cloud-security | Topic | Ecosyste.ms: Repos

Topic: "cloud-security"

wazuh/wazuh

Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

Language: C - Size: 457 MB - Last synced at: 9 days ago - Pushed at: 10 days ago - Stars: 14,286 - Forks: 2,089

madhuakula/kubernetes-goat

Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀

Language: HTML - Size: 124 MB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 5,288 - Forks: 926

tenable/terrascan

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

Language: Go - Size: 15.3 MB - Last synced at: about 2 months ago - Pushed at: 5 months ago - Stars: 5,184 - Forks: 538

Hack-with-Github/Free-Security-eBooks 📦

Free Security and Hacking eBooks

Size: 51.8 KB - Last synced at: 9 months ago - Pushed at: over 6 years ago - Stars: 4,464 - Forks: 1,057

Netflix/consoleme

A Central Control Plane for AWS Permissions and Access

Language: Python - Size: 33.2 MB - Last synced at: 21 days ago - Pushed at: over 1 year ago - Stars: 3,199 - Forks: 276

Hacking-the-Cloud/hackingthe.cloud

An encyclopedia for offensive and defensive security knowledge in cloud native technologies.

Language: Dockerfile - Size: 106 MB - Last synced at: 9 days ago - Pushed at: 12 days ago - Stars: 2,439 - Forks: 424

4ndersonLin/awesome-cloud-security

🛡️ Awesome Cloud Security Resources ⚔️

Size: 54.7 KB - Last synced at: 21 days ago - Pushed at: about 1 year ago - Stars: 2,315 - Forks: 341

BishopFox/cloudfox

Automating situational awareness for cloud penetration tests.

Language: Go - Size: 2.92 MB - Last synced at: 10 days ago - Pushed at: 13 days ago - Stars: 2,258 - Forks: 214

DataDog/stratus-red-team

:cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud

Language: Go - Size: 4.06 MB - Last synced at: 19 days ago - Pushed at: 20 days ago - Stars: 2,211 - Forks: 277

salesforce/cloudsplaining

Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.

Language: JavaScript - Size: 43.9 MB - Last synced at: 9 days ago - Pushed at: 11 days ago - Stars: 2,165 - Forks: 210

teamssix/awesome-cloud-security

awesome cloud security 收集一些国内外不错的云安全资源，该项目主要面向国内的安全人员

Size: 11.5 MB - Last synced at: 4 days ago - Pushed at: about 1 year ago - Stars: 2,034 - Forks: 230

chaitin/veinmind-tools

veinmind-tools 是由长亭科技自研，基于 veinmind-sdk 打造的容器安全工具集

Language: Go - Size: 20.1 MB - Last synced at: 2 months ago - Pushed at: almost 2 years ago - Stars: 1,630 - Forks: 189

fwdcloudsec/granted

The easiest way to access AWS.

Language: Go - Size: 2.19 MB - Last synced at: 4 days ago - Pushed at: about 1 month ago - Stars: 1,582 - Forks: 133

matanolabs/matano

Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS

Language: Rust - Size: 11 MB - Last synced at: 7 months ago - Pushed at: 12 months ago - Stars: 1,559 - Forks: 111

jassics/awesome-aws-security

Curated list of links, references, books videos, tutorials (Free or Paid), Exploit, CTFs, Hacking Practices etc. which are related to AWS Security

Size: 330 KB - Last synced at: 5 days ago - Pushed at: 8 months ago - Stars: 1,474 - Forks: 315

tmobile/pacbot

PacBot (Policy as Code Bot)

Language: Java - Size: 26.1 MB - Last synced at: 7 months ago - Pushed at: about 3 years ago - Stars: 1,297 - Forks: 281

TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.

Language: HCL - Size: 741 KB - Last synced at: 7 months ago - Pushed at: 9 months ago - Stars: 1,199 - Forks: 5,418

SecurityFTW/cs-suite

Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.

Language: Shell - Size: 3.25 MB - Last synced at: 7 months ago - Pushed at: about 3 years ago - Stars: 1,161 - Forks: 216

paralus/paralus

All-in-one Kubernetes access manager. User-level credentials, RBAC, SSO, audit logs.

Language: Go - Size: 18.9 MB - Last synced at: 4 months ago - Pushed at: 4 months ago - Stars: 1,139 - Forks: 72

edgelesssys/constellation

Constellation is the first Confidential Kubernetes. Constellation shields entire Kubernetes clusters from the (cloud) infrastructure using confidential computing.

