OpenCSPM / opencspmLinks
Open Cloud Security Posture Management Engine
☆342Updated 3 years ago
Alternatives and similar repositories for opencspm
Users that are interested in opencspm are comparing it to the libraries listed below
Sorting:
- A Cloud Security Posture Manager or CSPM with a focus on security analysis for the modern cloud stack and a focus on the emerging threat …☆192Updated last year
- ☆375Updated last year
- Resource types that can be publicly exposed on AWS☆328Updated 3 years ago
- Documenting your Threat Models with HCL☆433Updated 4 months ago
- AWS CloudSaga - Simulate security events in AWS☆469Updated this week
- Multi-threaded AWS inventory collection tool with a focus on security-relevant resources and metadata.☆550Updated 2 months ago
- AWS Inventory and Compliance Framework☆225Updated 2 years ago
- Threat model for Amazon S3 - Library of all the attack scenarios on Amazon S3, and how to mitigate them following a risk-based approach☆157Updated 2 years ago
- OWASP Domain Protect - prevent subdomain takeover☆398Updated 9 months ago
- The SOCless automation framework☆140Updated 7 months ago
- Dow Jones Hammer : Protect the cloud with the power of the cloud(AWS)☆443Updated 2 years ago
- AWS Security Analytics Bootstrap enables customers to perform security investigations on AWS service logs by providing an Amazon Athena a…☆257Updated this week
- AWS Organizations Service Control Policies (SCPs) written in HashiCorp Terraform.☆244Updated 11 months ago
- A collection of projects supporting AWS Integration☆155Updated last month
- ☆121Updated 4 months ago
- Prevent SSRF attacks on AWS EC2 via automated upgrades to the more secure Instance Metadata Service v2 (IMDSv2).☆143Updated 5 months ago
- An open project to list all publicly known cloud vulnerabilities and CSP security issues☆361Updated 2 weeks ago
- A simple threat modeling tool to help humans to reduce time-to-value when threat modeling☆621Updated this week
- A honey token manager and alert system for AWS.☆320Updated 3 years ago
- KaiMonkey provides vulnerable infrastructure as code (IaC) to help explore and understand common cloud security threats exposed via IaC.☆105Updated last year
- Serverless Functions for establishing Reverse Shells to Lambda, Azure Functions, and Google Cloud Functions☆249Updated 2 months ago
- Automated Attack Simulation in the Cloud, complete with detection use cases.☆595Updated 10 months ago
- Automatically compile an AWS Service Control Policy that ONLY allows AWS services that are compliant with your preferred compliance frame…☆225Updated 2 years ago
- This repository can be used to generate and evaluate findings detected by Amazon GuardDuty☆408Updated 3 months ago
- SkyWrapper helps to discover suspicious creation forms and uses of temporary tokens in AWS☆108Updated 4 years ago
- A small set of scripts to summarize AWS Security Groups, and generate visualizations of the rules.☆63Updated 5 years ago
- List of vendors that do not allow IMDSv2 enforcement☆143Updated last year
- A docker container to simplify and secure the use of Infrastructure as Code (IaC)☆77Updated this week
- A MITRE ATT&CK Navigator export for AWS GuardDuty Findings☆138Updated 4 years ago
- CNAPPgoat is an open source project designed to modularly provision vulnerable-by-design components in cloud environments.☆288Updated last year