.net/github/open-issues/vr00n/Amazon-Web-Shenanigans)](https://badgen.net/github/open-issues/vr00n/Amazon-Web-Shenanigans) [![closed-issues](https://badgen.net/github/closed-issues/vr00n/Amazon-Web-Shenanigans)](https://badgen.net/github/closed-issues/vr00n/Amazon-Web-Shenanigans) |

| **[bucket_finder](https://github.com/FishermansEnemy/bucket_finder)** | Amazon bucket brute force tool  |[![stars](https://badgen.net/github/stars/FishermansEnemy/bucket_finder)](https://badgen.net/github/stars/FishermansEnemy/bucket_finder)| [![contributors](https://badgen.net/github/contributors/FishermansEnemy/bucket_finder)](https://badgen.net/github/contributors/FishermansEnemy/bucket_finder)[![watchers](https://badgen.net/github/watchers/FishermansEnemy/bucket_finder)](https://badgen.net/github/watchers/FishermansEnemy/bucket_finder)[![last-commit](https://badgen.net/github/last-commit/FishermansEnemy/bucket_finder)](https://badgen.net/github/last-commit/FishermansEnemy/bucket_finder) [![open-issues](https://badgen.net/github/open-issues/FishermansEnemy/bucket_finder)](https://badgen.net/github/open-issues/FishermansEnemy/bucket_finder) [![closed-issues](https://badgen.net/github/closed-issues/FishermansEnemy/bucket_finder)](https://badgen.net/github/closed-issues/FishermansEnemy/bucket_finder) |

| **[inSp3ctor](https://github.com/brianwarehime/inSp3ctor)** | AWS S3 Bucket/Object Finder  |[![stars](https://badgen.net/github/stars/brianwarehime/inSp3ctor)](https://badgen.net/github/stars/brianwarehime/inSp3ctor)| [![contributors](https://badgen.net/github/contributors/brianwarehime/inSp3ctor)](https://badgen.net/github/contributors/brianwarehime/inSp3ctor)[![watchers](https://badgen.net/github/watchers/brianwarehime/inSp3ctor)](https://badgen.net/github/watchers/brianwarehime/inSp3ctor)[![last-commit](https://badgen.net/github/last-commit/brianwarehime/inSp3ctor)](https://badgen.net/github/last-commit/brianwarehime/inSp3ctor) [![open-issues](https://badgen.net/github/open-issues/brianwarehime/inSp3ctor)](https://badgen.net/github/open-issues/brianwarehime/inSp3ctor) [![closed-issues](https://badgen.net/github/closed-issues/brianwarehime/inSp3ctor)](https://badgen.net/github/closed-issues/brianwarehime/inSp3ctor) |

| **[bucketcat](https://github.com/Atticuss/bucketcat)** | Brute-forces objects within a given bucket using Hashcat mask-like syntax |[![stars](https://badgen.net/github/stars/Atticuss/bucketcat)](https://badgen.net/github/stars/Atticuss/bucketcat)| [![contributors](https://badgen.net/github/contributors/Atticuss/bucketcat)](https://badgen.net/github/contributors/Atticuss/bucketcat)[![watchers](https://badgen.net/github/watchers/Atticuss/bucketcat)](https://badgen.net/github/watchers/Atticuss/bucketcat)[![last-commit](https://badgen.net/github/last-commit/Atticuss/bucketcat)](https://badgen.net/github/last-commit/Atticuss/bucketcat) [![open-issues](https://badgen.net/github/open-issues/Atticuss/bucketcat)](https://badgen.net/github/open-issues/Atticuss/bucketcat) [![closed-issues](https://badgen.net/github/closed-issues/Atticuss/bucketcat)](https://badgen.net/github/closed-issues/Atticuss/bucketcat) |