Language: Go - Size: 49 MB - Last synced at: 7 days ago - Pushed at: 8 days ago - Stars: 1,102 - Forks: 62

jonrau1/ElectricEye

ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring supporting 100s of services and evaluations to harden your CSP & SaaS environments with controls mapped to over 20 industry, regulatory, and best practice controls frameworks

Language: Python - Size: 95.9 MB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 1,024 - Forks: 136

Zeyad-Azima/Offensive-Resources

A Huge Learning Resources with Labs For Offensive Security Players

Size: 20.6 MB - Last synced at: 6 months ago - Pushed at: over 3 years ago - Stars: 973 - Forks: 218

cyberark/SkyArk

SkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS

Language: PowerShell - Size: 669 KB - Last synced at: 7 months ago - Pushed at: about 1 year ago - Stars: 892 - Forks: 163

stackql/stackql

Query, provision and operate Cloud and SaaS resources and APIs using an extensible SQL based framework

Language: Go - Size: 55 MB - Last synced at: 8 days ago - Pushed at: 9 days ago - Stars: 827 - Forks: 76

0xsha/CloudBrute

Awesome cloud enumerator

Language: Go - Size: 286 KB - Last synced at: over 1 year ago - Pushed at: almost 2 years ago - Stars: 780 - Forks: 124

aquasecurity/cloud-security-remediation-guides

Security Remediation Guides

Size: 324 MB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 744 - Forks: 181

Funkmyster/awesome-cloud-security

A curated list of awesome cloud security blogs, podcasts, standards, projects, and examples.

Size: 121 KB - Last synced at: 5 days ago - Pushed at: 8 months ago - Stars: 649 - Forks: 124

HXSecurity/TerraformGoat

TerraformGoat is HXSecurity research lab's "Vulnerable by Design" multi cloud deployment tool.

Language: HCL - Size: 65.9 MB - Last synced at: 28 days ago - Pushed at: about 3 years ago - Stars: 619 - Forks: 94

opengovern/opensecurity

opensecurity: open-source security and compliance. See and secure your cloud, containers, code, networks, deployments, devices. Define your rules, get precise checks, fix gaps fast. Streamlined audits. No fluff.

Language: TypeScript - Size: 127 MB - Last synced at: 7 months ago - Pushed at: 7 months ago - Stars: 609 - Forks: 10

Esonhugh/Attack_Code

文章 Attack Code 的详细全文。安全和开发总是具有伴生属性，尤其是云的安全方向，本篇文章是希望能帮助到读者的云安全入门材料。Full text of the article Attack Code. Security and development always have concomitant attributes, and this is especially true with the security direction of the cloud. This article is an introduction to cloud security that I hope will help readers.

Language: Shell - Size: 144 KB - Last synced at: 3 months ago - Pushed at: almost 2 years ago - Stars: 555 - Forks: 39

vectra-ai-research/MAAD-AF

MAAD Attack Framework - An attack tool for simple, fast & effective security testing of M365 & Entra ID (Azure AD).

Language: PowerShell - Size: 518 KB - Last synced at: 9 months ago - Pushed at: over 1 year ago - Stars: 394 - Forks: 56

jassics/security-interview-questions

Security interview questions with possible explanation for roles in AppSec, Pentesting, Cloud Security, DevSecOps, Network Security and so on

Size: 2.9 MB - Last synced at: 2 months ago - Pushed at: about 1 year ago - Stars: 385 - Forks: 74

Aabyss-Team/awsKeyTools

AWS云平台 AccessKey 泄漏利用工具

Language: Python - Size: 99.6 KB - Last synced at: 8 months ago - Pushed at: over 2 years ago - Stars: 383 - Forks: 46

jassics/cybersecurity-roadmap

Skills and career roadmap for various security roles like application security, cloud security, DevSecOps, security engineer, security researchers, pentesting, api security, network security, mobile security and so on with helpful resources, guidelines

Size: 203 KB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 365 - Forks: 54

BishopFox/smogcloud

Find cloud assets that no one wants exposed 🔎 ☁️

Language: Go - Size: 25.4 KB - Last synced at: 7 months ago - Pushed at: over 5 years ago - Stars: 345 - Forks: 36

AabyssZG/Docker-TCP-Scan

旨在以攻促防，针对Docker TCP socket的开源利用工具

Language: Python - Size: 1.19 MB - Last synced at: 7 months ago - Pushed at: over 1 year ago - Stars: 337 - Forks: 32

mazen160/tfquery

tfquery: Run SQL queries on your Terraform infrastructure. Query resources and analyze its configuration using a SQL-powered framework.

