Ansible/Vagrant/Packer files to create a virtual machine with the tooling needed to perform cloud security assessments
☆142Jan 2, 2025Updated last year
Alternatives and similar repositories for cloud-security-vm
Users that are interested in cloud-security-vm are comparing it to the libraries listed below
Sorting:
- Listing of resources for example AWS Service Control Policies (SCPs)☆16Jan 10, 2024Updated 2 years ago
- ☆40Aug 2, 2024Updated last year
- An IAM Simulator that outputs detailed explains of how a request was evaluated.☆100Updated this week
- Mapping of open-source detection rules and atomic tests.☆204Feb 16, 2026Updated last month
- A tool for scanning public or private AMIs for sensitive files and secrets. The tool follows the research made on AWS CloudQuarry where w…☆113Nov 13, 2024Updated last year
- A collection of Turbo Intruder scripts.☆71Feb 1, 2025Updated last year
- Cloud Commotion intends to cause chaos to simulate security incidents☆146Jun 18, 2024Updated last year
- Safer AWS SCP deployments via real-time monitoring☆56Sep 30, 2023Updated 2 years ago
- Halberd : Multi-Cloud Agentic Attack Tool☆335Jan 12, 2026Updated 2 months ago
- AWS honey token manager☆90Aug 1, 2024Updated last year
- Repository to archive GCP Documentation for local use☆16Feb 11, 2025Updated last year
- Test & Compare different Kubernetes security offerings on EKS, GKE and AKS☆40Aug 29, 2024Updated last year
- Sniff and attack networks that use IP-in-IP or VXLAN encapsulation protocols.☆23Aug 30, 2024Updated last year
- Generate datasets of cloud audit logs for common attacks☆235Mar 9, 2026Updated last week
- A tool to uncover undocumented APIs from the AWS Console.☆120Updated this week
- Create tar/zip archives that try to exploit zipslip vulnerability.☆48Sep 20, 2024Updated last year
- The official website for The Discord Analytics for Risks & Threats Project.☆22Dec 29, 2025Updated 2 months ago
- A tool for quickly evaluating IAM permissions in AWS.☆76May 27, 2024Updated last year
- ☆18Jul 30, 2024Updated last year
- A set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard certificate in as simple a p…☆30Nov 30, 2025Updated 3 months ago
- Autonomous AI C2☆33Jul 23, 2024Updated last year
- A PoC to Simulate Ransomware Attack on AWS Environment☆33Oct 14, 2024Updated last year
- Semgrep-based Policy Controller for Kubernetes☆47Apr 4, 2025Updated 11 months ago
- A multifaceted security tool which leverages Public GitHub REST APIs for OSINT, Forensics, Pentesting and more.☆174Jan 9, 2026Updated 2 months ago
- This terraform provider can be used to get remote code execution by injecting a dummy resource in a writeable state file.☆62Jan 25, 2025Updated last year
- Fast and easy to use CLI-based file encryption program 📦☆13Oct 12, 2025Updated 5 months ago
- AWS Attack Path Management Tool - Walking on the Moon☆263Dec 5, 2024Updated last year
- Hijack a slack bot to phish your way in☆57Jul 17, 2025Updated 8 months ago
- ☆18Feb 2, 2026Updated last month
- Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @Webbi…☆289May 16, 2025Updated 10 months ago
- 🌐 Visualize and explore IaC ✒️ Create and share notes in VS Code 🤝 Sync notes and findings in real-time with friends☆72Feb 2, 2024Updated 2 years ago
- Official code for the paper entitled "Toward Intelligent and Secure Cloud: Large Language Model Empowered Proactive Defense"☆15Apr 10, 2025Updated 11 months ago
- Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows☆119Updated this week
- PoC shadow SaaS and insecure credential detection system using a browser extension.☆42Feb 8, 2026Updated last month
- ☆30Jan 13, 2026Updated 2 months ago
- An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and secur…☆174Mar 11, 2026Updated last week
- RequestShield is a 100% Free and OpenSource tool designed to analyze HTTP access.logs and identify suspicious HTTP requests and potential…☆106Dec 2, 2024Updated last year
- ## Auto-archived due to inactivity. ## Tooling to simulate runtime attacks and test default runtime detections from Datadog Cloud Securit…☆37Oct 17, 2024Updated last year
- Web Server Vulnerability Scanning Tool☆36Mar 11, 2025Updated last year