riskprofiler / CloudFrontier

Related projects: ⓘ

• prisma-cloud / IAMFinder
  IAMFinder enumerates and finds users and IAM roles in a target AWS account.
  ☆107Updated 3 years ago
• appsecco / attacking-cloudgoat2
  A step-by-step walkthrough of CloudGoat 2.0 scenarios.
  ☆132Updated 4 years ago
• BishopFox / smogcloud
  Find cloud assets that no one wants exposed 🔎 ☁️
  ☆330Updated 4 years ago
• RyanJarv / awesome-cloud-sec
  Awesome list for cloud security related projects
  ☆70Updated last year
• mllamazares / STRIDE-vs-ASVS
  🖇️ STRIDE vs. ASVS equivalence table
  ☆74Updated 3 weeks ago
• darkarnium / perimeterator
  'Continuous' AWS perimeter monitoring: Periodically scan internet facing AWS resources to detect misconfigured services.
  ☆61Updated 5 years ago
• goldfiglabs / sgCheckup
  sgCheckup generates nmap output based on scanning your AWS Security Groups for unexpected open ports.
  ☆81Updated 3 years ago
• iknowjason / AriaCloud
  A Docker container for remote penetration testing.
  ☆132Updated 3 years ago
• amalmurali47 / onaws
  Fetch the details of assets hosted on AWS.
  ☆85Updated 9 months ago
• DigeeX / raider
  DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raider
  ☆138Updated 3 years ago
• lightspin-tech / red-shadow
  Lightspin AWS IAM Vulnerability Scanner
  ☆96Updated 3 years ago
• SygniaLabs / security-cloud-scout
  ☆133Updated last year
• faloker / purify
  All-in-one tool for managing vulnerability reports from AppSec pipelines
  ☆105Updated last year
• lightspin-tech / red-detector
  Scan your EC2 instance to find its vulnerabilities using Vuls (https://vuls.io/en/)
  ☆87Updated last year
• righteousgambit / quiet-riot
  Unauthenticated enumeration of AWS, Azure, and GCP Principals
  ☆196Updated 2 months ago
• disruptops / cred_scanner
  A simple file-based scanner to look for potential AWS access and secret keys in files
  ☆87Updated 6 months ago
• Hacking-the-Cloud / htc-ctfs
  Holds the public Hacking the Cloud CTFs.
  ☆50Updated 6 months ago
• salesforce / metabadger
  Prevent SSRF attacks on AWS EC2 via automated upgrades to the more secure Instance Metadata Service v2 (IMDSv2).
  ☆137Updated 6 months ago
• nccgroup / s3_objects_check
  Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.
  ☆74Updated 2 years ago
• PaperMtn / github-watchman
  Monitoring GitHub for sensitive data shared publicly
  ☆66Updated 2 years ago
• openraven / magpie
  A Cloud Security Posture Manager or CSPM with a focus on security analysis for the modern cloud stack and a focus on the emerging threat …
  ☆169Updated 3 weeks ago
• opendevsecops / guide-aws-hacking
  This is an offensive guide to securing AWS infrastructures. The hope is that by knowing how to take advantage of various types of AWS wea…
  ☆166Updated 5 years ago
• BishopFox / dufflebag
  Search exposed EBS volumes for secrets
  ☆278Updated last year
• BlazingWind / OWASP-ASVS-4.0-testing-guide
  ☆118Updated 10 months ago
• gojek / CureIAM
  Clean accounts over permissions in GCP infra at scale
  ☆70Updated last year
• koenrh / s3enum
  Fast and stealthy Amazon S3 bucket enumeration tool for pentesters.
  ☆215Updated 3 months ago
• duo-labs / appsec-education
  Presentations, training modules, and other education materials from Duo Security's Application Security team.
  ☆69Updated 3 years ago
• omaidf / PrismX
  Cloud Security Dashboard for AWS - based on ScoutSuite
  ☆0Updated last year
• ihamburglar / Redboto
  Red Team Scripts for AWS.
  ☆166Updated 4 years ago
• iknowjason / edge
  Recon tool for cloud provider attribution. Supports AWS, Azure, Google, Cloudflare, and Digital Ocean.
  ☆155Updated 3 weeks ago