| **[aws-s3-data-finder](https://github.com/Ucnt/aws-s3-data-finder)** | AWS S3 Sensitive Data Search |[![stars](https://badgen.net/github/stars/Ucnt/aws-s3-data-finder)](https://badgen.net/github/stars/Ucnt/aws-s3-data-finder)| [![contributors](https://badgen.net/github/contributors/Ucnt/aws-s3-data-finder)](https://badgen.net/github/contributors/Ucnt/aws-s3-data-finder)[![watchers](https://badgen.net/github/watchers/Ucnt/aws-s3-data-finder)](https://badgen.net/github/watchers/Ucnt/aws-s3-data-finder)[![last-commit](https://badgen.net/github/last-commit/Ucnt/aws-s3-data-finder)](https://badgen.net/github/last-commit/Ucnt/aws-s3-data-finder) [![open-issues](https://badgen.net/github/open-issues/Ucnt/aws-s3-data-finder)](https://badgen.net/github/open-issues/Ucnt/aws-s3-data-finder) [![closed-issues](https://badgen.net/github/closed-issues/Ucnt/aws-s3-data-finder)](https://badgen.net/github/closed-issues/Ucnt/aws-s3-data-finder) |

| **[lazys3](https://github.com/nahamsec/lazys3)** | bruteforce AWS s3 buckets using different permutations |[![stars](https://badgen.net/github/stars/nahamsec/lazys3)](https://badgen.net/github/stars/nahamsec/lazys3)| [![contributors](https://badgen.net/github/contributors/nahamsec/lazys3)](https://badgen.net/github/contributors/nahamsec/lazys3)[![watchers](https://badgen.net/github/watchers/nahamsec/lazys3)](https://badgen.net/github/watchers/nahamsec/lazys3)[![last-commit](https://badgen.net/github/last-commit/nahamsec/lazys3)](https://badgen.net/github/last-commit/nahamsec/lazys3) [![open-issues](https://badgen.net/github/open-issues/nahamsec/lazys3)](https://badgen.net/github/open-issues/nahamsec/lazys3) [![closed-issues](https://badgen.net/github/closed-issues/nahamsec/lazys3)](https://badgen.net/github/closed-issues/nahamsec/lazys3) |

| **[BucketScanner](https://github.com/securing/BucketScanner)** | Test objects' permissions in AWS buckets |[![stars](https://badgen.net/github/stars/securing/BucketScanner)](https://badgen.net/github/stars/securing/BucketScanner)| [![contributors](https://badgen.net/github/contributors/securing/BucketScanner)](https://badgen.net/github/contributors/securing/BucketScanner)[![watchers](https://badgen.net/github/watchers/securing/BucketScanner)](https://badgen.net/github/watchers/securing/BucketScanner)[![last-commit](https://badgen.net/github/last-commit/securing/BucketScanner)](https://badgen.net/github/last-commit/securing/BucketScanner) [![open-issues](https://badgen.net/github/open-issues/securing/BucketScanner)](https://badgen.net/github/open-issues/securing/BucketScanner) [![closed-issues](https://badgen.net/github/closed-issues/securing/BucketScanner)](https://badgen.net/github/closed-issues/securing/BucketScanner) |

| **[aws-externder-cli](https://github.com/VirtueSecurity/aws-extender-cli)** | Test S3 buckets as well as Google Storage buckets and Azure Storage containers to find interesting files |[![stars](https://badgen.net/github/stars/VirtueSecurity/aws-extender-cli)](https://badgen.net/github/stars/VirtueSecurity/aws-extender-cli)| [![contributors](https://badgen.net/github/contributors/VirtueSecurity/aws-extender-cli)](https://badgen.net/github/contributors/VirtueSecurity/aws-extender-cli)[![watchers](https://badgen.net/github/watchers/VirtueSecurity/aws-extender-cli)](https://badgen.net/github/watchers/VirtueSecurity/aws-extender-cli)[![last-commit](https://badgen.net/github/last-commit/VirtueSecurity/aws-extender-cli)](https://badgen.net/github/last-commit/VirtueSecurity/aws-extender-cli) [![open-issues](https://badgen.net/github/open-issues/VirtueSecurity/aws-extender-cli)](https://badgen.net/github/open-issues/VirtueSecurity/aws-extender-cli) [![closed-issues](https://badgen.net/github/closed-issues/VirtueSecurity/aws-extender-cli)](https://badgen.net/github/closed-issues/VirtueSecurity/aws-extender-cli) |

