Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

Projects in Awesome Lists tagged with cloudsecurity

A curated list of projects in awesome lists tagged with cloudsecurity .

https://github.com/casbin/casbin

An authorization library that supports access control models like ACL, RBAC, ABAC in Golang: https://discord.gg/S5UjpzGZjN

abac access-control acl auth authentication authn authorization authz cas casbin casdoor cloudos cloudsecurity iam oauth oidc permission rbac saml sso

Last synced: 16 Apr 2025

https://github.com/hsluoyz/casbin

An authorization library that supports access control models like ACL, RBAC, ABAC in Golang: https://discord.gg/S5UjpzGZjN

abac access-control acl auth authentication authn authorization authz cas casbin casdoor cloudos cloudsecurity iam oauth oidc permission rbac saml sso

Last synced: 26 Mar 2025

https://github.com/tenable/terrascan

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

architecture aws aws-security azure-security cloud-security cloudsecurity devops devsecops gcp-security iac infrastructure infrastructure-as-code kubernetes sast scans security security-tools security-violations terraform terrascan

Last synced: 19 Apr 2025

https://github.com/accurics/terrascan

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

architecture aws aws-security azure-security cloud-security cloudsecurity devops devsecops gcp-security iac infrastructure infrastructure-as-code kubernetes sast scans security security-tools security-violations terraform terrascan

Last synced: 22 Nov 2024

https://github.com/madhuakula/kubernetes-goat

Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀

blueteam cloud-native cloud-security cloudsecurity container container-security devsecops docker hacking infrastructure k8s kubernetes kubernetes-goat kubernetes-security owasp pentesting redteam security vulnerable-app

Last synced: 09 Apr 2025

https://github.com/ahmedtariq01/cloud-devops-learning-resources

This repo includes Books and imp notes related to GCP, Azure, AWS, Docker, K8s, and DevOps. More, exam and interview prep notes.

ansible aws azure azure-devops cicd cloudcomputing cloudnative cloudsecurity containers devops devops-tools devsecops docker gcp jenkins kubernetes linux multicloud notes terraform

Last synced: 08 Apr 2025

https://github.com/nccgroup/pmapper

A tool for quickly evaluating IAM permissions in AWS.

aws botocore cloudsecurity iam python

Last synced: 11 Apr 2025

https://github.com/nccgroup/PMapper

A tool for quickly evaluating IAM permissions in AWS.

aws botocore cloudsecurity iam python

Last synced: 01 Apr 2025

https://github.com/ahmedtariq01/Cloud-DevOps-Learning-Resources

This repo includes Books and imp notes related to GCP, Azure, AWS, Docker, K8s, and DevOps. More, exam and interview prep notes.

ansible aws azure azure-devops cicd cloudcomputing cloudnative cloudsecurity containers devops devops-tools devsecops docker gcp jenkins kubernetes linux multicloud notes terraform

Last synced: 16 Apr 2025

https://github.com/teamssix/twiki

T Wiki 云安全知识文库,可能是国内首个云安全知识文库?

blog cloud cloudnative cloudsecurity security wiki

Last synced: 12 Mar 2025

https://github.com/projectdiscovery/cloudlist

Cloudlist is a tool for listing Assets from multiple Cloud Providers.

asset-management cli cloudsecurity devops hacktoberfest security

Last synced: 13 Apr 2025

https://github.com/teamssix/TWiki

T Wiki 云安全知识文库,可能是国内首个云安全知识文库?

blog cloud cloudnative cloudsecurity security wiki

Last synced: 17 Nov 2024

https://github.com/bridgecrewio/yor

Extensible auto-tagger for your IaC files. The ultimate way to link entities in the cloud back to the codified resource which created it.

cloud cloudformation cloudsecurity devops hacktoberfest iac infrastructure-as-code serverless tagging terraform

Last synced: 13 Apr 2025

https://github.com/wgpsec/lc

LC(List Cloud)是一个多云攻击面资产梳理工具

cloud cloudsecurity cybersecurity

Last synced: 07 Apr 2025

https://github.com/esonhugh/attack_code

文章 Attack Code 的详细全文。安全和开发总是具有伴生属性,尤其是云的安全方向,本篇文章是希望能帮助到读者的云安全入门材料。Full text of the article Attack Code. Security and development always have concomitant attributes, and this is especially true with the security direction of the cloud. This article is an introduction to cloud security that I hope will help readers.

