Alternatives and similar repositories for aws-guardduty-runbook-generator

Users that are interested in aws-guardduty-runbook-generator are comparing it to the libraries listed below

• invictus-ir / Invictus-AWS

  View on GitHub
  A tool for AWS incident response, that allows for enumeration, acquisition and analysis of data from AWS environments for the purpose of …
  ☆198Jan 6, 2026Updated last month
• BreakingMhet / honeyzure

  View on GitHub
  HoneyZure is a honeypot tool specifically designed for Azure environments, fully provisioned through Terraform. It leverages a Log Analyt…
  ☆17Jun 11, 2024Updated last year
• aquia-inc / scpkit

  View on GitHub
  SCP management tool
  ☆135Oct 23, 2023Updated 2 years ago
• zmallen / cloudtrail2sightings

  View on GitHub
  Convert cloudtrail data to MITRE ATT&CK Sightings
  ☆82Jul 25, 2022Updated 3 years ago
• primeharbor / sensitive_iam_actions

  View on GitHub
  Crowdsourced list of sensitive IAM Actions
  ☆159Oct 29, 2024Updated last year
• iKnowJavaScript / terraform-aws-vulne-soldier

  View on GitHub
  This Terraform module consists of the configuration for automating the remediation of AWS EC2 vulnerabilities using AWS Inspector finding…
  ☆50Jul 4, 2025Updated 7 months ago
• aws-samples / aws-customer-playbook-framework

  View on GitHub
  This repository provides sample templates for security playbooks against various scenarios when using Amazon Web Services.
  ☆648Updated this week
• grahamhelton / IMDSpoof

  View on GitHub
  IMDSPOOF is a cyber deception tool that spoofs the AWS IMDS service to return HoneyTokens that can be alerted on.
  ☆106Nov 24, 2023Updated 2 years ago
• messypoutine / gravy-overflow

  View on GitHub
  A GitHub Actions Supply Chain CTF / Goat
  ☆27Jan 6, 2026Updated last month
• aws-samples / generative-ai-to-build-a-devsecops-chatbot

  View on GitHub
  ☆13Nov 5, 2024Updated last year
• ovotech / cloud-key-rotator

  View on GitHub
  A Golang program to rotate AWS & GCP account keys
  ☆67May 12, 2025Updated 9 months ago
• daknhh / aws-orgtool

  View on GitHub
  Export / Import your AWS Organizational Structure and Policies - Attach & Validate your SCPs
  ☆26Oct 11, 2023Updated 2 years ago
• WhiteOakSecurity / GoAWSConsoleSpray

  View on GitHub
  Tool to spray AWS Console IAM Logins
  ☆35Jun 15, 2022Updated 3 years ago
• chainguard-dev / github-audit-alerter

  View on GitHub
  Slack alert bot for matching Github Audit Events
  ☆10Nov 12, 2024Updated last year
• globaldatanet / aws-firewall-factory

  View on GitHub
  Enhance the security of your web applications effortlessly with AWS Firewall Factory. Safeguard your valuable assets through seamless WAF…
  ☆254Nov 17, 2025Updated 3 months ago
• SecurityRunners / CloudCommotion

  View on GitHub
  Cloud Commotion intends to cause chaos to simulate security incidents
  ☆145Jun 18, 2024Updated last year
• matthewdfuller / safer-scps

  View on GitHub
  Safer AWS SCP deployments via real-time monitoring
  ☆56Sep 30, 2023Updated 2 years ago
• awslabs / threat-composer

  View on GitHub
  A simple threat modeling tool to help humans to reduce time-to-value when threat modeling
  ☆671Updated this week
• invictus-ir / aws-cheatsheet

  View on GitHub
  A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.
  ☆80Jan 6, 2026Updated last month
• caizencloud / caizen

  View on GitHub
  Harness the security superpowers of your cloud asset inventory
  ☆11Sep 22, 2024Updated last year
• RedSiege / SharpCollectionTemplate

  View on GitHub
  ☆14Sep 26, 2023Updated 2 years ago
• aws-samples / aws-cfn-for-optimizing-aws-config-for-aws-security-hub

  View on GitHub
  AWS CloudFormation template to set up AWS Config to record only what’s needed for Security Hub.
  ☆13Jul 12, 2023Updated 2 years ago
• adanalvarez / TrailDiscover

  View on GitHub
  An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and secur…
  ☆172Feb 8, 2026Updated last week
• welldone-cloud / aws-list-resources

  View on GitHub
  Uses the AWS Cloud Control API to list resources that are present in a given AWS account and region(s). Discovered resources are written …
  ☆182Dec 21, 2025Updated last month
• SecurityRunners / cloud-exposure-catalog

  View on GitHub
  A catalog of services that can be publicly exposed within different cloud providers.
  ☆14Aug 30, 2024Updated last year
• carlospolop / tfstate2IAM

  View on GitHub
  ☆13Mar 31, 2023Updated 2 years ago
• unknownhad / CloudIntel

  View on GitHub
  This repo contains IOC, malware and malware analysis associated with Public cloud
  ☆249Nov 11, 2024Updated last year
• welldone-cloud / aws-scps-for-sandbox-and-training-accounts

  View on GitHub
  Collection of example Service Control Policies (SCPs) that are useful for sandbox and training AWS accounts.
  ☆161Dec 22, 2025Updated last month
• DataDog / workload-security-evaluator

  View on GitHub
  ## Auto-archived due to inactivity. ## Tooling to simulate runtime attacks and test default runtime detections from Datadog Cloud Securit…
  ☆37Oct 17, 2024Updated last year
• cloudandthings / terraform-aws-clickops-notifier

  View on GitHub
  Get notified when actions are taken in the AWS Console.
  ☆330Jan 20, 2025Updated last year
• Frichetten / aws-api-models

  View on GitHub
  A collection of documented and undocumented AWS API models
  ☆53Nov 21, 2025Updated 2 months ago
• Permiso-io-tools / LogLicker

  View on GitHub
  Tool for obfuscating and deobfuscating data.
  ☆75Mar 20, 2024Updated last year
• aws-samples / network-access-analyzer-multi-account-analysis

  View on GitHub
  Identify all permitted data paths originating from the Internet to Network Interfaces within AWS Accounts across the entire AWS Organizat…
  ☆42Sep 19, 2023Updated 2 years ago
• gojek / CureIAM

  View on GitHub
  Clean accounts over permissions in GCP infra at scale
  ☆71May 9, 2023Updated 2 years ago
• austinsonger / Elastic-Security

  View on GitHub
  Repo for Automations and other solutions for Elastic SIEM/Security.
  ☆18Jun 15, 2021Updated 4 years ago
• primeharbor / pht-awsbackup-management

  View on GitHub
  Scripts and IaC to create a ransomware resilient AWS Backup System
  ☆17Sep 5, 2023Updated 2 years ago
• jdyke / gcp-iam-analyzer

  View on GitHub
  Compares and analyzes GCP IAM roles.
  ☆78Mar 9, 2025Updated 11 months ago
• FogSecurity / aws-encryption-tracker

  View on GitHub
  Tracker for Encryption by Default for AWS Resources
  ☆14Apr 10, 2025Updated 10 months ago
• aws-samples / iam-access-key-report

  View on GitHub
  ☆21Apr 17, 2023Updated 2 years ago