Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

Projects in Awesome Lists tagged with cloud-security

A curated list of projects in awesome lists tagged with cloud-security .

https://github.com/tenable/terrascan

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

architecture aws aws-security azure-security cloud-security cloudsecurity devops devsecops gcp-security iac infrastructure infrastructure-as-code kubernetes sast scans security security-tools security-violations terraform terrascan

Last synced: 16 Dec 2024

https://github.com/accurics/terrascan

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

architecture aws aws-security azure-security cloud-security cloudsecurity devops devsecops gcp-security iac infrastructure infrastructure-as-code kubernetes sast scans security security-tools security-violations terraform terrascan

Last synced: 22 Nov 2024

https://github.com/madhuakula/kubernetes-goat

Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀

blueteam cloud-native cloud-security cloudsecurity container container-security devsecops docker hacking infrastructure k8s kubernetes kubernetes-goat kubernetes-security owasp pentesting redteam security vulnerable-app

Last synced: 17 Dec 2024

https://github.com/netflix/consoleme

A Central Control Plane for AWS Permissions and Access

aws aws-iam cloud-security security-tools

Last synced: 17 Dec 2024

https://github.com/Netflix/consoleme

A Central Control Plane for AWS Permissions and Access

aws aws-iam cloud-security security-tools

Last synced: 28 Oct 2024

https://github.com/salesforce/cloudsplaining

Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.

aws aws-iam aws-security cloud cloud-security hacktoberfest iam salesforce security

Last synced: 16 Dec 2024

https://github.com/BishopFox/CloudFox

Automating situational awareness for cloud penetration tests.

aws cloud cloud-security golang penetration-testing-tools security

Last synced: 14 Nov 2024

https://github.com/bishopfox/cloudfox

Automating situational awareness for cloud penetration tests.

aws cloud cloud-security golang penetration-testing-tools security

Last synced: 18 Dec 2024

https://github.com/BishopFox/cloudfox

Automating situational awareness for cloud penetration tests.

aws cloud cloud-security golang penetration-testing-tools security

Last synced: 03 Nov 2024

https://github.com/hacking-the-cloud/hackingthe.cloud

An encyclopedia for offensive and defensive security knowledge in cloud native technologies.

aws aws-hacking azure cloud cloud-security gcp hacking hacking-cloud penetration-testing

Last synced: 19 Dec 2024

https://github.com/Hacking-the-Cloud/hackingthe.cloud

An encyclopedia for offensive and defensive security knowledge in cloud native technologies.

aws aws-hacking azure cloud cloud-security gcp hacking hacking-cloud penetration-testing

Last synced: 05 Nov 2024

https://github.com/chaitin/veinmind-tools

veinmind-tools 是由长亭科技自研,基于 veinmind-sdk 打造的容器安全工具集

cloud-native cloud-security container-security containerd docker image-security security

Last synced: 20 Dec 2024

https://github.com/matanolabs/matano

Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS

alerting apache-iceberg aws aws-security big-data cloud cloud-native cloud-security cybersecurity detection-engineering dfir log-analytics log-management rust secops security security-tools serverless siem threat-hunting

Last synced: 19 Dec 2024

https://github.com/bridgecrewio/terragoat

TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.

aws-security azure-security cloud-security devsecops gcp-security goat terraform

Last synced: 17 Dec 2024

https://github.com/SecurityFTW/cs-suite

Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.

aws-audit aws-security azure azure-audit azure-security cloud-security gcp gcp-audit-report security security-audit security-tools

Last synced: 06 Nov 2024

https://github.com/securityftw/cs-suite

Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.

aws-audit aws-security azure azure-audit azure-security cloud-security gcp gcp-audit-report security security-audit security-tools

Last synced: 15 Dec 2024

https://github.com/common-fate/granted

The easiest way to access your cloud.

aws cloud cloud-security credentials hacktoberfest iam keychain sso

Last synced: 19 Nov 2024

https://github.com/paralus/paralus

All-in-one Kubernetes access manager. User-level credentials, RBAC, SSO, audit logs.

