easttimor/aws-incident-response external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

easttimor/aws-incident-response

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/easttimor/aws-incident-response)

Close

easttimor / aws-incident-responseView on GitHubMore

• External links
• Readme badge

☆377Feb 23, 2024Updated 2 years ago

Alternatives and similar repositories for aws-incident-response

Users that are interested in aws-incident-response are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• duo-labs / cloudtrail-partitioner

  View on GitHub
  ☆159Jul 8, 2023Updated 2 years ago
• aws-samples / aws-incident-response-playbooks

  View on GitHub
  ☆1,057Apr 12, 2026Updated last month
• invictus-ir / Sigma-AWS

  View on GitHub
  This repository contains the research and components of our research into using Sigma for AWS Incident Response.
  ☆31Jul 12, 2023Updated 2 years ago
• zmallen / cloudtrail2sightings

  View on GitHub
  Convert cloudtrail data to MITRE ATT&CK Sightings
  ☆82Jul 25, 2022Updated 3 years ago
• duo-labs / cloudtracker

  View on GitHub
  CloudTracker helps you find over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies.
  ☆912Dec 17, 2021Updated 4 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• Netflix-Skunkworks / aws-credential-compromise-detection

  View on GitHub
  Example detection of compromise credentials in AWS
  ☆122Aug 6, 2018Updated 7 years ago
• adanalvarez / TrailDiscover

  View on GitHub
  An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and secur…
  ☆174Mar 11, 2026Updated 2 months ago
• SummitRoute / aws_exposable_resources

  View on GitHub
  Resource types that can be publicly exposed on AWS
  ☆332Feb 23, 2022Updated 4 years ago
• ReversecLabs / leonidas

  View on GitHub
  Automated Attack Simulation in the Cloud, complete with detection use cases.
  ☆613Nov 28, 2024Updated last year
• salesforce / cloudsplaining

  View on GitHub
  Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized repo…
  ☆2,219Updated this week
• nccgroup / PMapper

  View on GitHub
  A tool for quickly evaluating IAM permissions in AWS.
  ☆1,557Aug 2, 2024Updated last year
• ramimac / aws-customer-security-incidents

  View on GitHub
  A repository of breaches of AWS customers
  ☆804Updated this week
• andrewkrug / securing-the-cloud-supplemental

  View on GitHub
  Supplemental templates for securing the cloud.
  ☆37Mar 29, 2026Updated 2 months ago
• joshlarsen / aws-recon

  View on GitHub
  Multi-threaded AWS inventory collection tool with a focus on security-relevant resources and metadata.
  ☆555Jul 13, 2025Updated 10 months ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• tenable / access-undenied-aws

  View on GitHub
  Access Undenied parses AWS AccessDenied CloudTrail events, explains the reasons for them, and offers actionable remediation steps. Open-s…
  ☆271Apr 13, 2026Updated last month
• SWO-GS / athena-cloudtrail-partitioner

  View on GitHub
  Automate the daily partitioning of your CloudTrail bucket in Athena
  ☆28Oct 19, 2023Updated 2 years ago
• awslabs / aws-automated-incident-response-and-forensics

  View on GitHub
  ☆403Sep 25, 2023Updated 2 years ago
• willbengtson / trailblazer-aws

  View on GitHub
  Blazing CloudTrail since 2018
  ☆138Jan 27, 2019Updated 7 years ago
• Netflix-Skunkworks / cloudtrail-anomaly

  View on GitHub
  ☆83Dec 5, 2019Updated 6 years ago
• awslabs / aws-security-analytics-bootstrap

  View on GitHub
  AWS Security Analytics Bootstrap enables customers to perform security investigations on AWS service logs by providing an Amazon Athena a…
  ☆276Updated this week
• disruptops / resource-counter

  View on GitHub
  This command line tool counts the number of resources in different categories across Amazon regions.
  ☆57Dec 17, 2019Updated 6 years ago
• flosell / trailscraper

  View on GitHub
  A command-line tool to get valuable information out of AWS CloudTrail
  ☆834May 19, 2026Updated last week
• amrandazz / attack-guardduty-navigator

  View on GitHub
  A MITRE ATT&CK Navigator export for AWS GuardDuty Findings
  ☆138Jul 23, 2021Updated 4 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• andrewkrug / fargate-ir

  View on GitHub
  Proof of concept incident response demo using SSM and AWS Fargate.
  ☆15Dec 5, 2019Updated 6 years ago
• crypsisgroup / ebs-direct-sec-tools

  View on GitHub
  Fun tools around the EBS Direct API
  ☆20Apr 16, 2021Updated 5 years ago
• salesforce / aws-allowlister

  View on GitHub
  Automatically compile an AWS Service Control Policy that ONLY allows AWS services that are compliant with your preferred compliance frame…
  ☆224Aug 11, 2023Updated 2 years ago
• DataDog / stratus-red-team

  View on GitHub
  Granular, Actionable Adversary Emulation for the Cloud
  ☆2,326May 21, 2026Updated last week
• google / cloud-forensics-utils

  View on GitHub
  Python library to carry out DFIR analysis on the Cloud
  ☆503May 19, 2026Updated last week
• SecurityRunners / cloud-exposure-catalog

  View on GitHub
  A catalog of services that can be publicly exposed within different cloud providers.
  ☆14Aug 30, 2024Updated last year
• alsmola / cloudtrail-parquet-glue

  View on GitHub
  Glue workflow to convert CloudTrail logs to Athena-friendly Parquet format
  ☆47Apr 25, 2024Updated 2 years ago
• duo-labs / parliament

  View on GitHub
  AWS IAM linting library
  ☆1,118Jan 7, 2026Updated 4 months ago
• ReversecLabs / awspx

  View on GitHub
  A graph-based tool for visualizing effective access and resource relationships in AWS environments.
  ☆1,005Oct 4, 2022Updated 3 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• primeharbor / sensitive_iam_actions

  View on GitHub
  Crowdsourced list of sensitive IAM Actions
  ☆159Oct 29, 2024Updated last year
• toniblyx / my-arsenal-of-aws-security-tools

  View on GitHub
  List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
  ☆9,453Apr 17, 2026Updated last month
• turnerlabs / antiope

  View on GitHub
  AWS Inventory and Compliance Framework
  ☆224Jul 12, 2023Updated 2 years ago
• jonrau1 / ElectricEye

  View on GitHub
  ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring su…
  ☆1,040Feb 9, 2026Updated 3 months ago
• panther-labs / panther-analysis

  View on GitHub
  Built-in Panther detection rules and policies
  ☆452May 22, 2026Updated last week
• ThreatResponse / aws_ir

  View on GitHub
  Python installable command line utiltity for mitigation of host and key compromises.
  ☆344Jul 23, 2021Updated 4 years ago
• awslabs / aws-security-automation

  View on GitHub
  Collection of scripts and resources for DevSecOps and Automated Incident Response Security
  ☆633Jan 14, 2026Updated 4 months ago