aquia-inc/aws-guardduty-runbook-generator external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

aquia-inc/aws-guardduty-runbook-generator

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/aquia-inc/aws-guardduty-runbook-generator)

Close

aquia-inc / aws-guardduty-runbook-generatorView on GitHubMore

• External links
• Readme badge

Generates runbooks for GuardDuty findings

☆38Jun 24, 2024Updated last year

Alternatives and similar repositories for aws-guardduty-runbook-generator

Users that are interested in aws-guardduty-runbook-generator are comparing it to the libraries listed below

• invictus-ir / Invictus-AWS

  View on GitHub
  A tool for AWS incident response, that allows for enumeration, acquisition and analysis of data from AWS environments for the purpose of …
  ☆198Jan 6, 2026Updated 2 months ago
• BreakingMhet / honeyzure

  View on GitHub
  HoneyZure is a honeypot tool specifically designed for Azure environments, fully provisioned through Terraform. It leverages a Log Analyt…
  ☆17Jun 11, 2024Updated last year
• aquia-inc / scpkit

  View on GitHub
  SCP management tool
  ☆135Oct 23, 2023Updated 2 years ago
• zmallen / cloudtrail2sightings

  View on GitHub
  Convert cloudtrail data to MITRE ATT&CK Sightings
  ☆82Jul 25, 2022Updated 3 years ago
• primeharbor / sensitive_iam_actions

  View on GitHub
  Crowdsourced list of sensitive IAM Actions
  ☆159Oct 29, 2024Updated last year
• iKnowJavaScript / terraform-aws-vulne-soldier

  View on GitHub
  This Terraform module consists of the configuration for automating the remediation of AWS EC2 vulnerabilities using AWS Inspector finding…
  ☆50Jul 4, 2025Updated 8 months ago
• aws-samples / aws-customer-playbook-framework

  View on GitHub
  This repository provides sample templates for security playbooks against various scenarios when using Amazon Web Services.
  ☆649Updated this week
• messypoutine / gravy-overflow

  View on GitHub
  A GitHub Actions Supply Chain CTF / Goat
  ☆26Jan 6, 2026Updated 2 months ago
• grahamhelton / IMDSpoof

  View on GitHub
  IMDSPOOF is a cyber deception tool that spoofs the AWS IMDS service to return HoneyTokens that can be alerted on.
  ☆106Nov 24, 2023Updated 2 years ago
• aws-samples / generative-ai-to-build-a-devsecops-chatbot

  View on GitHub
  ☆13Nov 5, 2024Updated last year
• ovotech / cloud-key-rotator

  View on GitHub
  A Golang program to rotate AWS & GCP account keys
  ☆67May 12, 2025Updated 9 months ago
• daknhh / aws-orgtool

  View on GitHub
  Export / Import your AWS Organizational Structure and Policies - Attach & Validate your SCPs
  ☆26Oct 11, 2023Updated 2 years ago
• WhiteOakSecurity / GoAWSConsoleSpray

  View on GitHub
  Tool to spray AWS Console IAM Logins
  ☆35Jun 15, 2022Updated 3 years ago
• chainguard-dev / github-audit-alerter

  View on GitHub
  Slack alert bot for matching Github Audit Events
  ☆10Nov 12, 2024Updated last year
• globaldatanet / aws-firewall-factory

  View on GitHub
  Enhance the security of your web applications effortlessly with AWS Firewall Factory. Safeguard your valuable assets through seamless WAF…
  ☆254Nov 17, 2025Updated 3 months ago
• SecurityRunners / CloudCommotion

  View on GitHub
  Cloud Commotion intends to cause chaos to simulate security incidents
  ☆146Jun 18, 2024Updated last year
• matthewdfuller / safer-scps

  View on GitHub
  Safer AWS SCP deployments via real-time monitoring
  ☆56Sep 30, 2023Updated 2 years ago
• awslabs / threat-composer