access-management cloud-security k8s-access-management kubernetes-security zero-trust-security ztka

Last synced: 19 Dec 2024

https://github.com/edgelesssys/constellation

Constellation is the first Confidential Kubernetes. Constellation shields entire Kubernetes clusters from the (cloud) infrastructure using confidential computing.

cloud-security confidential-computing data-encryption kubernetes kubernetes-security

Last synced: 17 Dec 2024

https://github.com/cyberark/skyark

SkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS

admins attacker aws azure cloud cloud-security powershell privileges security-tools threat

Last synced: 18 Dec 2024

https://github.com/jonrau1/ElectricEye

ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring supporting 100s of services and evaluations to harden your CSP & SaaS environments with controls mapped to over 20 industry, regulatory, and best practice controls frameworks

asset-management attack-surface-management aws aws-audit aws-compliance aws-security cloud-auditing cloud-compliance-reporting cloud-security compliance devsecops gcp-security google-cloud-security multicloud saas-security security-audit security-engineering security-hub security-monitoring security-tools

Last synced: 02 Nov 2024

https://github.com/cyberark/SkyArk

SkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS

admins attacker aws azure cloud cloud-security powershell privileges security-tools threat

Last synced: 11 Nov 2024

https://github.com/esonhugh/attack_code

文章 Attack Code 的详细全文。安全和开发总是具有伴生属性,尤其是云的安全方向,本篇文章是希望能帮助到读者的云安全入门材料。Full text of the article Attack Code. Security and development always have concomitant attributes, and this is especially true with the security direction of the cloud. This article is an introduction to cloud security that I hope will help readers.

article cloud cloud-security cloudsecurity introduction security

Last synced: 21 Dec 2024

https://github.com/Esonhugh/Attack_Code

文章 Attack Code 的详细全文。安全和开发总是具有伴生属性,尤其是云的安全方向,本篇文章是希望能帮助到读者的云安全入门材料。Full text of the article Attack Code. Security and development always have concomitant attributes, and this is especially true with the security direction of the cloud. This article is an introduction to cloud security that I hope will help readers.

article cloud cloud-security cloudsecurity introduction security

Last synced: 17 Nov 2024

https://github.com/HXSecurity/TerraformGoat

TerraformGoat is HXSecurity research lab's "Vulnerable by Design" multi cloud deployment tool.

aws-security azure-security cloud-security cloudsecurity gcp gcp-security kubernetes-security security terraform

Last synced: 17 Nov 2024

https://github.com/hxsecurity/terraformgoat

TerraformGoat is HXSecurity research lab's "Vulnerable by Design" multi cloud deployment tool.

aws-security azure-security cloud-security cloudsecurity gcp gcp-security kubernetes-security security terraform

Last synced: 15 Dec 2024

https://github.com/stackql/stackql

Query, provision and operate Cloud and SaaS resources and APIs using an extensible SQL based framework

asset-management cloud cloud-automation cloud-config cloud-operations cloud-security cspm devops devsecops hacktoberfest infrastructure-as-code openapi3 sql stackql

Last synced: 21 Dec 2024

https://github.com/redhuntlabs/bucketloot

BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for custom keywords as well as Regular Expressions from publicly-exposed storage buckets by scanning files that store data in plain-text.

automation blackhat bounty bugbounty bughunting cli cloud cloud-security cybersecurity infosec infosectools osint pentesting recon reconnaissance s3 secret-scanning

Last synced: 15 Dec 2024

https://github.com/redhuntlabs/BucketLoot

BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for custom keywords as well as Regular Expressions from publicly-exposed storage buckets by scanning files that store data in plain-text.

automation blackhat bounty bugbounty bughunting cli cloud cloud-security cybersecurity infosec infosectools osint pentesting recon reconnaissance s3 secret-scanning

Last synced: 10 Sep 2024

https://github.com/aabysszg/docker-tcp-scan

旨在以攻促防,针对Docker TCP socket的开源利用工具

cloud-security cybersecurity cybersecurity-education docker docker-remote-api rce

