Add a layer of active defense to your cloud applications.
☆104Feb 11, 2026Updated 2 weeks ago
Alternatives and similar repositories for cloud-active-defense
Users that are interested in cloud-active-defense are comparing it to the libraries listed below
Sorting:
- ☆75Mar 19, 2025Updated 11 months ago
- Released at Black Hat Asia on April 18, 2024, Cloud Console Cartographer is a framework for condensing groupings of cloud events (e.g. Cl…☆173May 16, 2024Updated last year
- Permiso Security has created a tool to query snowflake environments for evidence of compromise, based on indicators from Permiso and the …☆73Jun 21, 2024Updated last year
- ☆18Jul 30, 2024Updated last year
- CloudGrappler is a purpose-built tool designed for effortless querying of high-fidelity and single-event detections related to well-known…☆266Nov 21, 2025Updated 3 months ago
- Repository to archive GCP Documentation for local use☆16Feb 11, 2025Updated last year
- Tool for obfuscating and deobfuscating data.☆76Mar 20, 2024Updated last year
- Sniff and attack networks that use IP-in-IP or VXLAN encapsulation protocols.☆23Aug 30, 2024Updated last year
- A Golang program to rotate AWS & GCP account keys☆67May 12, 2025Updated 9 months ago
- WAF bypass PoC☆50Oct 9, 2023Updated 2 years ago
- ☆30Jan 13, 2026Updated last month
- Convert cloudtrail data to MITRE ATT&CK Sightings☆82Jul 25, 2022Updated 3 years ago
- Recon tool to query cloud prefixes for services associated with an IP address☆23Oct 2, 2024Updated last year
- ## Auto-archived due to inactivity. ## Tooling to simulate runtime attacks and test default runtime detections from Datadog Cloud Securit…☆37Oct 17, 2024Updated last year
- Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows☆117Updated this week
- Azure Deployment Templates for Mandiant Managed Huning☆12Jun 1, 2023Updated 2 years ago
- ☆25Jun 27, 2024Updated last year
- ☆40Nov 29, 2024Updated last year
- A multi-vault secret injection tool for safely injecting secrets into app environment☆133Dec 31, 2025Updated 2 months ago
- Common Golang Packages for use by the Various Cloud Nuke Tools☆55Feb 11, 2026Updated 2 weeks ago
- A GitHub Actions Supply Chain CTF / Goat☆27Jan 6, 2026Updated last month
- An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and secur…☆174Feb 22, 2026Updated last week
- Collect chrome extensions from various devices and find out if they are malicious☆24Jan 17, 2026Updated last month
- ☆28Dec 26, 2025Updated 2 months ago
- Workflows for Shuffle☆24Oct 26, 2022Updated 3 years ago
- Compares and analyzes GCP IAM roles.☆78Mar 9, 2025Updated 11 months ago
- A simple script which implements different Cognito attacks such as Account Oracle or Priviledge Escalation☆109Feb 16, 2024Updated 2 years ago
- Lambda function that streamlines containment of an AWS account compromise☆344Dec 1, 2023Updated 2 years ago
- A utility to force query DNS over DoH off of CloudFlare API when DNS block is in place☆10Aug 26, 2018Updated 7 years ago
- Assess certain AWS network configurations☆12Aug 22, 2018Updated 7 years ago
- Official code for the paper entitled "Toward Intelligent and Secure Cloud: Large Language Model Empowered Proactive Defense"☆15Apr 10, 2025Updated 10 months ago
- A tool for scanning public or private AMIs for sensitive files and secrets. The tool follows the research made on AWS CloudQuarry where w…☆113Nov 13, 2024Updated last year
- ☆122Aug 29, 2024Updated last year
- This repository contains the research and components of our research into using Sigma for AWS Incident Response.☆31Jul 12, 2023Updated 2 years ago
- To clean up your AWS AMIs: First, include AMIs by name or tag. Second, exclude AMIs in use, younger than N days, or the newest N images. …☆36Updated this week
- Automation tool for Windows Deception Host Burn-In☆86Dec 4, 2024Updated last year
- DriveFS Sleuth is a Python tool that automates investigating Google Drive File Stream disk artifacts, the tool has been developed based o…☆87Dec 20, 2024Updated last year
- A tool for AWS incident response, that allows for enumeration, acquisition and analysis of data from AWS environments for the purpose of …☆198Jan 6, 2026Updated last month
- Tweets when new GCP IAM updates are found☆13Updated this week