GitHub topics: aws-security

Repositories

owenrumney/lazytrivy

Vulnerability scanning just got lazier

Language: Go - Size: 28.3 MB - Last synced at: 2 days ago - Pushed at: 2 days ago - Stars: 296 - Forks: 8

bridgecrewio/checkov

Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.

Language: Python - Size: 90 MB - Last synced at: 2 days ago - Pushed at: 3 days ago - Stars: 7,855 - Forks: 1,228

Skyscanner/cfripper

Library and CLI tool for analysing CloudFormation templates and check them for security compliance.

Language: Python - Size: 1.21 MB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 410 - Forks: 59

jesuisundodo/aws-security-toolkit

Language: Python - Size: 35.2 KB - Last synced at: 5 days ago - Pushed at: 5 days ago - Stars: 0 - Forks: 0

salesforce/policy_sentry

IAM Least Privilege Policy Generator

Language: Python - Size: 36.5 MB - Last synced at: 5 days ago - Pushed at: 6 days ago - Stars: 2,106 - Forks: 147

uakbr/uakbr

📩 umair@tesla.com.ai

Size: 286 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 1 - Forks: 0

salesforce/cloudsplaining

Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.

Language: JavaScript - Size: 46.1 MB - Last synced at: 6 days ago - Pushed at: 8 days ago - Stars: 2,121 - Forks: 193

4ndersonLin/awesome-cloud-security

🛡️ Awesome Cloud Security Resources ⚔️

Size: 54.7 KB - Last synced at: 7 days ago - Pushed at: 10 months ago - Stars: 2,257 - Forks: 338

aleksandarnenov/aws-security-checklist

Practical AWS Security best practices checklist covering IAM, Data Protection, Logging, Network Security, and Threat Detection.

Size: 1.95 KB - Last synced at: 7 days ago - Pushed at: 8 days ago - Stars: 0 - Forks: 0

epomatti/aws-systems-manager

AWS Systems Manager sandbox

Language: HCL - Size: 251 KB - Last synced at: 8 days ago - Pushed at: 8 days ago - Stars: 1 - Forks: 0

tenable/terrascan

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

Language: Go - Size: 15.3 MB - Last synced at: 5 days ago - Pushed at: about 1 month ago - Stars: 5,136 - Forks: 532

antgroup/CloudRec

CloudRec is an open source multi-cloud security posture management (CSPM) platform designed to help organizations improve the security of their cloud environments.

Language: Java - Size: 38.5 MB - Last synced at: 9 days ago - Pushed at: 9 days ago - Stars: 157 - Forks: 17

mitre/saf-lambda-function

(WIP) An AWS Lambda Function to run the SAF CLI as a function in your AWS VPC

Language: JavaScript - Size: 112 MB - Last synced at: 9 days ago - Pushed at: 10 days ago - Stars: 4 - Forks: 4

jassics/awesome-aws-security

Curated list of links, references, books videos, tutorials (Free or Paid), Exploit, CTFs, Hacking Practices etc. which are related to AWS Security

Size: 330 KB - Last synced at: 8 days ago - Pushed at: 4 months ago - Stars: 1,437 - Forks: 309

mikeroyal/AWS-Guide

Amazon Web Services (AWS) Guide. Learn all about Amazon Web Services Tools, Services, and Certifications.

Language: Java - Size: 1.4 MB - Last synced at: 9 days ago - Pushed at: over 1 year ago - Stars: 521 - Forks: 97

bridgecrewio/AirIAM

Least privilege AWS IAM Terraformer

Language: Python - Size: 6.59 MB - Last synced at: about 19 hours ago - Pushed at: 6 months ago - Stars: 808 - Forks: 83

Funkmyster/awesome-cloud-security

A curated list of awesome cloud security blogs, podcasts, standards, projects, and examples.

Size: 121 KB - Last synced at: 8 days ago - Pushed at: 4 months ago - Stars: 647 - Forks: 123

AWS-CSS-Portfolio/incident-response

Automated Incident Response in AWS using GuardDuty, EventBridge, Lambda, and SNS to detect threats, quarantine compromised EC2 instances, and alert security teams. Built as part of AWS Certified Security – Specialty (CSS) Domain 1 exam preparation.

Size: 3.88 MB - Last synced at: 13 days ago - Pushed at: 13 days ago - Stars: 0 - Forks: 0

go0dass/goat

🚀 Simplify your interaction with the AT protocol using `goat`, a Go-based CLI tool for seamless command execution without complex setup.