article cloud cloud-security cloudsecurity introduction security

Last synced: 05 Apr 2025

https://github.com/Esonhugh/Attack_Code

文章 Attack Code 的详细全文。安全和开发总是具有伴生属性,尤其是云的安全方向,本篇文章是希望能帮助到读者的云安全入门材料。Full text of the article Attack Code. Security and development always have concomitant attributes, and this is especially true with the security direction of the cloud. This article is an introduction to cloud security that I hope will help readers.

article cloud cloud-security cloudsecurity introduction security

Last synced: 17 Nov 2024

https://github.com/HXSecurity/TerraformGoat

TerraformGoat is HXSecurity research lab's "Vulnerable by Design" multi cloud deployment tool.

aws-security azure-security cloud-security cloudsecurity gcp gcp-security kubernetes-security security terraform

Last synced: 17 Nov 2024

https://github.com/hxsecurity/terraformgoat

TerraformGoat is HXSecurity research lab's "Vulnerable by Design" multi cloud deployment tool.

aws-security azure-security cloud-security cloudsecurity gcp gcp-security kubernetes-security security terraform

Last synced: 05 Apr 2025

https://github.com/wgpsec/cloudsword

一款帮助云租户发现和测试云上风险、增强云上防护能力的综合性开源工具

alibaba-cloud cloudsecurity cybersecurity mcp mcp-server public-cloud tencent-cloud

Last synced: 09 Apr 2025

https://github.com/dowjones/hammer

Dow Jones Hammer : Protect the cloud with the power of the cloud(AWS)

aws aws-security cloudsecurity devsecops

Last synced: 05 Apr 2025

https://github.com/TROUBLE-1/Vajra

Vajra is a UI-based tool with multiple techniques for attacking and enumerating in the target's Azure and AWS environment. It features an intuitive web-based user interface built with the Python Flask module for a better user experience. The primary focus of this tool is to have different attacking techniques all at one place with web UI interfaces.

aws azure azuread cloudsecurity gcp python3 redteam-tools toolkit

Last synced: 17 Nov 2024

https://github.com/openraven/magpie

A Cloud Security Posture Manager or CSPM with a focus on security analysis for the modern cloud stack and a focus on the emerging threat landscape such as cloud ransomware and supply chain attacks.

aws cloud cloudsecurity cspm gcp security security-audit security-scanner security-testing security-tools security-vulnerability

Last synced: 21 Nov 2024

https://github.com/goldfiglabs/rpCheckup

rpCheckup is an AWS resource policy security checkup tool that identifies public, external account access, intra-org account access, and private resources.

aws aws-security cloudsecurity cspm ec2 infosec resourcepolicy s3

Last synced: 16 Nov 2024

https://github.com/riskprofiler/CloudFrontier

Monitor the internet attack surface of various public cloud environments. Currently supports AWS, GCP, Azure, DigitalOcean and Oracle Cloud.

api-gateway aws aws-security azure azure-security cloud-security cloudsecurity cyber-security cybersecurity digitalocean dynamodb gcp gcp-security lambda-functions oracle serverless serverless-framework shadow-risk shadowrisk

Last synced: 19 Nov 2024

https://github.com/bridgecrewio/cfngoat

Cfngoat is Bridgecrew's "Vulnerable by Design" Cloudformation repository. Cfngoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.

aws-security cloudformation cloudsecurity devsecops

Last synced: 01 Apr 2025

https://github.com/aquasecurity/cfsec

Static analysis for CloudFormation templates to identify common misconfiguration

aws aws-cloudformation aws-sam aws-sam-cli cloudformation cloudsecurity go golang hacktoberfest static-analysis