| **[festin](https://github.com/cr0hn/festin)** | S3 bucket weakness discovery | [![stars](https://badgen.net/github/stars/cr0hn/festin)](https://badgen.net/github/stars/cr0hn/festin) | [![contributors](https://badgen.net/github/contributors/cr0hn/festin)](https://badgen.net/github/contributors/cr0hn/festin) [![watchers](https://badgen.net/github/watchers/cr0hn/festin)](https://badgen.net/github/watchers/cr0hn/festin) [![last-commit](https://badgen.net/github/last-commit/cr0hn/festin)](https://badgen.net/github/last-commit/cr0hn/festin) [![open-issues](https://badgen.net/github/open-issues/cr0hn/festin)](https://badgen.net/github/open-issues/cr0hn/festin) [![closed-issues](https://badgen.net/github/closed-issues/cr0hn/festin)](https://badgen.net/github/closed-issues/cr0hn/festin) |

| **[S3Insights](https://github.com/kurmiashish/S3Insights)** | a platform for efficiently deriving security insights about S3 data through metadata analysis  | [![stars](https://badgen.net/github/stars/kurmiashish/S3Insights)](https://badgen.net/github/stars/kurmiashish/S3Insights) | [![contributors](https://badgen.net/github/contributors/kurmiashish/S3Insights)](https://badgen.net/github/contributors/kurmiashish/S3Insights) [![watchers](https://badgen.net/github/watchers/kurmiashish/S3Insights)](https://badgen.net/github/watchers/kurmiashish/S3Insights) [![last-commit](https://badgen.net/github/last-commit/kurmiashish/S3Insights)](https://badgen.net/github/last-commit/kurmiashish/S3Insights) [![open-issues](https://badgen.net/github/open-issues/kurmiashish/S3Insights)](https://badgen.net/github/open-issues/kurmiashish/S3Insights) [![closed-issues](https://badgen.net/github/closed-issues/kurmiashish/S3Insights)](https://badgen.net/github/closed-issues/kurmiashish/S3Insights) |

| **[s3_objects_check](https://github.com/nccgroup/s3_objects_check)** | Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.  | [![stars](https://badgen.net/github/stars/nccgroup/s3_objects_check)](https://badgen.net/github/stars/nccgroup/s3_objects_check) | [![contributors](https://badgen.net/github/contributors/nccgroup/s3_objects_check)](https://badgen.net/github/contributors/nccgroup/s3_objects_check) [![watchers](https://badgen.net/github/watchers/nccgroup/s3_objects_check)](https://badgen.net/github/watchers/nccgroup/s3_objects_check) [![last-commit](https://badgen.net/github/last-commit/nccgroup/s3_objects_check)](https://badgen.net/github/last-commit/nccgroup/s3_objects_check) [![open-issues](https://badgen.net/github/open-issues/nccgroup/s3_objects_check)](https://badgen.net/github/open-issues/nccgroup/s3_objects_check) [![closed-issues](https://badgen.net/github/closed-issues/nccgroup/s3_objects_check)](https://badgen.net/github/closed-issues/nccgroup/s3_objects_check) |

## Training

| Name | Description | Popularity | Metadata |

| ---------- | :---------- | :----------: | :----------: |

| **[Flaws.cloud](http://flaws.cloud/)** | flAWS challenge to learn through a series of levels about common mistakes and gotchas when using AWS | | | | | |

| **[Flaws2.cloud](http://flaws2.cloud/)** | flAWS 2 has two paths this time Attacker and Defender! In the Attacker path  you'll exploit your way through misconfigurations in serverless (Lambda) and containers (ECS Fargate). In the Defender path   that target is now viewed as the victim and you'll work as an incident responder for that same app  understanding how an attack happened | | | | | |

| **[CloudGoat](https://github.com/RhinoSecurityLabs/cloudgoat)** | Vulnerable by Design AWS infrastructure setup tool |[![stars](https://badgen.net/github/stars/RhinoSecurityLabs/cloudgoat)](https://badgen.net/github/stars/RhinoSecurityLabs/cloudgoat)| [![contributors](https://badgen.net/github/contributors/RhinoSecurityLabs/cloudgoat)](https://badgen.net/github/contributors/RhinoSecurityLabs/cloudgoat)[![watchers](https://badgen.net/github/watchers/RhinoSecurityLabs/cloudgoat)](https://badgen.net/github/watchers/RhinoSecurityLabs/cloudgoat)[![last-commit](https://badgen.net/github/last-commit/RhinoSecurityLabs/cloudgoat)](https://badgen.net/github/last-commit/RhinoSecurityLabs/cloudgoat) [![open-issues](https://badgen.net/github/open-issues/RhinoSecurityLabs/cloudgoat)](https://badgen.net/github/open-issues/RhinoSecurityLabs/cloudgoat) [![closed-issues](https://badgen.net/github/closed-issues/RhinoSecurityLabs/cloudgoat)](https://badgen.net/github/closed-issues/RhinoSecurityLabs/cloudgoat) |