Language: Go - Size: 137 KB - Last synced at: 16 days ago - Pushed at: 16 days ago - Stars: 0 - Forks: 0

rudSarkar/port-monitor-aws 📦

This repository is create for implement the cron with the PortMonitor to get public IP's open/filtered port scan result of specific AWS EC2 region on Slack

Language: Python - Size: 2.93 KB - Last synced at: 5 days ago - Pushed at: about 3 years ago - Stars: 2 - Forks: 0

Tasbeeh-Zakaria/policy-as-code

🔒 Enforce security policies across Kubernetes, Azure, and AWS with automated compliance and monitoring in multi-cloud environments.

Language: Shell - Size: 2.75 MB - Last synced at: 17 days ago - Pushed at: 17 days ago - Stars: 0 - Forks: 0

cr0hn/festin

FestIn - Open S3 Bucket Scanner

Language: Python - Size: 5.52 MB - Last synced at: 6 days ago - Pushed at: almost 5 years ago - Stars: 233 - Forks: 34

cado-security/cloudgrep

cloudgrep is grep for cloud storage

Language: Python - Size: 328 KB - Last synced at: 21 days ago - Pushed at: 6 months ago - Stars: 326 - Forks: 17

Cloud-Automation-Portfolio/automation-scripts

Secure automation scripts for tagging, cleanup, compliance and secret rotation in AWS.

Language: HTML - Size: 6.23 MB - Last synced at: 24 days ago - Pushed at: 24 days ago - Stars: 0 - Forks: 0

ReversecLabs/awspx

A graph-based tool for visualizing effective access and resource relationships in AWS environments.

Language: Python - Size: 5.59 MB - Last synced at: 20 days ago - Pushed at: almost 3 years ago - Stars: 969 - Forks: 105

aws-solutions/automations-for-aws-firewall-manager

The Automations For AWS Firewall Manager solution is intended for customers looking to easily manage consistent security posture across their entire AWS Organization. The solution uses AWS Firewall Manager Service.

Language: TypeScript - Size: 3.24 MB - Last synced at: 16 days ago - Pushed at: about 1 month ago - Stars: 32 - Forks: 24

MaheshShukla1/CloudGuardAudit

🔒 AWS Security Audit CLI Tool with Terraform Automation for Cloud Compliance & Infrastructure Hardening

Size: 16.6 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 0 - Forks: 0

DataDog/managed-kubernetes-auditing-toolkit

All-in-one auditing toolkit for identifying common security issues in managed Kubernetes environments. Currently supports Amazon EKS.

Language: Go - Size: 302 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 355 - Forks: 23

AWS-Security-Portfolio/logging-monitoring

Configuring AWS CloudTrail, GuardDuty, AWS Config, CloudWatch and Athena for centralized logging, threat detection, compliance monitoring and log analysis.

Size: 2.06 MB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 0 - Forks: 0

0x7a6b4c/SkyEye

When Your Vision Reaches Beyond IAM Boundary Scope in AWS Cloud

Language: Python - Size: 10.7 MB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 39 - Forks: 3

jassics/security-study-plan

Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...

Size: 6.16 MB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 4,645 - Forks: 585

OWASP/www-project-eks-goat

OWASP EKS Goat is a deliberately vulnerable EKS cluster environment to explore AWS cloud-native security through hands-on attack and defense labs with walkthrough.

Language: Shell - Size: 443 KB - Last synced at: 1 day ago - Pushed at: about 1 month ago - Stars: 29 - Forks: 24

schnoddelbotz/cdn-securitygroup-sync

Automates sync of AWS security groups with your CDN provider's CIDRs

Language: Go - Size: 9.77 KB - Last synced at: about 1 month ago - Pushed at: almost 8 years ago - Stars: 7 - Forks: 5

RhinoSecurityLabs/pacu

The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

Language: Python - Size: 26.1 MB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 4,800 - Forks: 748

eshlomo1/CloudSec

Welcome to the Cloud Security Toolkit repository, your all-in-one destination for cutting-edge cloud security resources! Whether you're diving into offensive strategies, mastering threat hunting, or bolstering your blue-team defenses, this repo has you covered.

Language: PowerShell - Size: 921 KB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 32 - Forks: 9

mhweiner/brek

Brek is a structured, typed config loader for Node.js — ideal for dynamic environments and securely managing secrets like those in AWS Secrets Manager.