  View on GitHub
  A simple threat modeling tool to help humans to reduce time-to-value when threat modeling
  ☆683Updated this week
• invictus-ir / aws-cheatsheet

  View on GitHub
  A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.
  ☆80Jan 6, 2026Updated 2 months ago
• RedSiege / SharpCollectionTemplate

  View on GitHub
  ☆14Sep 26, 2023Updated 2 years ago
• jdyke / gcp_iam_update_bot

  View on GitHub
  Tweets when new GCP IAM updates are found
  ☆13Updated this week
• caizencloud / caizen

  View on GitHub
  Harness the security superpowers of your cloud asset inventory
  ☆11Sep 22, 2024Updated last year
• aws-samples / aws-cfn-for-optimizing-aws-config-for-aws-security-hub

  View on GitHub
  AWS CloudFormation template to set up AWS Config to record only what’s needed for Security Hub.
  ☆13Jul 12, 2023Updated 2 years ago
• adanalvarez / TrailDiscover

  View on GitHub
  An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and secur…
  ☆174Feb 22, 2026Updated 2 weeks ago
• onemorepereira / aws-sso-reporter

  View on GitHub
  AWS SSO Reporter
  ☆55May 7, 2025Updated 10 months ago
• jatrost / awesome-detection-rules

  View on GitHub
  This is a collection of threat detection rules / rules engines that I have come across.
  ☆296May 5, 2024Updated last year
• welldone-cloud / aws-list-resources

  View on GitHub
  Uses the AWS Cloud Control API to list resources that are present in a given AWS account and region(s). Discovered resources are written …
  ☆182Dec 21, 2025Updated 2 months ago
• carlospolop / tfstate2IAM

  View on GitHub
  ☆13Mar 31, 2023Updated 2 years ago
• SecurityRunners / cloud-exposure-catalog

  View on GitHub
  A catalog of services that can be publicly exposed within different cloud providers.
  ☆14Aug 30, 2024Updated last year
• unknownhad / CloudIntel

  View on GitHub
  This repo contains IOC, malware and malware analysis associated with Public cloud
  ☆249Nov 11, 2024Updated last year
• ossf / scorecard-monitor

  View on GitHub
  Simplify OpenSSF Scorecard tracking in your organization with automated markdown and JSON reports, plus optional GitHub issue alerts
  ☆42Feb 28, 2026Updated last week
• welldone-cloud / aws-scps-for-sandbox-and-training-accounts

  View on GitHub
  Collection of example Service Control Policies (SCPs) that are useful for sandbox and training AWS accounts.
  ☆161Dec 22, 2025Updated 2 months ago
• DataDog / workload-security-evaluator

  View on GitHub
  ## Auto-archived due to inactivity. ## Tooling to simulate runtime attacks and test default runtime detections from Datadog Cloud Securit…
  ☆37Oct 17, 2024Updated last year
• Frichetten / aws-api-models

  View on GitHub
  A collection of documented and undocumented AWS API models
  ☆53Nov 21, 2025Updated 3 months ago
• cloudandthings / terraform-aws-clickops-notifier

  View on GitHub
  Get notified when actions are taken in the AWS Console.
  ☆330Jan 20, 2025Updated last year
• Permiso-io-tools / LogLicker

  View on GitHub
  Tool for obfuscating and deobfuscating data.
  ☆76Mar 20, 2024Updated last year
• aws-samples / network-access-analyzer-multi-account-analysis

  View on GitHub
  Identify all permitted data paths originating from the Internet to Network Interfaces within AWS Accounts across the entire AWS Organizat…
  ☆42Sep 19, 2023Updated 2 years ago
• gojek / CureIAM

  View on GitHub
  Clean accounts over permissions in GCP infra at scale
  ☆71May 9, 2023Updated 2 years ago
• jdyke / gcp-iam-analyzer

  View on GitHub
  Compares and analyzes GCP IAM roles.
  ☆78Mar 9, 2025Updated last year