| **[dvca](https://github.com/m6a-UdS/dvca)** | Damn Vulnerable Cloud Application [more info](https://medium.com/poka-techblog/privilege-escalation-in-the-cloud-from-ssrf-to-global-account-administrator-fd943cf5a2f6) |[![stars](https://badgen.net/github/stars/m6a-UdS/dvca)](https://badgen.net/github/stars/m6a-UdS/dvca)| [![contributors](https://badgen.net/github/contributors/m6a-UdS/dvca)](https://badgen.net/github/contributors/m6a-UdS/dvca)[![watchers](https://badgen.net/github/watchers/m6a-UdS/dvca)](https://badgen.net/github/watchers/m6a-UdS/dvca)[![last-commit](https://badgen.net/github/last-commit/m6a-UdS/dvca)](https://badgen.net/github/last-commit/m6a-UdS/dvca) [![open-issues](https://badgen.net/github/open-issues/m6a-UdS/dvca)](https://badgen.net/github/open-issues/m6a-UdS/dvca) [![closed-issues](https://badgen.net/github/closed-issues/m6a-UdS/dvca)](https://badgen.net/github/closed-issues/m6a-UdS/dvca) |

| **[AWSDetonationLab](https://github.com/sonofagl1tch/AWSDetonationLab)** | Scripts and templates to generate some basic detections of the AWS security services |[![stars](https://badgen.net/github/stars/sonofagl1tch/AWSDetonationLab)](https://badgen.net/github/stars/sonofagl1tch/AWSDetonationLab)| [![contributors](https://badgen.net/github/contributors/sonofagl1tch/AWSDetonationLab)](https://badgen.net/github/contributors/sonofagl1tch/AWSDetonationLab)[![watchers](https://badgen.net/github/watchers/sonofagl1tch/AWSDetonationLab)](https://badgen.net/github/watchers/sonofagl1tch/AWSDetonationLab)[![last-commit](https://badgen.net/github/last-commit/sonofagl1tch/AWSDetonationLab)](https://badgen.net/github/last-commit/sonofagl1tch/AWSDetonationLab) [![open-issues](https://badgen.net/github/open-issues/sonofagl1tch/AWSDetonationLab)](https://badgen.net/github/open-issues/sonofagl1tch/AWSDetonationLab) [![closed-issues](https://badgen.net/github/closed-issues/sonofagl1tch/AWSDetonationLab)](https://badgen.net/github/closed-issues/sonofagl1tch/AWSDetonationLab) |

| **[OWASPServerlessGoat](https://github.com/OWASP/Serverless-Goat)** | OWASP ServerlessGoat is a deliberately insecure realistic AWS Lambda serverless application  maintained by OWASP for educational purposes. Single click installation through the AWS Serverless Application Repository. |[![stars](https://badgen.net/github/stars/OWASP/Serverless-Goat)](https://badgen.net/github/stars/OWASP/Serverless-Goat)| [![contributors](https://badgen.net/github/contributors/OWASP/Serverless-Goat)](https://badgen.net/github/contributors/OWASP/Serverless-Goat)[![watchers](https://badgen.net/github/watchers/OWASP/Serverless-Goat)](https://badgen.net/github/watchers/OWASP/Serverless-Goat)[![last-commit](https://badgen.net/github/last-commit/OWASP/Serverless-Goat)](https://badgen.net/github/last-commit/OWASP/Serverless-Goat) [![open-issues](https://badgen.net/github/open-issues/OWASP/Serverless-Goat)](https://badgen.net/github/open-issues/OWASP/Serverless-Goat) [![closed-issues](https://badgen.net/github/closed-issues/OWASP/Serverless-Goat)](https://badgen.net/github/closed-issues/OWASP/Serverless-Goat) |