Language: TypeScript - Size: 414 KB - Last synced at: 10 days ago - Pushed at: about 2 months ago - Stars: 2 - Forks: 1

mitre/aws-s3-baseline

A micro InSpec baseline to check for insecure or public s3 buckets in your VPC

Language: Ruby - Size: 104 KB - Last synced at: about 1 month ago - Pushed at: 8 months ago - Stars: 15 - Forks: 5

daeisbae/aws-iam-security

How to accidentally hack into AWS through IAM misconfigurations

Size: 15 MB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 0 - Forks: 0

or-chetrit-security/cloud-security-labs

Practical cloud security implementations and hands-on labs for AWS, Azure, and GCP

Size: 31.3 KB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 1 - Forks: 0

epomatti/aws-cloudfront-waf

CloudFront with ELB and S3 origins + WAF

Language: HCL - Size: 1.31 MB - Last synced at: 20 days ago - Pushed at: 11 months ago - Stars: 1 - Forks: 1

Netflix/security_monkey 📦

Security Monkey monitors AWS, GCP, OpenStack, and GitHub orgs for assets and their changes over time.

Language: Python - Size: 13.7 MB - Last synced at: 2 months ago - Pushed at: over 4 years ago - Stars: 4,364 - Forks: 789

DataDog/stratus-red-team

:cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud

Language: Go - Size: 3.8 MB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 2,043 - Forks: 246

jassics/CybercloudLearning

Repo for Cybercloud Tutorials hosted at cybercloud.guru

Language: Shell - Size: 903 KB - Last synced at: 9 days ago - Pushed at: about 1 year ago - Stars: 4 - Forks: 0

aws-samples/aws-security-hub-csv-manager

CSV Manager for AWS Security Hub exports SecurityHub findings to a CSV file and allows you to mass-update SecurityHub findings by modifying that CSV file.

Language: Python - Size: 1.37 MB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 17 - Forks: 6

adanalvarez/TrailDiscover

An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and security implications

Language: Python - Size: 36.1 MB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 161 - Forks: 14

offensive-terraform/offensive-terraform.github.io

Offensive Terraform Website

Language: JavaScript - Size: 10.2 MB - Last synced at: 3 months ago - Pushed at: almost 5 years ago - Stars: 45 - Forks: 3

aws-samples/aws-security-reference-architecture-examples

Example solutions demonstrating how to implement patterns within the AWS Security Reference Architecture guide using CloudFormation (including Customizations for AWS Control Tower) and Terraform.

Language: Python - Size: 25.2 MB - Last synced at: 3 months ago - Pushed at: 5 months ago - Stars: 1,053 - Forks: 271

matanolabs/matano

Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS

Language: Rust - Size: 11 MB - Last synced at: 3 months ago - Pushed at: 8 months ago - Stars: 1,559 - Forks: 111

CyberRoute/AWS-Security-Posture

A comprehensive collection of Lambda functions for strengthening AWS account security through automated detection, notification, and remediation.

Language: TypeScript - Size: 5.57 MB - Last synced at: 2 months ago - Pushed at: 4 months ago - Stars: 6 - Forks: 0

paulveillard/cybersecurity-aws-tools

An ongoing collection of of AWS tools, frameworks, libraries, learning tutorials for InfoSec and security professionals

Size: 143 KB - Last synced at: 2 months ago - Pushed at: over 3 years ago - Stars: 23 - Forks: 3

paulveillard/cybersecurity-cryptography

A collection of awesome software, libraries, documents, books, resources and cool stuff about cryptography in Cybersecurity.

Language: Python - Size: 28.3 MB - Last synced at: 4 months ago - Pushed at: 4 months ago - Stars: 21 - Forks: 2

bridgecrewio/cfngoat

Cfngoat is Bridgecrew's "Vulnerable by Design" Cloudformation repository. Cfngoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.

Size: 81.1 KB - Last synced at: 3 months ago - Pushed at: about 1 year ago - Stars: 94 - Forks: 629

dowjones/hammer

Dow Jones Hammer : Protect the cloud with the power of the cloud(AWS)

Language: Python - Size: 4.14 MB - Last synced at: 3 months ago - Pushed at: about 2 years ago - Stars: 440 - Forks: 60

SecurityFTW/cs-suite

Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.

Language: Shell - Size: 3.25 MB - Last synced at: 4 months ago - Pushed at: over 2 years ago - Stars: 1,161 - Forks: 216

bridgecrewio/terragoat

TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.

Language: HCL - Size: 741 KB - Last synced at: 4 months ago - Pushed at: 5 months ago - Stars: 1,199 - Forks: 5,418

HXSecurity/TerraformGoat

TerraformGoat is HXSecurity research lab's "Vulnerable by Design" multi cloud deployment tool.