Last synced: 01 Apr 2025

https://github.com/doyensec/cloudsec-tidbits

Blogpost series showcasing interesting cloud - web app security bugs

aws cloudsecurity terraform

Last synced: 11 Nov 2024

https://github.com/lightspin-tech/lightspin-2022-top-7-attack-paths

Based on Lightspin proprietary data, research, and our tracking of cloud security trends in the market, our research team has compiled a list of the 2022 Top 7 Cloud Attack Paths across AWS, Azure, GCP, and Kubernetes as seen on the Lightspin Cloud Native Application Protection Platform.

attack-paths attack-surface aws-security awssecurity azure-security azuresecurity cloud-security cloudsecurity gcp-security mitre-attack ttps

Last synced: 17 Nov 2024

https://github.com/salesforce/terraform-provider-policyguru

Terraform provider for Policy Sentry (IAM least privilege generator and auditor)

aws aws-security cloud cloudsecurity hacktoberfest iam salesforce security

Last synced: 15 Apr 2025

https://github.com/txuswashere/pentesting

CyberSec Resources: FRAMEWORKS & STANDARDS; Pentesting Audits & Hacking; PURPLE TEAMING, AD, API, web, clouds, CTF, OSINT, Pentest tools, Network Security, Privilege escalation, Exploiting, Reversing, Secure Code, Bug Bounty, ...

active-directory audit auditing bugbounty cloudsecurity cyber-security cybersecurity exploiting hacking networksecurity osint pentesting pentesting-tools privilegeescalation purple-team purpleteam resources reversing webpentest webpentesting

Last synced: 25 Mar 2025

https://github.com/jeremylaratro/cloud_pentesting_overview

Cloud Pentesting Resource Collection

aws cloud cloudsecurity pentesting security

Last synced: 09 Apr 2025

https://github.com/cloudina/hawk

Multi Cloud Antivirus Scanning API using YARA and CLAMAV for AWS S3, Azure Blob Storage and GCP Cloud Storage

antivirus api-rest aws azure azure-blob-storage clamav-antivirus clamav-scanning cloud cloudsecurity gcp gcp-cloud-storage infosec rest-api s3scanner security security-tools virus-scanner virus-scanning yara yara-scanner

Last synced: 13 Nov 2024

https://github.com/tigera-solutions/prevent-detect-and-mitigate-container-based-threats

[Free Training Workshop] Learn how to prevent, detect and mitigate container based threats using Calico Cloud

aks calico cloudnative cloudsecurity cnapp containersecurity ebpf eks kubernetes zerotrust

Last synced: 06 Apr 2025

https://github.com/googlecloudplatform/scoutsuite-gcp-scan

Terraform to run Scoutsuite security scan of projects within a Google Cloud Org. Report will be published to a GCS bucket.

cloud-posture-security cloudsecurity gcp gcp-security google-cloud google-cloud-platform scoutsuite terraform

Last synced: 05 Feb 2025

https://github.com/eshlomo1/cloudsec

Welcome to the Cloud Security Toolkit repository, your all-in-one destination for cutting-edge cloud security resources! Whether you're diving into offensive strategies, mastering threat hunting, or bolstering your blue-team defenses, this repo has you covered.

aws-security azure azure-security cfir cloud-security cloudsecurity dfir gcp-security incident-response kql microsoft microsoft-sentinel microsoftsentinel siem soc threat-hunting threat-intelligence

Last synced: 13 Nov 2024

https://github.com/videoexpertsgroup/vxg.webplayer.sdk

Use cloud cameras to connect all your existing and new IP cameras in one cloud video surveillance system. Watch live and recorded video from anywhere, receive alerts for events and analyze video with AI.

ai androiddeveloper camera cctv cloud cloudsecurity cloudvideo developer developer-tools dvr ios-app ipcamera nvr security-tools systems-engineering video-player videoanalysis videoserver videosurveillance

Last synced: 11 Nov 2024

https://github.com/teamssix/teamssix_com

TeamsSix 的个人博客

blog cloudnative cloudsecurity cybersecurity

Last synced: 18 Nov 2024

https://github.com/deeplint/deeplint

DeepLint is a Security-as-Code framework for securing and optimizing cloud environments.

