andresriancho / aws-audit-automation
Tools to automate AWS Cloud security assessments
☆23Updated 4 years ago
Related projects: ⓘ
- Pivot into private VPC networks using a VPN connection☆40Updated 4 years ago
- A combined list of helpful awscli commands from Scott Piper's flaws.cloud exercise as well as from Beau Bullock's Breaching the Cloud Tra…☆18Updated 3 years ago
- Application Security Workflow Automation using Docker and Kubernetes☆22Updated last year
- AWS Incident Response Kit (AIRK) - AWS Incident Response☆21Updated 4 years ago
- Salesforce Policy Deviation Checker☆29Updated 3 years ago
- ☆13Updated 11 months ago
- A set of AWS resources for testing the Log4Shell vulnerability, deployable with terraform☆12Updated 2 years ago
- A collection of slides, videos, and proof-of-concept scripts from various Rhino presentations.☆37Updated 6 years ago
- Virtual Security Operations Center☆49Updated last year
- Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.☆74Updated 2 years ago
- S3Insights is a platform for efficiently deriving security insights about S3 data through metadata analysis☆11Updated 2 weeks ago
- An implementation of infrastructure-as-code scanning using dynamic tooling.☆56Updated 2 years ago
- A command line security audit tool for Amazon Web Services☆79Updated 5 years ago
- AWS SSO serverless phishing API.☆29Updated 3 years ago
- ZAP scripts to implement ASVS L1 checking☆13Updated 2 years ago
- CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.☆28Updated 2 years ago
- An AWS Lambda vulnerable application written in flask.☆48Updated 6 years ago
- A tool to run nmap against each line in a script.☆16Updated 3 years ago
- Tool to tackle problematic dangling domains in Amazon Web Services.☆13Updated 6 years ago
- A CLI that utilizes Okta IdP via SAML to acquire temporary AWS credentials☆10Updated 3 years ago
- A git submodule list containing all the tools repo's you'll ever need.☆28Updated 5 years ago
- Updated incident response generator for training classes☆41Updated 3 years ago
- Finding Valuable Needles in Global Source Code Haystacks with Automation☆18Updated 3 years ago
- ☆36Updated this week
- Overview about existing tools that can be useful for AWS auditing purposes.☆15Updated 6 years ago
- A small library to alter AWS API requests; Used for fuzzing research☆21Updated 10 months ago
- ☆18Updated this week
- A simple file-based scanner to look for potential AWS access and secret keys in files☆87Updated 6 months ago
- CdkGoat is Bridgecrew's "Vulnerable by Design" AWS CDK repository. CdkGoat is a learning and training project that demonstrates how commo…☆43Updated last year
- Following repository contains source codes used in my two Books.☆10Updated 8 years ago