Language: HCL - Size: 65.9 MB - Last synced at: 3 months ago - Pushed at: almost 3 years ago - Stars: 588 - Forks: 91

jassics/cybersecurity-roadmap

Skills and career roadmap for various security roles like application security, cloud security, DevSecOps, security engineer, security researchers, pentesting, api security, network security, mobile security and so on with helpful resources, guidelines

Size: 194 KB - Last synced at: 4 months ago - Pushed at: 4 months ago - Stars: 339 - Forks: 51

AdityaBhatt3010/AWS-in-the-Line-of-Fire-Offensive-Security-Insights-used-by-Hackers

AWS breaches don’t start with zero-days — they start with misconfigurations.

Size: 11.7 KB - Last synced at: 4 months ago - Pushed at: 4 months ago - Stars: 1 - Forks: 0

defensive-works/aws-service-control-policies-automation

Deploy AWS Service Control Policies using CDK Pipelines and GitOps

Language: Python - Size: 85.9 KB - Last synced at: about 1 month ago - Pushed at: over 2 years ago - Stars: 8 - Forks: 2

tonnyeth/gandiva-xspm

Multi-cloud xSPM platform to scan, visualize, and remediate security risks across cloud, containers, and Kubernetes environments.

Language: TypeScript - Size: 8.48 MB - Last synced at: 5 months ago - Pushed at: 5 months ago - Stars: 0 - Forks: 0

goldfiglabs/rpCheckup

rpCheckup is an AWS resource policy security checkup tool that identifies public, external account access, intra-org account access, and private resources.

Language: Go - Size: 140 KB - Last synced at: 4 months ago - Pushed at: over 4 years ago - Stars: 161 - Forks: 12

goldfiglabs/introspector

A schema and set of tools for using SQL to query cloud infrastructure.

Language: Python - Size: 16.3 MB - Last synced at: 4 months ago - Pushed at: almost 4 years ago - Stars: 67 - Forks: 5

epomatti/aws-nat-instance

Custom NAT instance architecture

Language: HCL - Size: 129 KB - Last synced at: 5 months ago - Pushed at: 5 months ago - Stars: 0 - Forks: 0

jonrau1/SyntheticSun

SyntheticSun is a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, managed AWS security services and, serverless technologies to continuously prevent, detect and respond to threats.

Language: Python - Size: 58 MB - Last synced at: about 2 months ago - Pushed at: about 4 years ago - Stars: 78 - Forks: 16

sendgrid/krampus

The original AWS security enforcer™

Language: Python - Size: 3.12 MB - Last synced at: 1 day ago - Pushed at: over 6 years ago - Stars: 61 - Forks: 10

tmobile/pacbot

PacBot (Policy as Code Bot)

Language: Java - Size: 26.1 MB - Last synced at: 4 months ago - Pushed at: over 2 years ago - Stars: 1,297 - Forks: 281

mlevit/aws-auto-remediate 📦

Open source application to instantly remediate common security issues through the use of AWS Config

Language: Python - Size: 260 KB - Last synced at: 5 months ago - Pushed at: about 5 years ago - Stars: 220 - Forks: 29

jtyers/aws-iam-utils

Python library for examining, creating and optimising IAM policies

Language: Python - Size: 64.5 KB - Last synced at: 20 days ago - Pushed at: about 3 years ago - Stars: 22 - Forks: 3

Exido-Rio/Cloud-Serverless-Auth

A project uses aws services to create the serverless authentication application using aws cloudFormationas development and deployment tool

Language: Go - Size: 17.6 KB - Last synced at: 5 months ago - Pushed at: 5 months ago - Stars: 0 - Forks: 0

aws-ia/terraform-aws-guardduty

Configure and deploy AWS GuardDuty.

Language: HCL - Size: 839 KB - Last synced at: 5 months ago - Pushed at: about 1 year ago - Stars: 9 - Forks: 15

bridgecrewio/cdkgoat

CdkGoat is Bridgecrew's "Vulnerable by Design" AWS CDK repository. CdkGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.

Language: Python - Size: 29.3 KB - Last synced at: 3 months ago - Pushed at: over 2 years ago - Stars: 46 - Forks: 46

lightspin-tech/lightspin-2022-top-7-attack-paths

Based on Lightspin proprietary data, research, and our tracking of cloud security trends in the market, our research team has compiled a list of the 2022 Top 7 Cloud Attack Paths across AWS, Azure, GCP, and Kubernetes as seen on the Lightspin Cloud Native Application Protection Platform.

Size: 138 KB - Last synced at: 4 months ago - Pushed at: about 3 years ago - Stars: 40 - Forks: 1