opendevsecops / terraform-aws-scanner
Terraform module which provides easy to configure AWS environment for running automated security scanning solutions at scheduled intervals.
☆44Updated 5 years ago
Related projects ⓘ
Alternatives and complementary repositories for terraform-aws-scanner
- Proof of Concept Zappa Based AWS Persistence and Attack Platform☆37Updated 4 years ago
- AppSecPipeline Specification for DevOps automation.☆38Updated last year
- 'Continuous' AWS perimeter monitoring: Periodically scan internet facing AWS resources to detect misconfigured services.☆62Updated 5 years ago
- Welcome to OpenDevSecOps! Our mission is to deliver highly-resilient, readily-available and free defensive and offensive devops security …☆21Updated 5 years ago
- Container Blackbox Security Auditing Tool: enumerates security configuration from within the target container☆103Updated 5 years ago
- Leverage the ability of Terraform and AWS or GCP to distribute large security scans across numerous cloud instances.☆91Updated last year
- A tool for testing continuous integration (CI) or continuous delivery (CD) system security☆23Updated 11 years ago
- 🏰 A Python script for AWS S3 bucket enumeration.☆53Updated 4 years ago
- Python module for evaluation of AWS account best practices around incident handling readieness.☆55Updated 4 years ago
- Updated incident response generator for training classes☆42Updated 3 years ago
- ☆28Updated 4 years ago
- Cloudformation Template and Lambda to detect if Instance Profile credentials are being used outside your AWS Account.☆28Updated 5 years ago
- CI Pipeline with Pixi, the WAF OWASP Core Rule Set and TestCafe tests.☆15Updated 3 years ago
- Research on the enumeration of IAM permissions without logging to CloudTrail☆60Updated 3 years ago
- Example detection of compromise credentials in AWS☆119Updated 6 years ago
- ☆65Updated 7 years ago
- Public tables and other research that can accept PRs. Please visit the web link.☆44Updated 5 years ago
- Content for 'JIRA Risk Project' book published at LeanPub☆56Updated 6 years ago
- ☆48Updated 4 years ago
- Core incident handling plugins for aws_ir cli, incident pony, and more.☆21Updated 6 years ago
- Tools for AWS forensics☆64Updated 8 years ago
- Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.☆74Updated 2 years ago
- Reapsaw is a continuous security devsecops tool, which helps in enabling security into CI/CD Pipeline. It supports coverage for multiple …☆41Updated 4 years ago
- Orchestron is an Application Vulnerability Management and Correlation Tool.Orchestron helps you solve one key problem "Find and fix vulne…☆31Updated 2 years ago
- Testing/collecting some container breakouts☆93Updated 5 years ago
- A tool for automatically gathering sensitive information from exposed Jenkins servers☆103Updated last year
- Tool to automate takeover of DigitalOcean Kubernetes cluster. Check out the blog post for more info.☆15Updated 5 years ago
- A simple file-based scanner to look for potential AWS access and secret keys in files☆89Updated 8 months ago
- ☆14Updated 7 years ago