| **[Sadcloud](https://github.com/nccgroup/sadcloud)** | A tool for spinning up insecure AWS infrastructure with Terraform. It supports approx. 84 misconfigurations across 22 AWS Services.|[![stars](https://badgen.net/github/stars/nccgroup/sadcloud)](https://badgen.net/github/stars/nccgroup/sadcloud)| [![contributors](https://badgen.net/github/contributors/nccgroup/sadcloud)](https://badgen.net/github/contributors/nccgroup/sadcloud)[![watchers](https://badgen.net/github/watchers/nccgroup/sadcloud)](https://badgen.net/github/watchers/nccgroup/sadcloud)[![last-commit](https://badgen.net/github/last-commit/nccgroup/sadcloud)](https://badgen.net/github/last-commit/nccgroup/sadcloud) [![open-issues](https://badgen.net/github/open-issues/nccgroup/sadcloud)](https://badgen.net/github/open-issues/nccgroup/sadcloud) [![closed-issues](https://badgen.net/github/closed-issues/nccgroup/sadcloud)](https://badgen.net/github/closed-issues/nccgroup/sadcloud) |

| **[BigOrange Actions](https://bigorange.cloud/actions/)** | Paste your IAM Policy and get a list of Actions it can effectively perform | | | | | |

| **[IncidentResponseGenerator](https://github.com/disruptops/IncidentResponseGenerator)** | Incident response generator for training classes  |[![stars](https://badgen.net/github/stars/disruptops/IncidentResponseGenerator)](https://badgen.net/github/stars/disruptops/IncidentResponseGenerator)| [![contributors](https://badgen.net/github/contributors/disruptops/IncidentResponseGenerator)](https://badgen.net/github/contributors/disruptops/IncidentResponseGenerator)[![watchers](https://badgen.net/github/watchers/disruptops/IncidentResponseGenerator)](https://badgen.net/github/watchers/disruptops/IncidentResponseGenerator)[![last-commit](https://badgen.net/github/last-commit/disruptops/IncidentResponseGenerator)](https://badgen.net/github/last-commit/disruptops/IncidentResponseGenerator) [![open-issues](https://badgen.net/github/open-issues/disruptops/IncidentResponseGenerator)](https://badgen.net/github/open-issues/disruptops/IncidentResponseGenerator) [![closed-issues](https://badgen.net/github/closed-issues/disruptops/IncidentResponseGenerator)](https://badgen.net/github/closed-issues/disruptops/IncidentResponseGenerator) |

| **[Breaking and Pwning Apps and Servers on AWS and Azure](https://github.com/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training)** | Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training! |[![stars](https://badgen.net/github/stars/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training)](https://badgen.net/github/stars/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training)| [![contributors](https://badgen.net/github/contributors/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training)](https://badgen.net/github/contributors/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training)[![watchers](https://badgen.net/github/watchers/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training)](https://badgen.net/github/watchers/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training)[![last-commit](https://badgen.net/github/last-commit/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training)](https://badgen.net/github/last-commit/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training) [![open-issues](https://badgen.net/github/open-issues/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training)](https://badgen.net/github/open-issues/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training) [![closed-issues](https://badgen.net/github/closed-issues/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training)](https://badgen.net/github/closed-issues/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training) |

| **[terragoat](https://github.com/bridgecrewio/terragoat)** | "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments. | [![stars](https://badgen.net/github/stars/bridgecrewio/terragoat)](https://badgen.net/github/stars/bridgecrewio/terragoat) | [![contributors](https://badgen.net/github/contributors/bridgecrewio/terragoat)](https://badgen.net/github/contributors/bridgecrewio/terragoat) [![watchers](https://badgen.net/github/watchers/bridgecrewio/terragoat)](https://badgen.net/github/watchers/bridgecrewio/terragoat) [![last-commit](https://badgen.net/github/last-commit/bridgecrewio/terragoat)](https://badgen.net/github/last-commit/bridgecrewio/terragoat) [![open-issues](https://badgen.net/github/open-issues/bridgecrewio/terragoat)](https://badgen.net/github/open-issues/bridgecrewio/terragoat) [![closed-issues](https://badgen.net/github/closed-issues/bridgecrewio/terragoat)](https://badgen.net/github/closed-issues/bridgecrewio/terragoat) |

