Netflix-Skunkworks / diffy
(DEPRECATED) Diffy is a triage tool used during cloud-centric security incidents, to help digital forensics and incident response (DFIR) teams quickly identify suspicious hosts on which to focus their response.
☆633Updated last year
Alternatives and similar repositories for diffy:
Users that are interested in diffy are comparing it to the libraries listed below
- Python installable command line utiltity for mitigation of host and key compromises.☆344Updated 3 years ago
- Dow Jones Hammer : Protect the cloud with the power of the cloud(AWS)☆437Updated last year
- honeyλ - a simple, serverless application designed to create and monitor fake HTTP endpoints (i.e. URL honeytokens) automatically, on top…☆516Updated 6 years ago
- A repository for using osquery for incident detection and response☆842Updated 2 years ago
- an osquery fleet manager☆618Updated 2 years ago
- Fetch all public IP addresses tied to your AWS account. Works with IPv4/IPv6, Classic/VPC networking, and across all AWS services☆638Updated 3 years ago
- Remote Memory Acquisition Tool☆245Updated 4 years ago
- Aardvark is a multi-account AWS IAM Access Advisor API☆474Updated 5 months ago
- A tool to help forensicate offline docker acquisitions☆540Updated 5 months ago
- Collection of scripts and resources for DevSecOps and Automated Incident Response Security☆626Updated 4 years ago
- CloudTracker helps you find over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies.☆893Updated 3 years ago
- AWS Least Privilege for Distributed, High-Velocity Deployment☆1,130Updated last year
- Open Cloud Security Posture Management Engine☆338Updated 3 years ago
- Enforce ownership and data security within AWS☆448Updated 4 years ago
- for AWS Security material☆246Updated 2 years ago
- AWS Security Tools (AST) in a simple Docker container.☆287Updated 3 years ago
- BinaryAlert: Serverless, Real-time & Retroactive Malware Detection.☆1,420Updated last year
- An information security preparedness tool to do adversarial simulation.☆1,118Updated 6 years ago
- Tools for fingerprinting and exploiting Amazon cloud infrastructures☆463Updated 2 years ago
- A flexible control server for osquery fleets☆1,105Updated 4 years ago
- Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.☆1,150Updated 2 years ago
- Python-based utility that uses supervised machine learning to detect phishing domains from the Certificate Transparency log network.☆323Updated 6 months ago
- A collection of AWS penetration testing junk☆1,190Updated last year
- Security auditing tool for AWS environments☆1,728Updated 6 years ago
- An open source, online threat modelling tool from OWASP☆483Updated 9 months ago
- A Linux Auditd rule set mapped to MITRE's Attack Framework☆787Updated 4 years ago
- Parse and Process AWS IAM Policies, Statements, ARNs, and wildcards.☆433Updated 9 months ago
- A centralized source of all AWS IAM privilege escalation methods released by Rhino Security Labs.☆907Updated 5 years ago
- The main project for the Unfetter-Discover application. This is the project that will hold the configuration files, the docker-compose f…☆412Updated 2 years ago
- The GOSINT framework is a project used for collecting, processing, and exporting high quality indicators of compromise (IOCs).☆543Updated last year