technologik / terraform_attack_automation
Automation associated with our talk: Attacking and Defending Infrastructure with Terraform
☆16Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for terraform_attack_automation
- GCP CSPM using Google Sheets☆34Updated 5 months ago
- Compares and analyzes GCP IAM roles.☆76Updated 5 months ago
- Harness the security superpowers of your cloud asset inventory☆10Updated last month
- 🖇️ STRIDE vs. ASVS equivalence table☆75Updated 2 months ago
- Audit log wall of shame.☆41Updated last month
- Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts☆57Updated last year
- Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.☆74Updated 2 years ago
- Updated incident response generator for training classes☆41Updated 3 years ago
- Coalfire AWS RAMP/pak Reference Architecture☆36Updated 2 months ago
- ☆61Updated last year
- Detect publicly accessible Lambda Function URLs in your AWS account☆9Updated 2 years ago
- Convert cloudtrail data to MITRE ATT&CK Sightings☆79Updated 2 years ago
- ☆82Updated 4 years ago
- Scripts to quickly fix security and compliance issues☆25Updated 11 months ago
- ☆14Updated 2 years ago
- An implementation of infrastructure-as-code scanning using dynamic tooling.☆56Updated 2 years ago
- Manage GuardDuty At Enterprise Scale☆22Updated 4 years ago
- ☆109Updated this week
- Generates runbooks for GuardDuty findings☆34Updated 4 months ago
- Tooling to simulate runtime attacks and test default runtime detections from Datadog Cloud Security Management.☆30Updated last month
- IAM-Deescalate helps mitigate privilege escalation risk in AWS identity and access management (IAM)☆96Updated 2 years ago
- Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows☆79Updated this week
- ☆28Updated 4 years ago
- Prevent SSRF attacks on AWS EC2 via automated upgrades to the more secure Instance Metadata Service v2 (IMDSv2).☆138Updated 8 months ago
- Repository to archive GCP Documentation for local use☆13Updated 2 weeks ago
- Clean accounts over permissions in GCP infra at scale☆71Updated last year
- An AWS metadata enumeration tool by Plerion☆77Updated 9 months ago
- Cloud Security Dashboard for AWS - based on ScoutSuite☆0Updated last year
- This application was built to help reduce the amount of time it takes to review AWS Lambda code.☆60Updated last week