Language: Python - Size: 93.8 KB - Last synced at: 4 months ago - Pushed at: about 3 years ago - Stars: 330 - Forks: 18

cado-security/cloudgrep

cloudgrep is grep for cloud storage

Language: Python - Size: 328 KB - Last synced at: 3 months ago - Pushed at: 10 months ago - Stars: 327 - Forks: 17

vectra-ai-research/Halberd

Halberd : Multi-Cloud Agentic Attack Tool

Language: Python - Size: 3.2 MB - Last synced at: 12 days ago - Pushed at: 14 days ago - Stars: 326 - Forks: 33

Metarget/awesome-cloud-native-security

awesome resources about cloud native security 🐿

Size: 83 KB - Last synced at: 4 days ago - Pushed at: about 2 years ago - Stars: 322 - Forks: 52

common-fate/iamzero

Identity & Access Management simplified and secure.

Language: Go - Size: 1.93 MB - Last synced at: 8 months ago - Pushed at: almost 3 years ago - Stars: 256 - Forks: 10

cado-security/varc 📦

Volatile Artifact Collector collects a snapshot of volatile data from a system. It tells you what is happening on a system, and is of particular use when investigating a security incident.

Language: Python - Size: 1.21 MB - Last synced at: 4 months ago - Pushed at: about 1 year ago - Stars: 255 - Forks: 14

Esonhugh/k8spider

Powerful+Fast+Low Privilege Kubernetes discovery tools

Language: Go - Size: 482 KB - Last synced at: 2 months ago - Pushed at: 5 months ago - Stars: 251 - Forks: 16

salesforce/aws-allowlister

Automatically compile an AWS Service Control Policy that ONLY allows AWS services that are compliant with your preferred compliance frameworks.

Language: Python - Size: 6.63 MB - Last synced at: 1 day ago - Pushed at: over 2 years ago - Stars: 224 - Forks: 29

cloudmarker/cloudmarker 📦

Cloud security monitoring tool and framework

Language: Python - Size: 362 KB - Last synced at: 2 months ago - Pushed at: over 1 year ago - Stars: 221 - Forks: 16

DataDog/grimoire

Generate datasets of cloud audit logs for common attacks

Language: Go - Size: 1.11 MB - Last synced at: 2 months ago - Pushed at: over 1 year ago - Stars: 221 - Forks: 20

apiiro/PRevent

Prevent merging of malicious code in pull requests

Language: Python - Size: 312 KB - Last synced at: 10 months ago - Pushed at: 10 months ago - Stars: 202 - Forks: 13

aquasecurity/cloudsec-icons

A collection of cloud security icons :cloud::lock:

Language: Go - Size: 2.32 MB - Last synced at: 3 months ago - Pushed at: over 2 years ago - Stars: 193 - Forks: 19

cloud-sniper/cloud-sniper

Cloud Security Operations Orchestrator

Language: Python - Size: 128 MB - Last synced at: 8 months ago - Pushed at: over 1 year ago - Stars: 184 - Forks: 35

YDCloudSecurity/cloud-security-guides

Size: 13.1 MB - Last synced at: 28 days ago - Pushed at: almost 3 years ago - Stars: 176 - Forks: 7

antgroup/CloudRec

CloudRec is an open source multi-cloud security posture management (CSPM) platform designed to help organizations improve the security of their cloud environments.

Language: Java - Size: 41.4 MB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 172 - Forks: 22

adanalvarez/TrailDiscover

An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and security implications

Language: Python - Size: 35.7 MB - Last synced at: 28 days ago - Pushed at: about 1 month ago - Stars: 171 - Forks: 15

elastic/harp

Secret management by contract toolchain

Language: Go - Size: 5.43 MB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 153 - Forks: 21

salesforce/metabadger 📦

Prevent SSRF attacks on AWS EC2 via automated upgrades to the more secure Instance Metadata Service v2 (IMDSv2).

Language: Python - Size: 5.49 MB - Last synced at: 3 months ago - Pushed at: 8 months ago - Stars: 143 - Forks: 13

iknowjason/AriaCloud

A Docker container for remote penetration testing.

Language: HCL - Size: 22.2 MB - Last synced at: 6 months ago - Pushed at: almost 5 years ago - Stars: 135 - Forks: 27

appsecco/attacking-cloudgoat2

A step-by-step walkthrough of CloudGoat 2.0 scenarios.

Size: 7.18 MB - Last synced at: 8 months ago - Pushed at: over 5 years ago - Stars: 134 - Forks: 53

smithy-security/smithy

The security workflow engine!

