aquasecurity / cfsecLinks
Static analysis for CloudFormation templates to identify common misconfiguration
☆56Updated 3 years ago
Alternatives and similar repositories for cfsec
Users that are interested in cfsec are comparing it to the libraries listed below
Sorting:
- ☆56Updated 2 weeks ago
- a tool to audit the istio service mesh☆173Updated 3 years ago
- A tool to check the security settings of Github Organizations.☆72Updated 2 years ago
- PolicyGlass allows you to analyse one or more AWS policies' effective permissions in aggregate, by restating them in the form of PolicySh…☆60Updated 3 years ago
- An SBOM query language and associated utilities☆54Updated last year
- vexctl is a tool to attest VEX impact statements☆45Updated 2 years ago
- Darkbit Cloud Security Tools☆25Updated 4 years ago
- Trivy's misconfiguration scanning engine☆216Updated 8 months ago
- ☆114Updated last month
- Compares and analyzes GCP IAM roles.☆77Updated 6 months ago
- Prevent SSRF attacks on AWS EC2 via automated upgrades to the more secure Instance Metadata Service v2 (IMDSv2).☆143Updated 5 months ago
- ☆23Updated 2 years ago
- Useful scripts, Docker images, docker-compose apps, and Terraform modules.☆151Updated 2 weeks ago
- CloudSplaining on AWS Managed Policies☆44Updated 3 weeks ago
- A security tool designed to help review merged code changes to open source maintained repositories via LLM assisted review to safeguard a…☆31Updated 11 months ago
- List of vendors that do not allow IMDSv2 enforcement☆143Updated last year
- Slack alert bot for matching Github Audit Events☆10Updated 10 months ago
- Security configuration checks for popular cloud native applications and infrastructure.☆119Updated 3 years ago
- vscode extension for tfsec☆30Updated 2 years ago
- KaiMonkey provides vulnerable infrastructure as code (IaC) to help explore and understand common cloud security threats exposed via IaC.☆105Updated last year
- Open-source proof-of-concept client for AWS IAM Roles Anywhere☆71Updated 3 years ago
- ☆34Updated 2 years ago
- Common Golang Packages for use by the Various Cloud Nuke Tools☆47Updated 3 weeks ago
- Privateer is a plugin-based framework to validate the status of deployed resources.☆15Updated this week
- Clean accounts over permissions in GCP infra at scale☆71Updated 2 years ago
- Security scanning & static analysis tool☆94Updated 11 months ago
- ☆139Updated 6 months ago
- No need for IAM users when we have Yubikeys☆159Updated 3 years ago
- Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts☆61Updated 2 years ago
- Securing Alice's, Bob's and Carl's software supply chain using in-toto☆95Updated 2 weeks ago