prowler-cloud / prowler
Prowler is an Open Cloud Security Platform for AWS, Azure, GCP, Kubernetes, M365 and more. It helps for continuos monitoring, security assessments and audits, incident response, compliance, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, ENS and more
☆11,582Updated this week
Alternatives and similar repositories for prowler:
Users that are interested in prowler are comparing it to the libraries listed below
- List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.☆9,174Updated 6 months ago
- Multi-Cloud Security Auditing Tool☆7,129Updated 5 months ago
- Cloud Security Posture Management (CSPM)☆3,510Updated last week
- CloudMapper helps you analyze your Amazon Web Services (AWS) environments.☆6,138Updated 9 months ago
- The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.☆4,684Updated last month
- Tfsec is now part of Trivy☆6,814Updated last week
- Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized repo…☆2,080Updated last week
- CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool☆3,200Updated last week
- Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resour…☆5,655Updated this week
- Granular, Actionable Adversary Emulation for the Cloud☆1,997Updated last week
- Ultimate DevSecOps library☆6,020Updated 5 months ago
- Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.☆4,923Updated this week
- IAM Least Privilege Policy Generator☆2,080Updated last week
- Automating situational awareness for cloud penetration tests.☆2,102Updated last month
- A tool for quickly evaluating IAM permissions in AWS.☆1,485Updated 9 months ago
- An encyclopedia for offensive and defensive security knowledge in cloud native technologies.☆2,071Updated this week
- Hunt for security weaknesses in Kubernetes clusters☆4,853Updated last year
- A vault for securely storing and accessing AWS credentials in development environments☆8,713Updated 9 months ago
- ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring su…☆989Updated this week
- A vulnerability scanner for container images and filesystems☆9,800Updated this week
- Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powere…☆3,355Updated this week
- Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark☆7,423Updated this week
- DevSecOps, ASPM, Vulnerability Management. All on one platform.☆3,992Updated this week
- [Node, Python, Java] Repository of sample Custom Rules for AWS Config.☆1,686Updated last month
- Curated list of resources on HashiCorp's Terraform and OpenTofu☆5,855Updated 3 weeks ago
- Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.☆1,159Updated 2 years ago
- Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastruct…☆2,285Updated this week
- Generate an IAM policy from AWS, Azure, or Google Cloud (GCP) calls using client-side monitoring (CSM) or embedded proxy☆3,247Updated last week
- Nuke a whole AWS account and delete all its resources.☆5,768Updated 6 months ago
- Zero-ETL, infinite possibilities. Live query APIs, code & more with SQL. No DB required.☆7,301Updated this week