Threat model for Amazon S3 - Library of all the attack scenarios on Amazon S3, and how to mitigate them following a risk-based approach
☆162Apr 15, 2026Updated last month
Alternatives and similar repositories for threatmodel-for-aws-s3
Users that are interested in threatmodel-for-aws-s3 are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Threat model for Azure Storage - Library of all the attack scenarios on Azure Storage, and how to mitigate them following a risk-based ap…☆61Mar 20, 2026Updated 2 months ago
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…☆101Jan 12, 2024Updated 2 years ago
- Assisted Log Enabler for AWS - Find AWS resources that are not logging, and turn them on.☆274Updated this week
- Unauthenticated enumeration of AWS, Azure, and GCP Principals☆289Nov 27, 2025Updated 5 months ago
- ☆1,056Apr 12, 2026Updated last month
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- ☆46Nov 7, 2024Updated last year
- Blogpost series showcasing interesting cloud - web app security bugs☆67May 15, 2026Updated last week
- Fun tools around the EBS Direct API☆20Apr 16, 2021Updated 5 years ago
- ☆30Jan 13, 2026Updated 4 months ago
- List of known AWS accounts☆258Apr 2, 2026Updated last month
- A simple threat modeling tool to help humans to reduce time-to-value when threat modeling☆733Updated this week
- AWS Security Analytics Bootstrap enables customers to perform security investigations on AWS service logs by providing an Amazon Athena a…☆276Updated this week
- PolicyGlass allows you to analyse one or more AWS policies' effective permissions in aggregate, by restating them in the form of PolicySh…☆59Jan 9, 2022Updated 4 years ago
- 🚨ATTENTION🚨 The Security Stack Mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is k…☆386Apr 3, 2024Updated 2 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- ☆16Jul 17, 2024Updated last year
- An AWS tool to help you create a point in time assessment of your AWS account using Prowler.☆605Apr 8, 2026Updated last month
- OWASP Domain Protect - prevent subdomain takeover☆397Dec 23, 2024Updated last year
- This repo has been replaced by https://www.cloudvulndb.org☆725Jun 29, 2022Updated 3 years ago
- Whois for the Cloud: Recon tool for cloud provider attribution. Supports AWS, Azure, Google, Cloudflare, and Digital Ocean.☆185Oct 9, 2025Updated 7 months ago
- Automated Attack Simulation in the Cloud, complete with detection use cases.☆612Nov 28, 2024Updated last year
- Study of a hypothetical attack scenario where an attacker corrupts images that are fed into an AI system, and has only a few chances befo…☆14Aug 31, 2021Updated 4 years ago
- AWSATT&CK adds MITRE ATT&CK context and additional logging capabilities to Rhino Security Labs's open-source AWS exploitation framework, …☆45Mar 5, 2021Updated 5 years ago
- Automatically compile an AWS Service Control Policy that ONLY allows AWS services that are compliant with your preferred compliance frame…☆224Aug 11, 2023Updated 2 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- A repository of breaches of AWS customers☆803Mar 30, 2026Updated last month
- A centralized source of all AWS IAM privilege escalation methods released by Rhino Security Labs.☆928Jul 25, 2019Updated 6 years ago
- Crowdsourced list of sensitive IAM Actions☆159Oct 29, 2024Updated last year
- OSED Practice binary☆26Nov 23, 2023Updated 2 years ago
- Search exposed EBS volumes for secrets☆304Apr 24, 2023Updated 3 years ago
- Supporting material for the "Hunting Bugs In The Tropics" DEFCON 30 talk☆10Aug 18, 2022Updated 3 years ago
- Force CloudFormation to generate a tree view for any stack☆18Sep 14, 2022Updated 3 years ago
- An AWS Pentesting tool that lets you use one-liner commands to backdoor an AWS account's resources with a rogue AWS account - or share th…☆13Feb 16, 2021Updated 5 years ago
- Example solutions demonstrating how to implement patterns within the AWS Security Reference Architecture guide using CloudFormation (incl…☆1,131Mar 10, 2026Updated 2 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.☆651Nov 21, 2019Updated 6 years ago
- Playing around with Stratus Red Team (Cloud Attack simulation tool) and SumoLogic☆308Jan 6, 2023Updated 3 years ago
- ☆377Feb 23, 2024Updated 2 years ago
- Resource types that can be publicly exposed on AWS☆331Feb 23, 2022Updated 4 years ago
- Cyber | Cloud Security Checklist | Incident Response | Policy Template | Use cases☆13Nov 24, 2020Updated 5 years ago
- Open Cloud Security Posture Management Engine☆346Feb 19, 2022Updated 4 years ago
- A tool for standing up (and tearing down!) purposefully insecure cloud infrastructure☆775Oct 14, 2023Updated 2 years ago