Language: Go - Size: 118 MB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 133 - Forks: 17

purpleteam-labs/purpleteam

CLI component of OWASP PurpleTeam

Language: JavaScript - Size: 2.25 MB - Last synced at: 3 months ago - Pushed at: about 2 years ago - Stars: 131 - Forks: 14

riskprofiler/CloudFrontier

Monitor the internet attack surface of various public cloud environments. Currently supports AWS, GCP, Azure, DigitalOcean and Oracle Cloud.

Language: Lua - Size: 78.9 MB - Last synced at: about 1 year ago - Pushed at: almost 2 years ago - Stars: 120 - Forks: 20

Amet13/master-thesis

Master's thesis template in LaTeX

Language: TeX - Size: 25.1 MB - Last synced at: 2 months ago - Pushed at: 4 months ago - Stars: 97 - Forks: 27

dm-fedorov/cybersecurity-roadmap

Схема карьерных треков в кибербезопасности

Size: 478 KB - Last synced at: 4 months ago - Pushed at: 4 months ago - Stars: 83 - Forks: 19

goldfiglabs/sgCheckup

sgCheckup generates nmap output based on scanning your AWS Security Groups for unexpected open ports.

Language: Go - Size: 152 KB - Last synced at: over 1 year ago - Pushed at: over 4 years ago - Stars: 82 - Forks: 13

madhuakula/spotter

Spotter is a comprehensive Kubernetes security scanner that uses CEL-based rules to identify security vulnerabilities, misconfigurations, and compliance violations across your Kubernetes clusters, manifests, and CI/CD pipelines.

Language: Go - Size: 747 KB - Last synced at: 9 days ago - Pushed at: 4 months ago - Stars: 69 - Forks: 1

CloudDefenseAI/AWSZeroTrustPolicy

Adaptive AWS Zero Trust Policy made easy: Auto-generate least-privilege policies based on user activity in real time! Accelerate the adoption of smart access control

Language: Python - Size: 1.75 MB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 67 - Forks: 13

goldfiglabs/introspector

A schema and set of tools for using SQL to query cloud infrastructure.

Language: Python - Size: 16.3 MB - Last synced at: 8 months ago - Pushed at: about 4 years ago - Stars: 67 - Forks: 5

EEN421/KQL-Queries

Ian Hanley's deceptively simple KQL queries.

Size: 220 KB - Last synced at: 1 day ago - Pushed at: 3 days ago - Stars: 64 - Forks: 11

groovyBugify/aws-security-mcp

A Model Context Protocol server that connects AI assistants like Claude to AWS security services, allowing them to autonomously query, inspect, and analyze AWS infrastructure for security issues and misconfigurations.

Language: Python - Size: 378 KB - Last synced at: 5 months ago - Pushed at: 5 months ago - Stars: 64 - Forks: 13

JOSHUAJEBARAJ/GCP-GOAT

GCP GOAT is the vulnerable application for learn the GCP Security

Language: TypeScript - Size: 35.8 MB - Last synced at: 7 months ago - Pushed at: 7 months ago - Stars: 64 - Forks: 25

AirWalk-Digital/AWSXenos

AWSXenos will list all the trust relationships in all the IAM roles, S3 buckets, and more

Language: Python - Size: 381 KB - Last synced at: 3 months ago - Pushed at: 10 months ago - Stars: 64 - Forks: 5

anrbn/GCP-Attack-Defense

A Project dedicated to documenting various attack and detection vectors that can be encountered within Google Cloud Platform (GCP).

Language: Python - Size: 16.3 MB - Last synced at: about 1 month ago - Pushed at: over 1 year ago - Stars: 61 - Forks: 4

Adversis/PandorasBox

Security tool to quickly audit Public Box files and folders.

Language: Python - Size: 44.9 KB - Last synced at: 8 months ago - Pushed at: over 6 years ago - Stars: 54 - Forks: 24

ncc-erik-steringer/Aerides

An implementation of infrastructure-as-code scanning using dynamic tooling.

Language: HCL - Size: 58.6 KB - Last synced at: almost 3 years ago - Pushed at: almost 4 years ago - Stars: 53 - Forks: 0

HXSecurity/CloudSecWiki

CloudSecWiki is a cloud security oriented knowledge base maintained by HuoCorp.

Language: JavaScript - Size: 5.09 MB - Last synced at: 4 months ago - Pushed at: almost 3 years ago - Stars: 50 - Forks: 11

bridgecrewio/cdkgoat

CdkGoat is Bridgecrew's "Vulnerable by Design" AWS CDK repository. CdkGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.

