riskprofiler / CloudFrontier
Monitor the internet attack surface of various public cloud environments. Currently supports AWS, GCP, Azure, DigitalOcean and Oracle Cloud.
โ120Updated 7 months ago
Related projects โ
Alternatives and complementary repositories for CloudFrontier
- Find cloud assets that no one wants exposed ๐ โ๏ธโ332Updated 4 years ago
- IAMFinder enumerates and finds users and IAM roles in a target AWS account.โ109Updated 4 years ago
- A step-by-step walkthrough of CloudGoat 2.0 scenarios.โ133Updated 4 years ago
- A Docker container for remote penetration testing.โ133Updated 3 years ago
- 'Continuous' AWS perimeter monitoring: Periodically scan internet facing AWS resources to detect misconfigured services.โ62Updated 5 years ago
- Monitoring GitHub for sensitive data shared publiclyโ66Updated 2 years ago
- ๐๏ธ STRIDE vs. ASVS equivalence tableโ75Updated 2 months ago
- Cloud Security Operations Orchestratorโ182Updated 7 months ago
- Lightspin AWS IAM Vulnerability Scannerโ96Updated 3 years ago
- Scan your EC2 instance to find its vulnerabilities using Vuls (https://vuls.io/en/)โ87Updated 2 years ago
- All-in-one tool for managing vulnerability reports from AppSec pipelinesโ105Updated last year
- sgCheckup generates nmap output based on scanning your AWS Security Groups for unexpected open ports.โ81Updated 3 years ago
- A simple file-based scanner to look for potential AWS access and secret keys in filesโ89Updated 8 months ago
- Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.โ74Updated 2 years ago
- FestIn - Open S3 Bucket Scannerโ230Updated 3 years ago
- Fetch the details of assets hosted on AWS.โ86Updated 11 months ago
- โ133Updated last year
- This is an offensive guide to securing AWS infrastructures. The hope is that by knowing how to take advantage of various types of AWS weaโฆโ168Updated 5 years ago
- Route53/CloudFront Vulnerability Assessment Utilityโ84Updated last year
- Prevent SSRF attacks on AWS EC2 via automated upgrades to the more secure Instance Metadata Service v2 (IMDSv2).โ138Updated 8 months ago
- SyntheticSun is a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, manโฆโ76Updated 3 years ago
- ๐งฎ An online calculator to assess the risk of web vulnerabilities based on OWASP Risk Assessmentโ151Updated 3 years ago
- Tools for AWS forensicsโ64Updated 8 years ago
- Unauthenticated enumeration of AWS, Azure, and GCP Principalsโ203Updated last week
- DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raiderโ138Updated 3 years ago
- Cloud Security Dashboard for AWS - based on ScoutSuiteโ0Updated last year
- Automated Attack Simulation in the Cloud, complete with detection use cases.โ499Updated this week
- ThreatModel for Amazon S3 - Library of all the attack scenarios on Amazon S3, and how to mitigate them following a risk-based approachโ151Updated last year
- Holds the public Hacking the Cloud CTFs.โ49Updated 8 months ago
- Scans Slack for API tokens, credentials, passwords, and more using YARA rulesโ38Updated 3 years ago