cloud cloud-computing cloudsecurity security-as-code security-tools

Last synced: 09 Apr 2025

https://github.com/upgundecha/applied-security

A curated collection of publicly available resources on how technology and tech-savvy organizations around the world practice Cybersecurity

appsec cloudsecurity cybersecurity devsecops infosec security security-tools

Last synced: 14 Apr 2025

https://github.com/benjitrapp/ip-to-cloudprovider

Scrape the IP ranges of cloudproviders and check if a IP belongs to a particular CloudProvider. This can also help to speed up your CSIRT activities

aws azure bluete cloudflare cloudprovider cloudsecurity ip-lookup ipra osint-tool

Last synced: 17 Dec 2024

https://github.com/paulveillard/cybersecurity-cloud-security

An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guidelines and important resources about Cloud Security in Cybersecurity.

aws aws-cloud azure cloud cloud-computing cloud-security-audit cloud-security-posture-management-platform cloud-security-tools cloud-services cloudsecurity cybersecurity gcp google-cloud google-cloud-platform oracle well-architected

Last synced: 16 Apr 2025

https://github.com/davidmoremad/dome9

Python wrapper for the Dome9 API

ci cicd cloudguard cloudguard-dome9 cloudsecurity cspm dome9 python

Last synced: 12 Apr 2025

https://github.com/nonfx/starchitect-cloudguard

An open-source repository for writing and managing cloud infrastructure tests across various formats like Terraform, Pulumi, Bicep, and CloudFormation. Powered by AI-driven test-writing agents and meticulously human-reviewed for quality assurance.

ai aws aws-benchmark cis-benchmark cloud cloudformation cloudsecurity compliance cybersecurity devops iac infrastructure-as-code terraform

Last synced: 23 Nov 2024

https://github.com/securesloth/nocap

Lightweight security tool for auditing your organization's Conditional Access Policies (CAPs) in Microsoft Entra ID for potential misconfigurations.

azure cloudsecurity cybersecurity

Last synced: 04 Mar 2025

https://github.com/awsdataarchitect/eice-redshift-cdk

CDK code to demo connectivity to Redshift Cluster inside VPC using EC2 Instance Connect Endpoint

aws cdk cloudsecurity ec2-instance-connect-endpoint redshift

Last synced: 12 Mar 2025

https://github.com/jaydhulia/iam-policy-generator

A simple web app that can be used to generate IAM policies for AWS.

aws cloudsecurity iam

Last synced: 08 Apr 2025

https://github.com/vps/SecurityGuardianAI

☁ Proactive cloud security analysis in real-time. 24/7 autopilot for your cloud, hands free and powered by LLMs.

cloud cloud-architecture cloud-audit cloud-compliance cloudsecurity

Last synced: 06 Jan 2025

https://github.com/eccentrix-ca/20-useful-ways-to-use-copilot-in-your-day-to-day-productivity

ChatGPT This guide clarifies Microsoft 365 Groups, covering their definition, uses, differences from legacy groups, and integration with other Microsoft 365 services.

cloudsecurity identityandaccess microsoft365 microsoftsecuritygroups

Last synced: 19 Feb 2025

https://github.com/rajshekaryasani/cloudaudit

An open-source tool for auditing cloud platforms like AWS, Azure, and GCP.

aws azure cloudsecurity gcp

Last synced: 29 Mar 2025

https://github.com/eccentrix-ca/understanding-the-difference-between-vpn-and-vnet-peering-in-azure

In this article, we explore the differences between VPN and VNet Peering in Azure, two key technologies for network connectivity.

azurenetworks azurevpn cloudsecurity networksecurity

Last synced: 19 Feb 2025

https://github.com/pmvita/aws-cspm

Terraform configuration for setting up AWS Cloud Security Management (CSPM) with AWS Lambda, CloudWatch, GuardDuty, and SecurityHub to monitor and remediate security threats on AWS.

aws cloudsecurity cloudwatch cspm guardduty lambda securityhub terraform

Last synced: 11 Mar 2025

https://github.com/eccentrix-ca/azure-private-endpoints

In this article, we explore Azure Private Endpoint, a feature designed to ensure secure and private connectivity to Azure services.

azurenetworking azuresecurity cloudcomputing cloudsecurity

Last synced: 19 Feb 2025