prowler-cloud / prowler
Prowler is an Open Cloud Security tool for AWS, Azure, GCP and Kubernetes. It helps for continuos monitoring, security assessments and audits, incident response, compliance, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more.
☆11,242Updated this week
Alternatives and similar repositories for prowler:
Users that are interested in prowler are comparing it to the libraries listed below
- Cloud Security Posture Management (CSPM)☆3,428Updated last week
- Multi-Cloud Security Auditing Tool☆6,940Updated 3 months ago
- List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.☆9,075Updated 3 months ago
- The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.☆4,538Updated 3 weeks ago
- Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized repo…☆2,042Updated this week
- Tfsec is now part of Trivy☆6,767Updated this week
- CloudMapper helps you analyze your Amazon Web Services (AWS) environments.☆6,066Updated 7 months ago
- A tool for quickly evaluating IAM permissions in AWS.☆1,453Updated 6 months ago
- Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powere…☆3,164Updated this week
- Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resour…☆5,558Updated this week
- CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool☆3,080Updated 3 weeks ago
- Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on p…☆4,626Updated 2 weeks ago
- Security auditing tool for AWS environments☆1,729Updated 6 years ago
- Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.☆4,837Updated 2 months ago
- IAM Least Privilege Policy Generator☆2,052Updated 2 weeks ago
- Granular, Actionable Adversary Emulation for the Cloud☆1,913Updated this week
- ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring su…☆976Updated this week
- Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more☆24,719Updated this week
- An encyclopedia for offensive and defensive security knowledge in cloud native technologies.☆1,808Updated last week
- Find, verify, and analyze leaked credentials☆18,111Updated this week
- Ultimate DevSecOps library☆5,904Updated 2 months ago
- Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.☆1,149Updated 2 years ago
- 🛡️ Awesome Cloud Security Resources ⚔️☆2,129Updated 3 months ago
- Scan for misconfigured S3 buckets across S3-compatible APIs!☆2,669Updated this week
- In-depth attack surface mapping and asset discovery☆12,476Updated this week
- Hunt for security weaknesses in Kubernetes clusters☆4,792Updated 11 months ago
- AWSGoat : A Damn Vulnerable AWS Infrastructure☆1,791Updated 2 weeks ago
- Automating situational awareness for cloud penetration tests.☆2,034Updated last month
- A tool for cleaning up your cloud accounts by nuking (deleting) all resources within it☆2,880Updated this week
- The developer first cloud governance platform☆6,009Updated this week