Last synced: 16 Dec 2024

https://github.com/mazen160/tfquery

tfquery: Run SQL queries on your Terraform infrastructure. Query resources and analyze its configuration using a SQL-powered framework.

aws azure cloud-security devsecops gcp terraform

Last synced: 15 Dec 2024

https://github.com/jassics/cybersecurity-roadmap

Skills and career roadmap for various security roles like application security, cloud security, DevSecOps, security engineer, security researchers, pentesting, api security, network security, mobile security and so on with helpful resources, guidelines

application-security aws-security career-development career-guide career-plan career-roadmaps cloud-security cybersecurity-awareness cybersecurity-career-path devsecops interview-questions network-security security security-automation security-questions security-tools

Last synced: 11 Nov 2024

https://github.com/jassics/security-interview-questions

Security interview questions with possible explanation for roles in AppSec, Pentesting, Cloud Security, DevSecOps, Network Security and so on

application-security cloud-security cybersecurity devsecops devsecops-interview-quesitons interview-preparation interview-questions security-interview-questions security-questions web-security-interview

Last synced: 11 Nov 2024

https://github.com/cado-security/varc

Volatile Artifact Collector collects a snapshot of volatile data from a system. It tells you what is happening on a system, and is of particular use when investigating a security incident.

aws aws-fargate aws-forensics aws-lambda cloud-security dfir dfir-automation docker-forensics eks-forensics fargate-forensics forensics hacktoberfest memory-forensics security

Last synced: 15 Nov 2024

https://github.com/common-fate/iamzero

Identity & Access Management simplified and secure.

aws cloud cloud-security iam security security-tools

Last synced: 11 Nov 2024

https://github.com/salesforce/aws-allowlister

Automatically compile an AWS Service Control Policy that ONLY allows AWS services that are compliant with your preferred compliance frameworks.

aws cloud cloud-security compliance iam salesforce security

Last synced: 21 Dec 2024

https://github.com/datadog/grimoire

Generate datasets of cloud audit logs for common attacks

cloud-security detection-engineering purpleteaming

Last synced: 21 Dec 2024

https://github.com/aquasecurity/cloudsec-icons

A collection of cloud security icons :cloud::lock:

cloud cloud-security hacktoberfest icons iconset security svg

Last synced: 08 Nov 2024

https://github.com/salesforce/metabadger

Prevent SSRF attacks on AWS EC2 via automated upgrades to the more secure Instance Metadata Service v2 (IMDSv2).

automation aws cloud-security hardening metadata security

Last synced: 16 Dec 2024

https://github.com/iknowjason/AriaCloud

A Docker container for remote penetration testing.

cloud-security docker-container kali-linux penetration-testing

Last synced: 18 Nov 2024

https://github.com/iknowjason/ariacloud

A Docker container for remote penetration testing.

cloud-security docker-container kali-linux penetration-testing

Last synced: 13 Nov 2024

https://github.com/riskprofiler/CloudFrontier

Monitor the internet attack surface of various public cloud environments. Currently supports AWS, GCP, Azure, DigitalOcean and Oracle Cloud.

api-gateway aws aws-security azure azure-security cloud-security cloudsecurity cyber-security cybersecurity digitalocean dynamodb gcp gcp-security lambda-functions oracle serverless serverless-framework shadow-risk shadowrisk

Last synced: 19 Nov 2024

https://github.com/Adversis/PandorasBox

Security tool to quickly audit Public Box files and folders.

bugbounty cloud-security penetration-testing security-tools

Last synced: 14 Nov 2024

https://github.com/bridgecrewio/cdkgoat

CdkGoat is Bridgecrew's "Vulnerable by Design" AWS CDK repository. CdkGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.

aws-cdk aws-security cloud-security cloudformation devsecops

Last synced: 10 Nov 2024

https://github.com/hxsecurity/cloudsecwiki

CloudSecWiki is a cloud security oriented knowledge base maintained by HuoCorp.

