mitiga / log4shell-cloud-scanner
we are providing DevOps and security teams script to identify cloud workloads that may be vulnerable to the Log4j vulnerability(CVE-2021-44228) in their AWS account. The script enables security teams to identify external-facing AWS assets by running the exploit on them, and thus be able to map them and quickly patch them
☆13Updated 3 years ago
Alternatives and similar repositories for log4shell-cloud-scanner:
Users that are interested in log4shell-cloud-scanner are comparing it to the libraries listed below
- Policy Pipeline : place an SDLC around your compliance documentation with a pipeline that renders policy-as-code to human friendly format…☆11Updated 4 years ago
- The Auditree data gathering and reporting tool.☆13Updated 5 months ago
- OSCAL SSP content for technologies shipped by Red Hat☆15Updated last year
- Sample code snippets for consuming the CloudSploit API☆13Updated last year
- Zsh and Vim on new Linux boxen.☆16Updated 2 years ago
- Proof of Value Terraform Scripts to utilize Amazon Web Services (AWS) Security, Identity & Compliance Services to Support your AWS Accoun…☆15Updated 4 years ago
- A terraform module to install the prerequisites for cloud-custodian☆10Updated last year
- ZAP Management Scripts☆21Updated last week
- Automated determination of which AWS services run where☆20Updated last week
- InSpec Profile to validate the secure configuration of aws-rds-infrastructure-cis-baseline, against CIS's Amazon Web Services Three-tier …☆14Updated 2 years ago
- Defensive S3 Bucket Squating☆30Updated 7 years ago
- Tools to make CI Packer builds awesome☆23Updated 7 months ago
- Zerotier Chef CookbookUpdated 11 months ago
- AWS container security survey 2020☆11Updated 4 years ago
- Ansible based WSL windows developer environment bootstrap☆10Updated this week
- Packer.io Scripts to build the SIFT VM(s)☆11Updated 4 years ago
- Your infrastructure is moving and so is your root of trust. This project helps to define a new control plane for locking down access and…☆9Updated 8 years ago
- Darkbit Cloud Security Tools☆25Updated 4 years ago
- Deceptive tradecraft should be fun and light, not stern and stressful. It is cool to be cute.☆13Updated last year
- A Security Results Viewer for the web with storage, teams and history☆35Updated 2 years ago
- Repository for lab materials for the Advanced Cloud Security and Applied DevSecOps training class.☆11Updated 5 years ago
- A lambda function that checks your account for Public buckets and emails you whenever a new public s3 bucket is created☆14Updated 6 years ago
- Automatically close AWS Accounts when moved to a specific Organizational Unit, such as SuspendedOU or ToBeDeletedOU or BlackHole 😛☆14Updated 2 years ago
- Wrapper for concurrent batch processing of testssl.sh commands☆13Updated 5 years ago
- A firewall penetration testing tool suite.☆11Updated 7 years ago
- ☆29Updated 3 years ago
- GitOps for Teams (experimental hard fork of atlantis)☆14Updated 5 years ago
- Core incident handling plugins for aws_ir cli, incident pony, and more.☆21Updated 6 years ago
- A collection of reusable GitHub Actions for the Ministry of Justice, designed to streamline and enhance workflows across our projects. • …☆17Updated 2 weeks ago
- Training scenarios for cyber ranges☆11Updated 4 years ago