| **[cfngoat](https://github.com/bridgecrewio/cfngoat)** | "Vulnerable by Design" cloudformation repository. CfnGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments. | [![stars](https://badgen.net/github/stars/bridgecrewio/cfngoat)](https://badgen.net/github/stars/bridgecrewio/cfngoat) | [![contributors](https://badgen.net/github/contributors/bridgecrewio/cfngoat)](https://badgen.net/github/contributors/bridgecrewio/cfngoat) [![watchers](https://badgen.net/github/watchers/bridgecrewio/cfngoat)](https://badgen.net/github/watchers/bridgecrewio/cfngoat) [![last-commit](https://badgen.net/github/last-commit/bridgecrewio/cfngoat)](https://badgen.net/github/last-commit/bridgecrewio/cfngoat) [![open-issues](https://badgen.net/github/open-issues/bridgecrewio/cfngoat)](https://badgen.net/github/open-issues/bridgecrewio/cfngoat) [![closed-issues](https://badgen.net/github/closed-issues/bridgecrewio/cfngoat)](https://badgen.net/github/closed-issues/bridgecrewio/cfngoat) |

| **[CDKgoat](https://github.com/bridgecrewio/cdkgoat)** | "Vulnerable by Design" AWS CDK repository. CDKGoat is a learning and training project that demonstrates how common configuration errors can find their way into impartive IAC such as AWS CDK. | [![stars](https://badgen.net/github/stars/bridgecrewio/cdkgoat)](https://badgen.net/github/stars/bridgecrewio/cdkgoat) | [![contributors](https://badgen.net/github/contributors/bridgecrewio/cdkgoat)](https://badgen.net/github/contributors/bridgecrewio/cdkgoat) [![watchers](https://badgen.net/github/watchers/bridgecrewio/cdkgoat)](https://badgen.net/github/watchers/bridgecrewio/cdkgoat) [![last-commit](https://badgen.net/github/last-commit/bridgecrewio/cdkgoat)](https://badgen.net/github/last-commit/bridgecrewio/cdkgoat) [![open-issues](https://badgen.net/github/open-issues/bridgecrewio/cdkgoat)](https://badgen.net/github/open-issues/bridgecrewio/cdkgoat) [![closed-issues](https://badgen.net/github/closed-issues/bridgecrewio/cdkgoat)](https://badgen.net/github/closed-issues/bridgecrewio/cdkgoat) |

| **[aws_exposable_resources](https://github.com/SummitRoute/aws_exposable_resources)** | Resource types that can be publicly exposed on AWS  | [![stars](https://badgen.net/github/stars/SummitRoute/aws_exposable_resources)](https://badgen.net/github/stars/SummitRoute/aws_exposable_resources) | [![contributors](https://badgen.net/github/contributors/SummitRoute/aws_exposable_resources)](https://badgen.net/github/contributors/SummitRoute/aws_exposable_resources) [![watchers](https://badgen.net/github/watchers/SummitRoute/aws_exposable_resources)](https://badgen.net/github/watchers/SummitRoute/aws_exposable_resources) [![last-commit](https://badgen.net/github/last-commit/SummitRoute/aws_exposable_resources)](https://badgen.net/github/last-commit/SummitRoute/aws_exposable_resources) [![open-issues](https://badgen.net/github/open-issues/SummitRoute/aws_exposable_resources)](https://badgen.net/github/open-issues/SummitRoute/aws_exposable_resources) [![closed-issues](https://badgen.net/github/closed-issues/SummitRoute/aws_exposable_resources)](https://badgen.net/github/closed-issues/SummitRoute/aws_exposable_resources) |