cloud cloud-native cloud-security wiki

Last synced: 11 Nov 2024

https://github.com/lightspin-tech/lightspin-2022-top-7-attack-paths

Based on Lightspin proprietary data, research, and our tracking of cloud security trends in the market, our research team has compiled a list of the 2022 Top 7 Cloud Attack Paths across AWS, Azure, GCP, and Kubernetes as seen on the Lightspin Cloud Native Application Protection Platform.

attack-paths attack-surface aws-security awssecurity azure-security azuresecurity cloud-security cloudsecurity gcp-security mitre-attack ttps

Last synced: 17 Nov 2024

https://github.com/esonhugh/k8spider

Powerful+Fast Kubernetes service discovery tools via kubernetes DNS service. Currently supported IP-based BruteForce / AXFR Domain Transfer Dump / Coredns WildCard Dump

cloud-security dns dnscan kubernetes red-team service-discovery

Last synced: 22 Nov 2024

https://github.com/jgamblin/defensive-s3-buckets

Defensive S3 Bucket Squating

aws-s3 aws-security cloud-security

Last synced: 11 Nov 2024

https://github.com/dschadow/CloudSecurity

Cloud security projects with Spring Cloud Config Server and Vault

cipher cloud-security jasypt java spring spring-boot spring-cloud spring-cloud-config vault

Last synced: 03 Nov 2024

https://github.com/vectra-ai-research/Halberd

Cloud security testing tool to execute a comprehensive array of attack techniques across multiple surfaces via a simple web interface.

attack-defense aws azure azuread blueteam-tools cloud-security detection entra-id m365 microsoft mitre-attack offensive-security offensivesecurity redteam redteam-tools security-testing security-tools ttp

Last synced: 20 Oct 2024

https://github.com/stackql/stackql-provider-registry

Registry for cloud and SaaS providers for StackQL, generated from extensions to the providers OpenAPI3 specification

asset-management cloud cloud-automation cloud-security devops devsecops gcp github hacktoberfest netlify okta openapi3 sql stackql

Last synced: 21 Nov 2024

https://github.com/securestackco/actions-exposure

A GitHub Action that scans your public web applications after every deployment. Add this to your dev, staging and prod steps and SecureStack will make sure that what you've just deployed is secure and meets your requirements.

actions cloud-security cloud-security-posture-management deployment deployment-automation deployment-pipeline dynamic-analysis github-actions secrets-detection security software-composition-analysis vulnerability-detection vulnerability-scanning web-application web-vulnerability web-vulnerability-scanner

Last synced: 23 Nov 2024

https://github.com/samvas-codes/cspm-gpt

The following is a simple example of how LLMs and langchain agents can simplify asking questions to understand the security posture of a cloud environment.

aws azure chatgpt cloud cloud-security cloud-security-audit cloud-security-posture-management cspm cybersecurity devsecops docker gcp gpt langchain neo4j open-source openai policy-as-code python

Last synced: 24 Nov 2024

https://github.com/eshlomo1/cloudsec

Welcome to the Cloud Security Toolkit repository, your all-in-one destination for cutting-edge cloud security resources! Whether you're diving into offensive strategies, mastering threat hunting, or bolstering your blue-team defenses, this repo has you covered.

aws-security azure azure-security cfir cloud-security cloudsecurity dfir gcp-security incident-response kql microsoft microsoft-sentinel microsoftsentinel siem soc threat-hunting threat-intelligence

Last synced: 13 Nov 2024

https://github.com/rek7/patchy

Automated Persistence and Lateral Movement using GCP Patch Management

cloud-native-se cloud-security gcp penetration-testing red-team security

Last synced: 29 Nov 2024

https://github.com/ollionorg/gcp-landing-zone

Leverage Ollion's GCP Landing Zone to deploy a secure, compliant foundation with ease. The repository contains an implementation of a secure and compliant landing zone pattern that will help expedite cloud migration for an enterprise in a heavily regulated industry.

cis-gcp-benchmark cloud-compliance cloud-security compliance foundation gcp gcp-enterprice-foundations-blueprint gcp-landing-zone gcp-landing-zones google-cloud-landing-zone google-cloud-landing-zone-platform nist800-53 opa pci-dss regula security security-foundation