Language: Python - Size: 29.3 KB - Last synced at: 7 months ago - Pushed at: over 2 years ago - Stars: 46 - Forks: 46

offensive-terraform/offensive-terraform.github.io

Offensive Terraform Website

Language: JavaScript - Size: 10.2 MB - Last synced at: 6 months ago - Pushed at: about 5 years ago - Stars: 45 - Forks: 3

adanalvarez/HoneyTrail

Independently deploy customized honeyservices in AWS to trigger alerts on unauthorized access. It utilizes a dedicated CloudTrail for precise detection and notification specifically for honeyservices activity.

Language: Python - Size: 10 MB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 44 - Forks: 1

0x7a6b4c/SkyEye

When Your Vision Reaches Beyond IAM Boundary Scope in AWS Cloud

Language: Python - Size: 11.6 MB - Last synced at: 29 days ago - Pushed at: about 1 month ago - Stars: 40 - Forks: 2

lightspin-tech/lightspin-2022-top-7-attack-paths

Based on Lightspin proprietary data, research, and our tracking of cloud security trends in the market, our research team has compiled a list of the 2022 Top 7 Cloud Attack Paths across AWS, Azure, GCP, and Kubernetes as seen on the Lightspin Cloud Native Application Protection Platform.

Size: 138 KB - Last synced at: 8 months ago - Pushed at: over 3 years ago - Stars: 40 - Forks: 1

eshlomo1/CloudSec

Welcome to the Cloud Security Toolkit repository, your all-in-one destination for cutting-edge cloud security resources! Whether you're diving into offensive strategies, mastering threat hunting, or bolstering your blue-team defenses, this repo has you covered.

Language: PowerShell - Size: 967 KB - Last synced at: 4 days ago - Pushed at: 6 days ago - Stars: 39 - Forks: 11

CyberAlbSecOP/Awesome_CyberSec_Bible

Cyber-Security Bible! Theory and Tools, Kali Linux, Penetration Testing, Bug Bounty, CTFs, Malware Analysis, Cryptography, Secure Programming, Web App Security, Cloud Security, Devsecops, Ethical Hacking, Social Engineering, Privacy, Incident Response, Threat Assestment, Personal Security, Ai Security, Android Security, Iot Security, Standards.

Size: 287 KB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 39 - Forks: 8

lightspin-tech/eks-creation-engine

The Amazon Elastic Kubernetes Service (EKS) Creation Engine (ECE) is a Python command-line program created by the Lightspin Office of the CISO to facilitate the creation and enablement of secure EKS Clusters.

Language: Python - Size: 85.9 KB - Last synced at: almost 3 years ago - Pushed at: almost 3 years ago - Stars: 39 - Forks: 12

blackbotsecurity/AWS-Attack

AWSATT&CK adds MITRE ATT&CK context and additional logging capabilities to Rhino Security Labs's open-source AWS exploitation framework, Pacu.

Language: Python - Size: 263 KB - Last synced at: almost 3 years ago - Pushed at: almost 5 years ago - Stars: 38 - Forks: 10

nikhilpatidar01/Linux-Server

🧑‍💻 A comprehensive guide to Linux system administration, covering: 📜 Commands 👥 User Management 🌐 Networking 🔐 Permissions 📦 Package Management 💽 Disk Management 🛡️ Security 🤖 Automation ✅

Size: 25.3 MB - Last synced at: 5 months ago - Pushed at: 5 months ago - Stars: 35 - Forks: 3

nianticlabs/modron

Modron - Cloud security compliance

Language: Go - Size: 3.75 MB - Last synced at: 9 months ago - Pushed at: about 1 year ago - Stars: 33 - Forks: 3

ollionorg/gcp-landing-zone

Leverage Ollion's GCP Landing Zone to deploy a secure, compliant foundation with ease. The repository contains an implementation of a secure and compliant landing zone pattern that will help expedite cloud migration for an enterprise in a heavily regulated industry.

Language: HCL - Size: 4.76 MB - Last synced at: 9 months ago - Pushed at: over 1 year ago - Stars: 33 - Forks: 14

stafordtituss/HazProne

HazProne is a Cloud Pentesting Framework that emulates close to Real-World Scenarios by deploying Vulnerable-By-Demand AWS resources enabling you to pentest Vulnerabilities within, and hence, gain a better understanding of what could go wrong and why!!

Language: HCL - Size: 215 KB - Last synced at: almost 3 years ago - Pushed at: over 3 years ago - Stars: 33 - Forks: 11