easttimor/aws-incident-response external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

easttimor/aws-incident-response

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/easttimor/aws-incident-response)

Close

easttimor / aws-incident-responseView on GitHubMore

• External links
• Readme badge

☆376Feb 23, 2024Updated 2 years ago

Alternatives and similar repositories for aws-incident-response

Users that are interested in aws-incident-response are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• duo-labs / cloudtrail-partitioner

  View on GitHub
  ☆159Jul 8, 2023Updated 2 years ago
• aws-samples / aws-incident-response-playbooks

  View on GitHub
  ☆1,054Updated this week
• invictus-ir / Sigma-AWS

  View on GitHub
  This repository contains the research and components of our research into using Sigma for AWS Incident Response.
  ☆31Jul 12, 2023Updated 2 years ago
• zmallen / cloudtrail2sightings

  View on GitHub
  Convert cloudtrail data to MITRE ATT&CK Sightings
  ☆82Jul 25, 2022Updated 3 years ago
• duo-labs / cloudtracker

  View on GitHub
  CloudTracker helps you find over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies.
  ☆912Dec 17, 2021Updated 4 years ago
• Serverless GPU API endpoints on Runpod - Bonus Credits • Ad
  Skip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
• Netflix-Skunkworks / aws-credential-compromise-detection

  View on GitHub
  Example detection of compromise credentials in AWS
  ☆122Aug 6, 2018Updated 7 years ago
• adanalvarez / TrailDiscover

  View on GitHub
  An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and secur…
  ☆175Mar 11, 2026Updated last month
• SummitRoute / aws_exposable_resources

  View on GitHub
  Resource types that can be publicly exposed on AWS
  ☆331Feb 23, 2022Updated 4 years ago
• ReversecLabs / leonidas

  View on GitHub
  Automated Attack Simulation in the Cloud, complete with detection use cases.
  ☆613Nov 28, 2024Updated last year
• salesforce / cloudsplaining

  View on GitHub
  Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized repo…
  ☆2,202Apr 11, 2026Updated last week
• nccgroup / PMapper

  View on GitHub
  A tool for quickly evaluating IAM permissions in AWS.
  ☆1,551Aug 2, 2024Updated last year
• ramimac / aws-customer-security-incidents

  View on GitHub
  A repository of breaches of AWS customers
  ☆802Mar 30, 2026Updated 2 weeks ago
• joshlarsen / aws-recon

  View on GitHub
  Multi-threaded AWS inventory collection tool with a focus on security-relevant resources and metadata.
  ☆552Jul 13, 2025Updated 9 months ago
• andrewkrug / securing-the-cloud-supplemental

  View on GitHub
  Supplemental templates for securing the cloud.
  ☆36Mar 29, 2026Updated 2 weeks ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• tenable / access-undenied-aws

  View on GitHub
  Access Undenied parses AWS AccessDenied CloudTrail events, explains the reasons for them, and offers actionable remediation steps. Open-s…
  ☆268Updated this week
• awslabs / aws-automated-incident-response-and-forensics

  View on GitHub
  ☆400Sep 25, 2023Updated 2 years ago
• SWO-GS / athena-cloudtrail-partitioner

  View on GitHub
  Automate the daily partitioning of your CloudTrail bucket in Athena
  ☆28Oct 19, 2023Updated 2 years ago
• andrewkrug / fargate-ir

  View on GitHub
  Proof of concept incident response demo using SSM and AWS Fargate.
  ☆14Dec 5, 2019Updated 6 years ago
• willbengtson / trailblazer-aws

  View on GitHub
  Blazing CloudTrail since 2018
  ☆138Jan 27, 2019Updated 7 years ago
• Netflix-Skunkworks / cloudtrail-anomaly

  View on GitHub
  ☆83Dec 5, 2019Updated 6 years ago
• disruptops / resource-counter

  View on GitHub
  This command line tool counts the number of resources in different categories across Amazon regions.
  ☆58Dec 17, 2019Updated 6 years ago
• flosell / trailscraper

  View on GitHub
  A command-line tool to get valuable information out of AWS CloudTrail
  ☆833Updated this week
• amrandazz / attack-guardduty-navigator

  View on GitHub
  A MITRE ATT&CK Navigator export for AWS GuardDuty Findings
  ☆139Jul 23, 2021Updated 4 years ago
• Bare Metal GPUs on DigitalOcean Gradient AI • Ad
  Purpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
• awslabs / aws-security-analytics-bootstrap

  View on GitHub
  AWS Security Analytics Bootstrap enables customers to perform security investigations on AWS service logs by providing an Amazon Athena a…
  ☆273Updated this week
• crypsisgroup / ebs-direct-sec-tools

  View on GitHub
  Fun tools around the EBS Direct API
  ☆20Apr 16, 2021Updated 5 years ago
• DataDog / stratus-red-team

  View on GitHub
  Granular, Actionable Adversary Emulation for the Cloud
  ☆2,292Apr 9, 2026Updated last week
• salesforce / aws-allowlister

  View on GitHub
  Automatically compile an AWS Service Control Policy that ONLY allows AWS services that are compliant with your preferred compliance frame…
  ☆224Aug 11, 2023Updated 2 years ago
• google / cloud-forensics-utils

  View on GitHub
  Python library to carry out DFIR analysis on the Cloud
  ☆502Apr 7, 2026Updated last week
• SecurityRunners / cloud-exposure-catalog

  View on GitHub
  A catalog of services that can be publicly exposed within different cloud providers.
  ☆14Aug 30, 2024Updated last year
• alsmola / cloudtrail-parquet-glue

  View on GitHub
  Glue workflow to convert CloudTrail logs to Athena-friendly Parquet format
  ☆48Apr 25, 2024Updated last year
• duo-labs / parliament

  View on GitHub
  AWS IAM linting library
  ☆1,113Jan 7, 2026Updated 3 months ago
• ReversecLabs / awspx

  View on GitHub
  A graph-based tool for visualizing effective access and resource relationships in AWS environments.
  ☆1,002Oct 4, 2022Updated 3 years ago
• Serverless GPU API endpoints on Runpod - Bonus Credits • Ad
  Skip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
• primeharbor / sensitive_iam_actions

  View on GitHub
  Crowdsourced list of sensitive IAM Actions
  ☆159Oct 29, 2024Updated last year
• toniblyx / my-arsenal-of-aws-security-tools

  View on GitHub
  List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
  ☆9,431Oct 16, 2025Updated 6 months ago
• turnerlabs / antiope

  View on GitHub
  AWS Inventory and Compliance Framework
  ☆224Jul 12, 2023Updated 2 years ago
• jonrau1 / ElectricEye

  View on GitHub
  ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring su…
  ☆1,036Feb 9, 2026Updated 2 months ago
• panther-labs / panther-analysis

  View on GitHub
  Built-in Panther detection rules and policies
  ☆446Apr 10, 2026Updated last week
• awslabs / aws-security-automation

  View on GitHub
  Collection of scripts and resources for DevSecOps and Automated Incident Response Security
  ☆634Jan 14, 2026Updated 3 months ago
• ThreatResponse / aws_ir

  View on GitHub
  Python installable command line utiltity for mitigation of host and key compromises.
  ☆346Jul 23, 2021Updated 4 years ago