rmkanda / toolsLinks
Curated list of security tools
☆68Updated last year
Alternatives and similar repositories for tools
Users that are interested in tools are comparing it to the libraries listed below
Sorting:
- Ansible/Vagrant/Packer files to create a virtual machine with the tooling needed to perform cloud security assessments☆143Updated 9 months ago
- Holds the public Hacking the Cloud CTFs.☆59Updated last year
- Clean accounts over permissions in GCP infra at scale☆71Updated 2 years ago
- KaiMonkey provides vulnerable infrastructure as code (IaC) to help explore and understand common cloud security threats exposed via IaC.☆105Updated last year
- MetaHub is an automated contextual security findings enrichment and impact evaluation tool for vulnerability management.☆175Updated last week
- Container 📦 Security 🔐 Best Practices Checklist 📋 & Slides☆68Updated 5 years ago
- A simple tool to audit your AWS/GCP infrastructure for misconfiguration or potential security issues with plugins integration☆332Updated 3 weeks ago
- Test & Compare different Kubernetes security offerings on EKS, GKE and AKS☆40Updated last year
- OWASP Foundation Web Respository☆99Updated 2 weeks ago
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …☆67Updated 4 months ago
- ☆140Updated 3 weeks ago
- ☆191Updated 6 months ago
- A curated list of security tools for Hackers & Builders!☆101Updated last year
- Public repository of all things cloud security.☆45Updated last year
- Curating Falco rules with MITRE ATT&CK Matrix☆84Updated last year
- OWASP Kubernetes security and compliance tool [WIP]☆106Updated 2 years ago
- Cloud Offensive Breach and Risk Assessment (COBRA) Tool☆97Updated 5 months ago
- An AI-powered tool for discovering privilege escalation opportunities in AWS IAM configurations.☆116Updated last month
- https://breaches.cloud☆42Updated last year
- Protect against subdomain takeover☆94Updated 3 months ago
- A tool for scanning public or private AMIs for sensitive files and secrets. The tool follows the research made on AWS CloudQuarry where w…☆110Updated 11 months ago
- A small tool to help developers understand a huge set of security requirements from appsec teams☆47Updated 3 years ago
- Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts☆61Updated 2 years ago
- PEACH - a step-by-step framework for modeling and improving SaaS and PaaS tenant isolation, by managing the attack surface exposed by use…☆73Updated 2 years ago
- ☆182Updated 6 months ago
- Monitor the internet attack surface of various public cloud environments. Currently supports AWS, GCP, Azure, DigitalOcean and Oracle Clo…☆127Updated 2 weeks ago
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…☆102Updated last year
- Vulnerable by Design AWS Cloud Development Kit (CDK) Infrastructure☆48Updated last year
- The OWASP DevSecOps Guideline explains how we can implement a secure pipeline and use best practices and introduce tools that we can use …☆74Updated 3 weeks ago
- A Cloud Security Posture Manager or CSPM with a focus on security analysis for the modern cloud stack and a focus on the emerging threat …☆191Updated last year