agnivesh / endgameLinks
An AWS Pentesting tool that lets you use one-liner commands to backdoor an AWS account's resources with a rogue AWS account - or share the resources with the entire internet π
β270Updated 4 years ago
Alternatives and similar repositories for endgame
Users that are interested in endgame are comparing it to the libraries listed below
Sorting:
- AWS Security Tools (AST) in a simple Docker container.β287Updated 4 years ago
- Multi-threaded AWS inventory collection tool with a focus on security-relevant resources and metadata.β546Updated 4 months ago
- A honey token manager and alert system for AWS.β319Updated 3 years ago
- rpCheckup is an AWS resource policy security checkup tool that identifies public, external account access, intra-org account access, β¦β161Updated 4 years ago
- AWS Identity and Access Management Visualizer and Anomaly Finderβ295Updated 11 months ago
- Resource types that can be publicly exposed on AWSβ327Updated 3 years ago
- AWS Inventory and Compliance Frameworkβ224Updated last year
- Access Undenied parses AWS AccessDenied CloudTrail events, explains the reasons for them, and offers actionable remediation steps. Open-sβ¦β262Updated 2 years ago
- A command-line tool to get valuable information out of AWS CloudTrailβ816Updated last week
- CloudTracker helps you find over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies.β899Updated 3 years ago
- Automatically compile an AWS Service Control Policy that ONLY allows AWS services that are compliant with your preferred compliance frameβ¦β225Updated last year
- Red Team Scripts for AWS.β169Updated 4 years ago
- [MAMIP] Monitor AWS Managed IAM Policies Changesβ484Updated this week
- Prevent SSRF attacks on AWS EC2 via automated upgrades to the more secure Instance Metadata Service v2 (IMDSv2).β143Updated last month
- AWSXenos will list all the trust relationships in all the IAM roles, S3 buckets, and more��β62Updated 2 months ago
- AWS CloudSaga - Simulate security events in AWSβ456Updated this week
- Open Cloud Security Posture Management Engineβ340Updated 3 years ago
- Scan publicly accessible assets on your AWS cloud environmentβ138Updated 11 months ago
- OWASP Domain Protect - prevent subdomain takeoverβ397Updated 5 months ago
- A project to collate IAM actions, AWS APIs and managed policies from various public sources.β294Updated this week
- Is your AWS perimeter secure? Use Powerpipe and Steampipe to check your AWS accounts for public resources, resources shared with untrustβ¦β111Updated last month
- Dow Jones Hammer : Protect the cloud with the power of the cloud(AWS)β440Updated last year
- Open source application to instantly remediate common security issues through the use of AWS Configβ221Updated 4 years ago
- AWS Organizations Service Control Policies (SCPs) written in HashiCorp Terraform.β241Updated 7 months ago
- Scans your AWS cloud resources and generates reports. Check out free hosted version:β279Updated 4 years ago
- IAM-Deescalate helps mitigate privilege escalation risk in AWS identity and access management (IAM)β98Updated 2 years ago
- Aardvark is a multi-account AWS IAM Access Advisor APIβ477Updated 7 months ago
- Bare minimum AWS Security Alerting and Secure by default Configurationβ498Updated 2 weeks ago
- Repository for iamfast questions and issuesβ175Updated 2 months ago
- Automate permissions to your cloud and critical applications.β241Updated last year