Prevent SSRF attacks on AWS EC2 via automated upgrades to the more secure Instance Metadata Service v2 (IMDSv2).
☆144May 1, 2025Updated 10 months ago
Alternatives and similar repositories for metabadger
Users that are interested in metabadger are comparing it to the libraries listed below
Sorting:
- Automatically compile an AWS Service Control Policy that ONLY allows AWS services that are compliant with your preferred compliance frame…☆224Aug 11, 2023Updated 2 years ago
- Simple tool to identify and remediate the use of the AWS EC2 IMDSv1.☆15Aug 12, 2021Updated 4 years ago
- AWS SSO serverless phishing API.☆32Jun 30, 2021Updated 4 years ago
- AWS CloudSaga - Simulate security events in AWS☆473Updated this week
- ☆25Jun 27, 2024Updated last year
- PolicyGlass allows you to analyse one or more AWS policies' effective permissions in aggregate, by restating them in the form of PolicySh…☆60Jan 9, 2022Updated 4 years ago
- ☆157Jul 8, 2023Updated 2 years ago
- This repo has been replaced by https://www.cloudvulndb.org☆726Jun 29, 2022Updated 3 years ago
- POC tool to create signed AWS API GET requests to bypass Guard Duty alerting of off-instance credential use via SSRF☆59Sep 20, 2023Updated 2 years ago
- Access Undenied parses AWS AccessDenied CloudTrail events, explains the reasons for them, and offers actionable remediation steps. Open-s…☆267Jan 26, 2023Updated 3 years ago
- ☆89Feb 11, 2022Updated 4 years ago
- Salesforce Policy Deviation Checker☆30Sep 30, 2020Updated 5 years ago
- Eliminate dangling elastic IPs by performing analysis on your resources within all your AWS accounts.☆277Sep 20, 2024Updated last year
- Finders Keypers: AWS KMS Encryption Key Usage and Blast Radius Finder☆45Aug 13, 2025Updated 6 months ago
- ☆142Nov 24, 2025Updated 3 months ago
- Cloudformation Template and Lambda to detect if Instance Profile credentials are being used outside your AWS Account.☆29Aug 18, 2019Updated 6 years ago
- No need for IAM users when we have Yubikeys☆158Apr 7, 2022Updated 3 years ago
- Multi-threaded AWS inventory collection tool with a focus on security-relevant resources and metadata.☆554Jul 13, 2025Updated 7 months ago
- A tool for quickly evaluating IAM permissions in AWS.☆1,544Aug 2, 2024Updated last year
- 🖇️ equivalence table between OWASP ASVS standard and STRIDE threat modeling methodology.☆76Aug 22, 2024Updated last year
- Rapidly apply hundreds of security controls in Azure☆183May 1, 2025Updated 10 months ago
- Slack alert bot for matching Github Audit Events☆10Nov 12, 2024Updated last year
- Assess certain AWS network configurations☆12Aug 22, 2018Updated 7 years ago
- A project to collate IAM actions, AWS APIs and managed policies from various public sources.☆302Updated this week
- OWASP Domain Protect - prevent subdomain takeover☆399Dec 23, 2024Updated last year
- AKTION sends the latest AWS Services and Actions each week to your chosen email address. Essential for AWS IAM policy management.☆20Feb 17, 2020Updated 6 years ago
- ☆14Jan 8, 2026Updated 2 months ago
- Compares and analyzes GCP IAM roles.☆78Mar 9, 2025Updated last year
- A checklist of practices for organizations dealing with account takeover (ATO)☆276Oct 4, 2024Updated last year
- ☆24May 31, 2024Updated last year
- ☆124May 26, 2025Updated 9 months ago
- A production-friendly malware scanner for your AWS cloud☆201Jul 14, 2021Updated 4 years ago
- Repository for iamfast questions and issues☆176Mar 28, 2025Updated 11 months ago
- Crowdsourced list of sensitive IAM Actions☆159Oct 29, 2024Updated last year
- Knowledge Report Alert & Normalization Generator☆26Feb 11, 2026Updated 3 weeks ago
- A CLI tool for building simple to complex IAM policies☆69Dec 5, 2023Updated 2 years ago
- Corsair_scan is a security tool to test Cross-Origin Resource Sharing (CORS).☆123Apr 14, 2023Updated 2 years ago
- Deliberately vulnerable AWS resources for security assessment demos☆32Aug 20, 2022Updated 3 years ago
- Resource types that can be publicly exposed on AWS☆331Feb 23, 2022Updated 4 years ago