mitiga / log4shell-cloud-scanner
we are providing DevOps and security teams script to identify cloud workloads that may be vulnerable to the Log4j vulnerability(CVE-2021-44228) in their AWS account. The script enables security teams to identify external-facing AWS assets by running the exploit on them, and thus be able to map them and quickly patch them
☆13Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for log4shell-cloud-scanner
- Automated determination of which AWS services run where☆20Updated this week
- Policy Pipeline : place an SDLC around your compliance documentation with a pipeline that renders policy-as-code to human friendly format…☆11Updated 4 years ago
- A terraform module to install the prerequisites for cloud-custodian☆10Updated 10 months ago
- Sample code snippets for consuming the CloudSploit API☆13Updated last year
- Tools to make CI Packer builds awesome☆23Updated 4 months ago
- Deceptive tradecraft should be fun and light, not stern and stressful. It is cool to be cute.☆13Updated 11 months ago
- Defensive S3 Bucket Squating☆30Updated 6 years ago
- ZAP Management Scripts☆21Updated this week
- ☆25Updated last week
- OSCAL SSP content for technologies shipped by Red Hat☆15Updated last year
- Looks for GitHub org users without 2FA turned on☆9Updated 8 years ago
- A curated list of Cloud Security techniques and tools☆30Updated last year
- Register your Kubernetes IPs to monitor.shodan.io☆18Updated 2 years ago
- DevSecOps Guide, located devsecops.pagerduty.com☆13Updated 2 years ago
- Wrapper for concurrent batch processing of testssl.sh commands☆13Updated 5 years ago
- Tool to tackle problematic dangling domains in Amazon Web Services.☆13Updated 7 years ago
- Create machine images containing the Nessus vulnerability scanner☆11Updated last week
- A Python, Boto3 script that leverages a forensic volume to attach & mount to a selected instance, run a memory dump, unmount and detach f…☆12Updated 4 years ago
- A low/zero interaction ssh authentication logging honeypot☆19Updated 3 months ago
- S3Insights is a platform for efficiently deriving security insights about S3 data through metadata analysis☆11Updated 2 months ago
- AWS Incident Response Kit (AIRK) - AWS Incident Response☆21Updated 4 years ago
- AWS container security survey 2020☆11Updated 3 years ago
- Proof of concept for vulnerability management of Docker containers☆16Updated 7 years ago
- ☆29Updated 3 years ago
- A meta-database collecting resources that compile lists of breaches☆18Updated last week
- Use SQL to instantly query file, domain, URL and IP scanning results from VirusTotal.☆22Updated 2 weeks ago
- The original AWS security enforcer™☆59Updated 5 years ago
- Hardened Windows Server image☆18Updated 5 years ago
- Synchronize AWS credential profiles from remote sources☆12Updated 3 months ago