Last synced: 06 Nov 2024

https://github.com/ollionorg/cloud-custodian-aws-policies

CloudCustodian Rules engine for cloud security and governance, DSL in yaml for policies to query, filter, and take actions on resources

auto-remediation automation aws c7n cloud cloud-security cloud-security-audit cloud-security-posture-management cloudcustodian compliance cspm custodian governance policies security-policies security-tools

Last synced: 06 Nov 2024

https://github.com/anunay-bhatt/secure-serverless-reference-architecture

A walkthrough of security controls for a serverless architecture via a demo application

cloud-security reference-architecture security security-architecture serverless

Last synced: 08 Nov 2024

https://github.com/madhuakula/aws-iam-analyser

AWS IAM Analysis utility to gather entire useful information from an AWS account

aws aws-iam cloud-security iam infosec pentesting security security-audit

Last synced: 07 Nov 2024

https://github.com/ollionorg/aws-landing-zone

Leverage Ollion's AWS Landing Zone to deploy a secure, compliant foundation with ease. The repository contains an implementation of a secure and compliant landing zone pattern that will help expedite cloud migration for an enterprise in a heavily regulated industry.

aws aws-foundation-security-best-practices aws-landing-zone aws-landing-zones cis-aws-benchmark cloud-compliance cloud-security compliance foundation nist800-53 opa pci-dss security security-foundation

Last synced: 06 Nov 2024

https://github.com/avishayil/secure_ec2

CLI tool that helps you to provision EC2 instances securely

aws cloud-security ec2

Last synced: 02 Nov 2024

https://github.com/esonhugh/cloudpolicy

An Cloud PolicyDocument go parsing library for AWS-like Cloud providers

aws cloud cloud-policy cloud-security cloud-security-audit golang library policy policy-as-code policy-evaluation

Last synced: 22 Nov 2024

https://github.com/zscaler/crossplane-provider-zpa

Zscaler Private Access (ZPA) Provider for Crossplane.

cloud-security crossplane crossplane-provider kubernetes zero-trust zscaler

Last synced: 09 Nov 2024

https://github.com/thiiagoms/analise-de-risco-em-cloud

Um artigo escrito com amor sobre os principais riscos em plataformas Cloud :heart_eyes: :cloud:

cloud-attack cloud-computing cloud-defense cloud-security computer-science student una

Last synced: 15 Nov 2024

https://github.com/elliotsecops/iac-analyzer

A command-line tool written in Python that helps you identify potential security vulnerabilities and cost optimization opportunities in your Terraform infrastructure code.

cloud-security cloud-security-tools cybersecurity-engineering devops devsecops terraform

Last synced: 13 Dec 2024

https://github.com/hex0punk/goaz

Azure security auditor that finds what Azure Security Center doesn't

azure azure-security cloud-security cloud-security-audit

Last synced: 08 Nov 2024

https://github.com/mikaelvesavuori/multi-cloud-security-tooling

Scripts and resources for multi-cloud (AWS, Azure, GCP + Mac) security tooling running on Linux.

amazon-web-services aws azure cloud-security gcp google-cloud google-cloud-platform linux multi-cloud security

Last synced: 16 Nov 2024

https://github.com/ollionorg/automated-azure-sandbox-setup

🚀 Automate your Azure sandbox environments effortlessly! This repo provides tools for setting up and tearing down Azure sandboxes using GitHub Actions, ensuring efficient resource utilization and cost management. Perfect for PoCs, interviews, workshops, and more! 🛠️⏲️💡

azure cloud-playground cloud-security playground sandbox security

Last synced: 06 Nov 2024

https://github.com/elliotsecops/godockermanager

CLI tool designed to simplify the management of Docker containers. It provides a set of commands to list, start, stop, view logs, inspect, and monitor container statistics. // herramienta CLI diseñada para simplificar la gestión de contenedores Docker. Proporciona un conjunto de comandos para listar, iniciar, detener, ver registros, inspeccionar.

cloud cloud-administration cloud-engineering cloud-security devops docker linux

Last synced: 02 Dec 2024