ThreatResponse / aws_ir
Python installable command line utiltity for mitigation of host and key compromises.
☆339Updated 3 years ago
Related projects: ⓘ
- Remote Memory Acquisition Tool☆239Updated 3 years ago
- ☆358Updated 6 months ago
- for AWS Security material☆245Updated 2 years ago
- A MITRE ATT&CK Navigator export for AWS GuardDuty Findings☆136Updated 3 years ago
- Dow Jones Hammer : Protect the cloud with the power of the cloud(AWS)☆434Updated last year
- Google Cloud Platform Security Tool☆231Updated 5 years ago
- (DEPRECATED) Diffy is a triage tool used during cloud-centric security incidents, to help digital forensics and incident response (DFIR)…☆633Updated 8 months ago
- A small set of scripts to summarize AWS Security Groups, and generate visualizations of the rules.☆61Updated 4 years ago
- Blazing CloudTrail since 2018☆134Updated 5 years ago
- Example detection of compromise credentials in AWS☆118Updated 6 years ago
- AWS Inventory and Compliance Framework☆223Updated last year
- Collection of scripts and resources for DevSecOps and Automated Incident Response Security☆612Updated 3 years ago
- Open Cloud Security Posture Management Engine☆331Updated 2 years ago
- Tools for fingerprinting and exploiting Amazon cloud infrastructures☆442Updated last year
- This script is used to generate some basic detections of the aws security services☆71Updated 2 years ago
- Resource types that can be publicly exposed on AWS☆311Updated 2 years ago
- ☆369Updated 11 months ago
- Automated Attack Simulation in the Cloud, complete with detection use cases.☆470Updated 2 weeks ago
- A python module for orchestrating content acquisitions and analysis via amazon ssm.☆57Updated 10 months ago
- Built-in Panther detection rules and policies☆327Updated this week
- ☆150Updated last year
- Open source security career ladders☆114Updated last year
- Red Team Scripts for AWS.☆166Updated 4 years ago
- The SOCless automation framework☆130Updated 3 weeks ago
- Parse and Process AWS IAM Policies, Statements, ARNs, and wildcards.☆423Updated 2 months ago
- A Terraform module for GRR: the distributed incident forensics and response framework☆51Updated 4 years ago
- SkyWrapper helps to discover suspicious creation forms and uses of temporary tokens in AWS☆104Updated 3 years ago
- barq: The AWS Cloud Post Exploitation framework!☆385Updated last year
- This repository can be used to generate and evaluate findings detected by Amazon GuardDuty☆337Updated 2 months ago
- WeirdAAL (AWS Attack Library)☆773Updated last year