Open Cloud Security Posture Management Engine
☆344Feb 19, 2022Updated 4 years ago
Alternatives and similar repositories for opencspm
Users that are interested in opencspm are comparing it to the libraries listed below
Sorting:
- A Cloud Security Posture Manager or CSPM with a focus on security analysis for the modern cloud stack and a focus on the emerging threat …☆199Aug 29, 2024Updated last year
- Multi-threaded AWS inventory collection tool with a focus on security-relevant resources and metadata.☆554Jul 13, 2025Updated 7 months ago
- OpenCSPM Community Controls☆14May 18, 2021Updated 4 years ago
- Cloud Security Posture Management (CSPM)☆3,707Updated this week
- Resource types that can be publicly exposed on AWS☆331Feb 23, 2022Updated 4 years ago
- Darkbit Cloud Security Tools☆25Nov 12, 2020Updated 5 years ago
- ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring su…☆1,035Feb 9, 2026Updated 3 weeks ago
- Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized repo…☆2,184Feb 20, 2026Updated last week
- Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.☆1,167Dec 8, 2022Updated 3 years ago
- Automated Attack Simulation in the Cloud, complete with detection use cases.☆606Nov 28, 2024Updated last year
- A tool for quickly evaluating IAM permissions in AWS.☆1,541Aug 2, 2024Updated last year
- This repo has been replaced by https://www.cloudvulndb.org☆726Jun 29, 2022Updated 3 years ago
- GCP CSPM using Google Sheets☆38Apr 4, 2025Updated 10 months ago
- ☆157Jul 8, 2023Updated 2 years ago
- CloudTracker helps you find over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies.☆907Dec 17, 2021Updated 4 years ago
- ☆374Feb 23, 2024Updated 2 years ago
- AWS IAM linting library☆1,109Jan 7, 2026Updated last month
- SkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS☆906Dec 17, 2024Updated last year
- Exports primitive and predefined GCP IAM Roles and their permissions☆108Updated this week
- Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powere…☆3,729Updated this week
- Multi-Cloud Security Auditing Tool☆7,551Sep 23, 2025Updated 5 months ago
- CloudMapper helps you analyze your Amazon Web Services (AWS) environments.☆6,264Jul 15, 2024Updated last year
- Automatically compile an AWS Service Control Policy that ONLY allows AWS services that are compliant with your preferred compliance frame…☆224Aug 11, 2023Updated 2 years ago
- The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.☆5,073Updated this week
- Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resour…☆5,937Updated this week
- Prowler is the world’s most widely used open-source cloud security platform that automates security and compliance across any cloud envir…☆13,103Updated this week
- A MITRE ATT&CK Navigator export for AWS GuardDuty Findings☆139Jul 23, 2021Updated 4 years ago
- Prevent SSRF attacks on AWS EC2 via automated upgrades to the more secure Instance Metadata Service v2 (IMDSv2).☆144May 1, 2025Updated 10 months ago
- Aardvark is a multi-account AWS IAM Access Advisor API☆483Oct 25, 2024Updated last year
- MKIT is a Managed Kubernetes Inspection Tool that validates several common security-related configuration settings of managed Kubernetes …☆397Sep 16, 2021Updated 4 years ago
- Monitor AWS Managed IAM Policies Changes☆493Updated this week
- List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.☆9,405Oct 16, 2025Updated 4 months ago
- IAM Least Privilege Policy Generator☆2,136Feb 8, 2026Updated 3 weeks ago
- Granular, Actionable Adversary Emulation for the Cloud☆2,266Feb 13, 2026Updated 2 weeks ago
- ☆83Dec 5, 2019Updated 6 years ago
- CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool☆3,487Feb 12, 2026Updated 2 weeks ago
- Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.☆646Nov 21, 2019Updated 6 years ago
- Compares and analyzes GCP IAM roles.☆78Mar 9, 2025Updated 11 months ago
- Gordon is status check Github app to enforce and validate about.yaml file specifications in a repository during pull requests to drive co…☆20Feb 4, 2025Updated last year