ThreatResponse / aws_ir

Related projects: ⓘ

• ThreatResponse / margaritashotgun
  Remote Memory Acquisition Tool
  ☆239Updated 3 years ago
• easttimor / aws-incident-response
  ☆358Updated 6 months ago
• stuhirst / awssecurity
  for AWS Security material
  ☆245Updated 2 years ago
• amrandazz / attack-guardduty-navigator
  A MITRE ATT&CK Navigator export for AWS GuardDuty Findings
  ☆136Updated 3 years ago
• dowjones / hammer
  Dow Jones Hammer : Protect the cloud with the power of the cloud(AWS)
  ☆434Updated last year
• nccgroup / G-Scout
  Google Cloud Platform Security Tool
  ☆231Updated 5 years ago
• Netflix-Skunkworks / diffy
  (DEPRECATED) Diffy is a triage tool used during cloud-centric security incidents, to help digital forensics and incident response (DFIR)…
  ☆633Updated 8 months ago
• MrSecure / review-security-groups
  A small set of scripts to summarize AWS Security Groups, and generate visualizations of the rules.
  ☆61Updated 4 years ago
• willbengtson / trailblazer-aws
  Blazing CloudTrail since 2018
  ☆134Updated 5 years ago
• Netflix-Skunkworks / aws-credential-compromise-detection
  Example detection of compromise credentials in AWS
  ☆118Updated 6 years ago
• turnerlabs / antiope
  AWS Inventory and Compliance Framework
  ☆223Updated last year
• awslabs / aws-security-automation
  Collection of scripts and resources for DevSecOps and Automated Incident Response Security
  ☆612Updated 3 years ago
• OpenCSPM / opencspm
  Open Cloud Security Posture Management Engine
  ☆331Updated 2 years ago
• andresriancho / nimbostratus
  Tools for fingerprinting and exploiting Amazon cloud infrastructures
  ☆442Updated last year
• sonofagl1tch / AWSDetonationLab
  This script is used to generate some basic detections of the aws security services
  ☆71Updated 2 years ago
• SummitRoute / aws_exposable_resources
  Resource types that can be publicly exposed on AWS
  ☆311Updated 2 years ago
• awslabs / aws-automated-incident-response-and-forensics
  ☆369Updated 11 months ago
• WithSecureLabs / leonidas
  Automated Attack Simulation in the Cloud, complete with detection use cases.
  ☆470Updated 2 weeks ago
• mozilla / ssm-acquire
  A python module for orchestrating content acquisitions and analysis via amazon ssm.
  ☆57Updated 10 months ago
• panther-labs / panther-analysis
  Built-in Panther detection rules and policies
  ☆327Updated this week
• duo-labs / cloudtrail-partitioner
  ☆150Updated last year
• product-security-group / Security_Ladders
  Open source security career ladders
  ☆114Updated last year
• ihamburglar / Redboto
  Red Team Scripts for AWS.
  ☆166Updated 4 years ago
• twilio-labs / socless
  The SOCless automation framework
  ☆130Updated 3 weeks ago
• Netflix-Skunkworks / policyuniverse
  Parse and Process AWS IAM Policies, Statements, ARNs, and wildcards.
  ☆423Updated 2 months ago
• spotify / terraform-google-grr
  A Terraform module for GRR: the distributed incident forensics and response framework
  ☆51Updated 4 years ago
• cyberark / SkyWrapper
  SkyWrapper helps to discover suspicious creation forms and uses of temporary tokens in AWS
  ☆104Updated 3 years ago
• Voulnet / barq
  barq: The AWS Cloud Post Exploitation framework!
  ☆385Updated last year
• awslabs / amazon-guardduty-tester
  This repository can be used to generate and evaluate findings detected by Amazon GuardDuty
  ☆337Updated 2 months ago
• carnal0wnage / weirdAAL
  WeirdAAL (AWS Attack Library)
  ☆773Updated last year