The SOCless automation framework
☆140Feb 11, 2025Updated last year
Alternatives and similar repositories for socless
Users that are interested in socless are comparing it to the libraries listed below
Sorting:
- ☆18Jul 30, 2024Updated last year
- An implementation of infrastructure-as-code scanning using dynamic tooling.☆56Jan 18, 2022Updated 4 years ago
- Cloudformation Template and Lambda to detect if Instance Profile credentials are being used outside your AWS Account.☆29Aug 18, 2019Updated 6 years ago
- Convert cloudtrail data to MITRE ATT&CK Sightings☆82Jul 25, 2022Updated 3 years ago
- Research on the enumeration of IAM permissions without logging to CloudTrail☆60Jun 11, 2021Updated 4 years ago
- ☆83Dec 5, 2019Updated 6 years ago
- Kantega Web Application Security Hero Challenge☆19Dec 3, 2020Updated 5 years ago
- ☆11Dec 9, 2025Updated 2 months ago
- Assess certain AWS network configurations☆12Aug 22, 2018Updated 7 years ago
- Security Alert Decoration☆27Jul 21, 2025Updated 7 months ago
- ☆375Feb 23, 2024Updated 2 years ago
- SCP management tool☆135Oct 23, 2023Updated 2 years ago
- ☆69Jul 18, 2025Updated 7 months ago
- Salesforce Policy Deviation Checker☆30Sep 30, 2020Updated 5 years ago
- This is a custom SSM agent which is sorta functional☆17Jul 5, 2021Updated 4 years ago
- Listing of resources for example AWS Service Control Policies (SCPs)☆17Jan 10, 2024Updated 2 years ago
- A tool for standing up (and tearing down!) purposefully insecure cloud infrastructure☆753Oct 14, 2023Updated 2 years ago
- Unit testing framework for test driven security of AWS, GCP, Heroku and more.☆108Jan 22, 2026Updated last month
- KaiMonkey provides vulnerable infrastructure as code (IaC) to help explore and understand common cloud security threats exposed via IaC.☆106Dec 18, 2023Updated 2 years ago
- AWS honey token manager☆89Aug 1, 2024Updated last year
- Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.☆646Nov 21, 2019Updated 6 years ago
- ☆124May 26, 2025Updated 9 months ago
- AWS IAM linting library☆1,109Jan 7, 2026Updated last month
- Audit your GitHub Actions workflow runs to see exactly which Actions were downloaded☆80Feb 23, 2026Updated last week
- Sniff and attack networks that use IP-in-IP or VXLAN encapsulation protocols.☆23Aug 30, 2024Updated last year
- Safer AWS SCP deployments via real-time monitoring☆56Sep 30, 2023Updated 2 years ago
- ☆157Jul 8, 2023Updated 2 years ago
- Graph-based security analysis for everyone☆357Feb 19, 2026Updated last week
- Python3 script to generate a macro to launch a Mythic payload. Author: Cedric Owens☆48Apr 15, 2021Updated 4 years ago
- Varna: Quick & Cheap AWS CloudTrail Monitoring with Event Query Language (EQL)☆52Dec 26, 2022Updated 3 years ago
- A tool for quickly evaluating IAM permissions in AWS.☆1,541Aug 2, 2024Updated last year
- An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and secur…☆174Feb 22, 2026Updated last week
- Collection of Slides From My Conference Talks☆20Nov 21, 2022Updated 3 years ago
- ☆18May 5, 2024Updated last year
- JXA script based on research by Jeff Johnson on leveraging TextEdit to remove quarantine attributes on files. Jeff's original research is…☆17Jan 31, 2021Updated 5 years ago
- Mock streaming data generator☆17May 31, 2024Updated last year
- ☆30Jan 13, 2026Updated last month
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…☆101Jan 12, 2024Updated 2 years ago
- An AWS IAM Privilege Escalation Path Library☆120Feb 23, 2026Updated last week