| **[IAM Vulnerable](https://github.com/BishopFox/iam-vulnerable)** | Use Terraform to create your own vulnerable by design AWS IAM privilege escalation playground  | [![stars](https://badgen.net/github/stars/BishopFox/iam-vulnerable)](https://badgen.net/github/stars/BishopFox/iam-vulnerable) | [![contributors](https://badgen.net/github/contributors/BishopFox/iam-vulnerable)](https://badgen.net/github/contributors/BishopFox/iam-vulnerable) [![watchers](https://badgen.net/github/watchers/BishopFox/iam-vulnerable)](https://badgen.net/github/watchers/BishopFox/iam-vulnerable) [![last-commit](https://badgen.net/github/last-commit/BishopFox/iam-vulnerable)](https://badgen.net/github/last-commit/BishopFox/iam-vulnerable) [![open-issues](https://badgen.net/github/open-issues/BishopFox/iam-vulnerable)](https://badgen.net/github/open-issues/BishopFox/iam-vulnerable) [![closed-issues](https://badgen.net/github/closed-issues/BishopFox/iam-vulnerable)](https://badgen.net/github/closed-issues/BishopFox/iam-vulnerable) |

| **[PenTesting.Cloud](https://pentesting.cloud/)** | Free AWS Security Labs - CTF Style  |  | |

| **[AWSGoat : A Damn Vulnerable AWS Infrastructure](https://github.com/ine-labs/AWSGoat)** | AWSGoat is a vulnerable by design AWS infrastructure featuring OWASP Top 10 web application security risks (2021) and AWS service based misconfigurations. | [![stars](https://badgen.net/github/stars/ine-labs/AWSGoat)](https://badgen.net/github/stars/ine-labs/AWSGoat) | [![contributors](https://badgen.net/github/contributors/ine-labs/AWSGoat)](https://badgen.net/github/contributors/ine-labs/AWSGoat) [![watchers](https://badgen.net/github/watchers/ine-labs/AWSGoat)](https://badgen.net/github/watchers/ine-labs/AWSGoat) [![last-commit](https://badgen.net/github/last-commit/ine-labs/AWSGoat)](https://badgen.net/github/last-commit/ine-labs/AWSGoat) [![open-issues](https://badgen.net/github/open-issues/ine-labs/AWSGoat)](https://badgen.net/github/open-issues/ine-labs/AWSGoat) [![closed-issues](https://badgen.net/github/closed-issues/ine-labs/AWSGoat)](https://badgen.net/github/closed-issues/ine-labs/AWSGoat) |

## Other interesting tools/code

**Honey-token:**

* [https://bitbucket.org/asecurityteam/spacecrab](https://bitbucket.org/asecurityteam/spacecrab)

* [https://breachinsider.com/honey-buckets/](https://breachinsider.com/honey-buckets/)

* [https://github.com/0x4D31/honeyLambda](https://github.com/0x4D31/honeyLambda)

* [https://github.com/thinkst/canarytokens-docker](https://github.com/thinkst/canarytokens-docker)

**More Resources:**

* **asecure.cloud** [https://github.com/asecure.cloud](https://github.com/asecure.cloud) A repository of cutomizable AWS security configurations (Cloudformation and CLI templates)

* **s3-leaks** [https://github.com/nagwww/s3-leaks](https://github.com/nagwww/s3-leaks) - a list of some biggest leaks recorded

* **Model Risk AWS** [https://magoo.github.io/model-risk-aws/](https://magoo.github.io/model-risk-aws/) - POC about probabilistic risk model for AWS

* **asecure.cloud** [https://asecure.cloud/](https://asecure.cloud/) - a great place for security resources regarding AWS Security.

* **honeybuckets** [https://github.com/honey-buckets/](https://github.com/honey-buckets/)

* **thebuckhacker** [https://github.com/thebuckhacker](https://github.com/thebuckhacker)

* **buckets.grayhatwarfare** [https://github.com/buckets.grayhatwarfare](https://github.com/buckets.grayhatwarfare)

* **Cloud Security Newsletter by Marco Lancini** [https://cloudseclist.com/](https://cloudseclist.com/)

* **Cloud Security Podcast by Ashish Rajan** [https://www.cloudsecuritypodcast.tv](www.cloudsecuritypodcast.tv)

* **AWS Security Primer By Michael Wittig** [https://cloudonaut.io/aws-security-primer/](https://cloudonaut.io/aws-security-primer/)

* **Hacking The Cloud** [https://hackingthe.cloud/](https://hackingthe.cloud/)

* **ThreatModel for Amazon S3** [https://github.com/trustoncloud/threatmodel-for-aws-s3](https://github.com/trustoncloud/threatmodel-for-aws-s3) - Library of all the attack scenarios on Amazon S3 and how to mitigate them, following a risk-based approach