KaiMonkey provides vulnerable infrastructure as code (IaC) to help explore and understand common cloud security threats exposed via IaC.
☆105Dec 18, 2023Updated 2 years ago
Alternatives and similar repositories for KaiMonkey
Users that are interested in KaiMonkey are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Vulnerable Terraform Projects - Fork of https://github.com/bridgecrewio/terragoat☆17Apr 23, 2024Updated last year
- Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.☆5,205Nov 20, 2025Updated 4 months ago
- ☆40Nov 29, 2024Updated last year
- Salesforce Policy Deviation Checker☆30Sep 30, 2020Updated 5 years ago
- A set of AWS resources for testing the Log4Shell vulnerability, deployable with terraform☆11Dec 20, 2021Updated 4 years ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- A Cloud Security Posture Manager or CSPM with a focus on security analysis for the modern cloud stack and a focus on the emerging threat …☆199Aug 29, 2024Updated last year
- The SOCless automation framework☆141Feb 11, 2025Updated last year
- Offensive Terraform module which creates Kali Linux from the AWS marketplace and installs cloud security tools (Pacu, Cloudsplaining, Sco…☆19Sep 27, 2020Updated 5 years ago
- Terraform to run Scoutsuite security scan of projects within a Google Cloud Org. Report will be published to a GCS bucket.☆17Jan 5, 2026Updated 2 months ago
- HoneyZure is a honeypot tool specifically designed for Azure environments, fully provisioned through Terraform. It leverages a Log Analyt…☆17Jun 11, 2024Updated last year
- A tool for standing up (and tearing down!) purposefully insecure cloud infrastructure☆758Oct 14, 2023Updated 2 years ago
- CloudSplaining on AWS Managed Policies☆44Sep 8, 2025Updated 6 months ago
- ☆14Jan 8, 2026Updated 2 months ago
- Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized repo…☆2,197Updated this week
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- ☆11Jul 28, 2020Updated 5 years ago
- Assisted Log Enabler for AWS - Find AWS resources that are not logging, and turn them on.☆273Updated this week
- ☆13May 16, 2019Updated 6 years ago
- An implementation of infrastructure-as-code scanning using dynamic tooling.☆56Jan 18, 2022Updated 4 years ago
- A comprehensive scanner for Google Cloud☆356Dec 5, 2025Updated 3 months ago
- Compares and analyzes GCP IAM roles.☆78Mar 9, 2025Updated last year
- Cloud Commotion intends to cause chaos to simulate security incidents☆146Jun 18, 2024Updated last year
- Unauthenticated enumeration of AWS, Azure, and GCP Principals☆284Nov 27, 2025Updated 3 months ago
- This repository provides sample templates for security playbooks against various scenarios when using Amazon Web Services.☆650Updated this week
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- ☆18Jul 30, 2024Updated last year
- An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchm…☆770Dec 11, 2024Updated last year
- Terraform module for Policy Sentry.☆26Nov 10, 2020Updated 5 years ago
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…☆101Jan 12, 2024Updated 2 years ago
- Unlocking Serverless Computing to Assess Security Controls☆262Mar 15, 2024Updated 2 years ago
- A cloud security tool to search and clean up unused AWS access keys, written in Go.☆52Sep 2, 2022Updated 3 years ago
- Automating Identity Access Management with Ansible☆15May 10, 2023Updated 2 years ago
- Automated Attack Simulation in the Cloud, complete with detection use cases.☆608Nov 28, 2024Updated last year
- ## Auto-archived due to inactivity. ## Tooling to simulate runtime attacks and test default runtime detections from Datadog Cloud Securit…☆37Oct 17, 2024Updated last year
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- Python library to carry out DFIR analysis on the Cloud☆502Mar 18, 2026Updated last week
- Sniff and attack networks that use IP-in-IP or VXLAN encapsulation protocols.☆23Aug 30, 2024Updated last year
- An AI-powered tool for discovering privilege escalation opportunities in AWS IAM configurations.☆120Mar 13, 2026Updated last week
- ☆169Sep 30, 2025Updated 5 months ago
- Threatest is a CLI and Go framework for end-to-end testing threat detection rules.☆339Mar 17, 2026Updated last week
- oauth security guidelines☆232Jun 25, 2019Updated 6 years ago
- Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastruct…☆2,593Updated this week