mitiga / log4shell-cloud-scanner
we are providing DevOps and security teams script to identify cloud workloads that may be vulnerable to the Log4j vulnerability(CVE-2021-44228) in their AWS account. The script enables security teams to identify external-facing AWS assets by running the exploit on them, and thus be able to map them and quickly patch them
☆13Updated 3 years ago
Alternatives and similar repositories for log4shell-cloud-scanner:
Users that are interested in log4shell-cloud-scanner are comparing it to the libraries listed below
- Sample code snippets for consuming the CloudSploit API☆13Updated last year
- Proof of Value Terraform Scripts to utilize Amazon Web Services (AWS) Security, Identity & Compliance Services to Support your AWS Accoun…☆16Updated 4 years ago
- Automated determination of which AWS services run where☆20Updated this week
- A terraform module to install the prerequisites for cloud-custodian☆10Updated last year
- BlackDuck GItHub Action☆9Updated 2 years ago
- Repository for lab materials for the Advanced Cloud Security and Applied DevSecOps training class.☆11Updated 5 years ago
- Policy Pipeline : place an SDLC around your compliance documentation with a pipeline that renders policy-as-code to human friendly format…☆11Updated 4 years ago
- Deceptive tradecraft should be fun and light, not stern and stressful. It is cool to be cute.☆13Updated last year
- A lambda function that checks your account for Public buckets and emails you whenever a new public s3 bucket is created☆15Updated 6 years ago
- The Auditree data gathering and reporting tool.☆13Updated 7 months ago
- A curated list of Cloud Security techniques and tools☆30Updated last year
- A multi scanner for docker images. It drives Clair, Anchore, Trivy, Snyk, Grype, AWS ECR scans and consolidates the results.☆14Updated last year
- Tools to make CI Packer builds awesome☆23Updated 9 months ago
- FSL Test bench - Ansible playbook repository to setup a save environment for security auditing and testing. It can be used for teaching s…☆29Updated 4 months ago
- OSCAL SSP content for technologies shipped by Red Hat☆15Updated 2 years ago
- Zerotier Chef CookbookUpdated last year
- A meta-database collecting resources that compile lists of breaches☆18Updated 5 months ago
- It tells you when you VPN☆13Updated 2 years ago
- Zsh and Vim on new Linux boxen.☆16Updated 2 years ago
- Your infrastructure is moving and so is your root of trust. This project helps to define a new control plane for locking down access and…☆9Updated 8 years ago
- DNSmetrics connects to your accounts at multiple managed DNS providers using their APIs and emits standardized metrics in statsd format f…☆14Updated 6 years ago
- Defensive S3 Bucket Squating☆30Updated 7 years ago
- GitOps for Teams (experimental hard fork of atlantis)☆14Updated 5 years ago
- S3Insights is a platform for efficiently deriving security insights about S3 data through metadata analysis☆12Updated 3 weeks ago
- Register your Kubernetes IPs to monitor.shodan.io☆18Updated 2 years ago
- all things awesome security☆12Updated 9 years ago
- Scan SSL based TCP services, ips, ports and network ranges to obtain certificate expiry data. Get automated alerts about certificates exp…☆29Updated 9 years ago
- ☆29Updated 2 months ago
- AWS container security survey 2020☆11Updated 4 years ago
- ☆25Updated last week