prowler-cloud / prowler
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more
☆10,856Updated this week
Related projects ⓘ
Alternatives and complementary repositories for prowler
- Multi-Cloud Security Auditing Tool☆6,740Updated last month
- Cloud Security Posture Management (CSPM)☆3,358Updated this week
- List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.☆8,978Updated 3 weeks ago
- The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.☆4,399Updated this week
- Tfsec is now part of Trivy☆6,718Updated last month
- CloudMapper helps you analyze your Amazon Web Services (AWS) environments.☆6,005Updated 4 months ago
- Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resour…☆5,463Updated this week
- Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized repo…☆2,000Updated this week
- Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.☆4,767Updated last week
- Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more☆23,729Updated this week
- An encyclopedia for offensive and defensive security knowledge in cloud native technologies.☆1,729Updated this week
- Automating situational awareness for cloud penetration tests.☆1,955Updated last month
- Granular, Actionable Adversary Emulation for the Cloud☆1,829Updated last week
- A vulnerability scanner for container images and filesystems☆8,838Updated this week
- A tool for quickly evaluating IAM permissions in AWS.☆1,433Updated 3 months ago
- IAM Least Privilege Policy Generator☆2,015Updated this week
- Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powere…☆3,013Updated this week
- CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool☆2,974Updated last week
- PacBot (Policy as Code Bot)☆1,287Updated last year
- ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring su…☆960Updated this week
- Security auditing tool for AWS environments☆1,725Updated 5 years ago
- Cloud Native Runtime Security☆7,404Updated this week
- CLI tool and library for generating a Software Bill of Materials from container images and filesystems☆6,259Updated this week
- Hunt for security weaknesses in Kubernetes clusters☆4,764Updated 8 months ago
- DevSecOps, ASPM, Vulnerability Management. All on one platform.☆3,731Updated this week
- Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastruct…☆2,095Updated this week
- Zero-ETL, infinite possibilities. Live query APIs, code & more with SQL. No DB required.☆6,991Updated this week
- Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.☆1,144Updated last year