Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

https://github.com/lightspin-tech/lightspin-2022-top-7-attack-paths

Based on Lightspin proprietary data, research, and our tracking of cloud security trends in the market, our research team has compiled a list of the 2022 Top 7 Cloud Attack Paths across AWS, Azure, GCP, and Kubernetes as seen on the Lightspin Cloud Native Application Protection Platform.

attack-paths attack-surface aws-security awssecurity azure-security azuresecurity cloud-security cloudsecurity gcp-security mitre-attack ttps

Last synced: 27 Jun 2024

https://github.com/teamssix/TWiki

T Wiki 云安全知识文库,可能是国内首个云安全知识文库?

blog cloud cloudnative cloudsecurity security wiki

Last synced: 25 Jun 2024

https://github.com/Esonhugh/Attack_Code

文章 Attack Code 的详细全文。安全和开发总是具有伴生属性,尤其是云的安全方向,本篇文章是希望能帮助到读者的云安全入门材料。Full text of the article Attack Code. Security and development always have concomitant attributes, and this is especially true with the security direction of the cloud. This article is an introduction to cloud security that I hope will help readers.

article cloud cloud-security cloudsecurity introduction security

Last synced: 25 Jun 2024

https://github.com/doyensec/cloudsec-tidbits

Blogpost series showcasing interesting cloud - web app security bugs

aws cloudsecurity terraform

Last synced: 15 Jun 2024

https://github.com/ahmedtariq01/Cloud-DevOps-Learning-Resources

This repo includes Books and imp notes related to GCP, Azure, AWS, Docker, K8s, and DevOps. More, exam and interview prep notes.

ansible aws azure azure-devops cicd cloudcomputing cloudnative cloudsecurity containers devops devops-tools devsecops docker gcp jenkins kubernetes linux multicloud notes terraform

Last synced: 11 Jun 2024

https://github.com/aquasecurity/cfsec

Static analysis for CloudFormation templates to identify common misconfiguration

aws aws-cloudformation aws-sam aws-sam-cli cloudformation cloudsecurity go golang hacktoberfest static-analysis

Last synced: 06 Jun 2024

https://github.com/riskprofiler/CloudFrontier

Monitor the internet attack surface of various public cloud environments. Currently supports AWS, GCP, Azure, DigitalOcean and Oracle Cloud.

api-gateway aws aws-security azure azure-security cloud-security cloudsecurity cyber-security cybersecurity digitalocean dynamodb gcp gcp-security lambda-functions oracle serverless serverless-framework shadow-risk shadowrisk

Last synced: 28 May 2024

https://github.com/goldfiglabs/rpCheckup

rpCheckup is an AWS resource policy security checkup tool that identifies public, external account access, intra-org account access, and private resources.

aws aws-security cloudsecurity cspm ec2 infosec resourcepolicy s3

Last synced: 27 May 2024

https://github.com/madhuakula/kubernetes-goat

Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀

blueteam cloud-native cloud-security cloudsecurity container container-security devsecops docker hacking infrastructure k8s kubernetes kubernetes-goat kubernetes-security owasp pentesting redteam security vulnerable-app

Last synced: 27 May 2024

https://github.com/dowjones/hammer

Dow Jones Hammer : Protect the cloud with the power of the cloud(AWS)

aws aws-security cloudsecurity devsecops

Last synced: 26 May 2024

https://github.com/projectdiscovery/cloudlist

Cloudlist is a tool for listing Assets from multiple Cloud Providers.

asset-management cli cloudsecurity devops hacktoberfest security

Last synced: 26 May 2024

https://github.com/tenable/terrascan

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

architecture aws aws-security azure-security cloud-security cloudsecurity devops devsecops gcp-security iac infrastructure infrastructure-as-code kubernetes sast scans security security-tools security-violations terraform terrascan

Last synced: 13 May 2024

https://github.com/openraven/magpie

A Cloud Security Posture Manager or CSPM with a focus on security analysis for the modern cloud stack and a focus on the emerging threat landscape such as cloud ransomware and supply chain attacks.

aws cloud cloudsecurity cspm gcp security security-audit security-scanner security-testing security-tools security-vulnerability

Last synced: 12 May 2024

https://github.com/teamssix/awesome-cloud-security

awesome cloud security 收集一些国内外不错的云安全资源,该项目主要面向国内的安全人员

awesome awesome-cloud-security cloud-native cloud-security cloudnative cloudsecurity cybersecurity docker kubernetes tools

Last synced: 08 May 2024

https://github.com/salesforce/terraform-provider-policyguru

Terraform provider for Policy Sentry (IAM least privilege generator and auditor)

aws aws-security cloud cloudsecurity hacktoberfest iam salesforce security

Last synced: 07 May 2024

https://github.com/nccgroup/PMapper

A tool for quickly evaluating IAM permissions in AWS.

aws botocore cloudsecurity iam python

Last synced: 07 May 2024

https://github.com/mariocandela/beelzebub

A secure low code honeypot framework, leveraging AI for System Virtualization.

cloudnative cloudsecurity cybersecurity framework go golang honeypot kubernetes low-code openai research research-project security whitehat

Last synced: 29 Apr 2024

https://github.com/bridgecrewio/cfngoat

Cfngoat is Bridgecrew's "Vulnerable by Design" Cloudformation repository. Cfngoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.

aws-security cloudformation cloudsecurity devsecops

Last synced: 15 Apr 2024

https://github.com/bridgecrewio/yor

Extensible auto-tagger for your IaC files. The ultimate way to link entities in the cloud back to the codified resource which created it.

cloud cloudformation cloudsecurity devops hacktoberfest iac infrastructure-as-code serverless tagging terraform

Last synced: 11 Apr 2024

https://github.com/cloudina/hawk

Multi Cloud Antivirus Scanning API using YARA and CLAMAV for AWS S3, Azure Blob Storage and GCP Cloud Storage

antivirus api-rest aws azure azure-blob-storage clamav-antivirus clamav-scanning cloud cloudsecurity gcp gcp-cloud-storage infosec rest-api s3scanner security security-tools virus-scanner virus-scanning yara yara-scanner

Last synced: 09 Apr 2024

https://github.com/coffeewithayman/awesome-aws-security

A carefully curated list of open source projects aimed at improving your AWS security posture!

awesome awesome-list aws cloud-security cloudsecurity security

Last synced: 06 Apr 2024

https://github.com/HXSecurity/TerraformGoat

TerraformGoat is HXSecurity research lab's "Vulnerable by Design" multi cloud deployment tool.

aws-security azure-security cloud-security cloudsecurity gcp gcp-security kubernetes-security security terraform

Last synced: 26 Mar 2024

https://github.com/TROUBLE-1/Vajra

Vajra is a UI-based tool with multiple techniques for attacking and enumerating in the target's Azure and AWS environment. It features an intuitive web-based user interface built with the Python Flask module for a better user experience. The primary focus of this tool is to have different attacking techniques all at one place with web UI interfaces.

aws azure azuread cloudsecurity gcp python3 redteam-tools toolkit

Last synced: 26 Mar 2024