mitre / aws-rds-infrastructure-cis-baseline
InSpec Profile to validate the secure configuration of aws-rds-infrastructure-cis-baseline, against CIS's Amazon Web Services Three-tier Web Architecture Benchmark V1.0.0
☆13Updated 2 years ago
Related projects: ⓘ
- Simple tool to identify and remediate the use of the AWS EC2 IMDSv1.☆16Updated 3 years ago
- AWS Incident Response Kit (AIRK) - AWS Incident Response☆21Updated 4 years ago
- Security Alert Decoration☆25Updated 4 months ago
- A meta-database collecting resources that compile lists of breaches☆17Updated 5 months ago
- Common Golang Packages for use by the Various Cloud Nuke Tools☆22Updated last week
- DEPRECATED: A set of utilities for converting and working with compliance data for viewing in the heimdall applications☆35Updated 2 years ago
- CdkGoat is Bridgecrew's "Vulnerable by Design" AWS CDK repository. CdkGoat is a learning and training project that demonstrates how commo…☆43Updated last year
- Fun tools around the EBS Direct API☆17Updated 3 years ago
- OSCAL SSP content for technologies shipped by Red Hat☆15Updated last year
- Slack alert bot for matching Github Audit Events☆10Updated 3 weeks ago
- Offensive Terraform Website☆44Updated 3 years ago
- Knowledge Report Alert & Normalization Generator☆27Updated 6 months ago
- Decision trees generated via Graphviz to inform pragmatic threat modelling.☆10Updated 3 years ago
- CDK app to setup an isolated AWS network to experiment with ways of exfiltrating data☆18Updated 2 years ago
- ☆13Updated last month
- S3Insights is a platform for efficiently deriving security insights about S3 data through metadata analysis☆11Updated 2 weeks ago
- A toolset to juggle AWS roles for persistent access☆47Updated last month
- CloudSplaining on AWS Managed Policies☆41Updated this week
- notes on configuring aws organizations☆11Updated 7 years ago
- Defending IaaS with ATT&CK is a project to create a collection of ATT&CK techniques relevant to a Linux IaaS environment, as well as a me…☆13Updated 6 months ago
- An implementation of infrastructure-as-code scanning using dynamic tooling.☆56Updated 2 years ago
- A set of AWS resources for testing the Log4Shell vulnerability, deployable with terraform☆12Updated 2 years ago
- Automated determination of which AWS services run where☆20Updated this week
- Darkbit Cloud Security Tools☆25Updated 3 years ago
- Updated incident response generator for training classes☆41Updated 3 years ago
- Vulnerable Kustomize Kubernetes templates for training and education☆47Updated 2 years ago
- Super-powered know how tools for AWS and GCP cloud security☆14Updated last year
- Manage GuardDuty At Enterprise Scale☆22Updated 4 years ago
- Visualize your Terraform files☆34Updated 4 years ago
- A Python, Boto3 script that leverages a forensic volume to attach & mount to a selected instance, run a memory dump, unmount and detach f…☆11Updated 4 years ago