paulveillard / cybersecurity-aws-tools
An ongoing collection of of AWS tools, frameworks, libraries, learning tutorials for InfoSec and security professionals
☆21Updated 2 years ago
Related projects: ⓘ
- A collection of awesome tools, software, libraries, learning tutorials & videos, frameworks, best practices and technical resources abou…☆45Updated last year
- AWS Incident Response Kit (AIRK) - AWS Incident Response☆21Updated 4 years ago
- AWSATT&CK adds MITRE ATT&CK context and additional logging capabilities to Rhino Security Labs's open-source AWS exploitation framework, …☆45Updated 3 years ago
- This repository contains the research and components of our research into using Sigma for AWS Incident Response.☆21Updated last year
- CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.☆28Updated 2 years ago
- ☆37Updated 8 months ago
- Generates runbooks for GuardDuty findings☆34Updated 2 months ago
- Clean accounts over permissions in GCP infra at scale☆70Updated last year
- ☆35Updated 5 months ago
- Convert cloudtrail data to MITRE ATT&CK Sightings☆77Updated 2 years ago
- Knowledge Report Alert & Normalization Generator☆27Updated 6 months ago
- Tooling to simulate runtime attacks and test default runtime detections from Datadog Cloud Security Management.☆29Updated 5 months ago
- A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.☆58Updated 4 months ago
- An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites…☆53Updated last year
- Public repository of all things cloud security.☆31Updated 3 weeks ago
- Holds the public Hacking the Cloud CTFs.☆50Updated 6 months ago
- Nextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrix☆55Updated last year
- Independently deploy customized honeyservices in AWS to trigger alerts on unauthorized access. It utilizes a dedicated CloudTrail for pre…☆42Updated 4 months ago
- A Python, Boto3 script that leverages a forensic volume to attach & mount to a selected instance, run a memory dump, unmount and detach f…☆11Updated 4 years ago
- 'Continuous' AWS perimeter monitoring: Periodically scan internet facing AWS resources to detect misconfigured services.☆61Updated 5 years ago
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…☆82Updated 8 months ago
- https://breaches.cloud☆36Updated 2 months ago
- Visualize your Terraform files☆34Updated 4 years ago
- Identify all permitted data paths originating from the Internet to Network Interfaces within AWS Accounts across the entire AWS Organizat…☆35Updated last year
- IMDSPOOF is a cyber deception tool that spoofs the AWS IMDS service to return HoneyTokens that can be alerted on.☆91Updated 9 months ago
- A POC to implement Detection-as-Code with Terraform and Sumo Logic.☆25Updated last year
- Updated incident response generator for training classes☆41Updated 3 years ago
- sgCheckup generates nmap output based on scanning your AWS Security Groups for unexpected open ports.☆81Updated 3 years ago
- ☆66Updated 3 months ago
- SyntheticSun is a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, man…☆76Updated 3 years ago