wiz-sec/open-cvdb external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

wiz-sec/open-cvdb

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/wiz-sec/open-cvdb)

Close

wiz-sec / open-cvdbView on GitHubMore

• External links
• Readme badge

An open project to list all publicly known cloud vulnerabilities and CSP security issues

☆375Sep 19, 2025Updated 5 months ago

Alternatives and similar repositories for open-cvdb

Users that are interested in open-cvdb are comparing it to the libraries listed below

• wiz-sec-public / cloud-middleware-dataset

  View on GitHub
  ☆246Jul 9, 2024Updated last year
• CERTCC / VINCE

  View on GitHub
  VINCE is the Vulnerability Information and Coordination Environment developed and used by the CERT Coordination Center to improve coordin…
  ☆90Feb 3, 2026Updated last month
• caizencloud / caizen

  View on GitHub
  Harness the security superpowers of your cloud asset inventory
  ☆11Sep 22, 2024Updated last year
• jdyke / gcp-iam-analyzer

  View on GitHub
  Compares and analyzes GCP IAM roles.
  ☆78Mar 9, 2025Updated 11 months ago
• fwdcloudsec / known_aws_accounts

  View on GitHub
  List of known AWS accounts
  ☆257Feb 6, 2026Updated last month
• DataDog / stratus-red-team

  View on GitHub
  Granular, Actionable Adversary Emulation for the Cloud
  ☆2,267Updated this week
• doyensec / cloudsec-tidbits

  View on GitHub
  Blogpost series showcasing interesting cloud - web app security bugs
  ☆48Jun 13, 2023Updated 2 years ago
• ramimac / aws-customer-security-incidents

  View on GitHub
  A repository of breaches of AWS customers
  ☆795Jan 24, 2026Updated last month
• Hacking-the-Cloud / hackingthe.cloud

  View on GitHub
  An encyclopedia for offensive and defensive security knowledge in cloud native technologies.
  ☆2,532Feb 10, 2026Updated 3 weeks ago
• SummitRoute / csp_security_mistakes

  View on GitHub
  This repo has been replaced by https://www.cloudvulndb.org
  ☆726Jun 29, 2022Updated 3 years ago
• wiz-sec-public / peach-framework

  View on GitHub
  PEACH - a step-by-step framework for modeling and improving SaaS and PaaS tenant isolation, by managing the attack surface exposed by use…
  ☆74Dec 14, 2022Updated 3 years ago
• jchrisfarris / detect-credential-compromise

  View on GitHub
  Cloudformation Template and Lambda to detect if Instance Profile credentials are being used outside your AWS Account.
  ☆29Aug 18, 2019Updated 6 years ago
• SummitRoute / aws_exposable_resources

  View on GitHub
  Resource types that can be publicly exposed on AWS
  ☆331Feb 23, 2022Updated 4 years ago
• SecurityRunners / cloud-exposure-catalog

  View on GitHub
  A catalog of services that can be publicly exposed within different cloud providers.
  ☆14Aug 30, 2024Updated last year
• BishopFox / cloudfox

  View on GitHub
  Automating situational awareness for cloud penetration tests.
  ☆2,299Updated this week
• Frichetten / aws-api-models

  View on GitHub
  A collection of documented and undocumented AWS API models
  ☆53Nov 21, 2025Updated 3 months ago
• primeharbor / sensitive_iam_actions

  View on GitHub
  Crowdsourced list of sensitive IAM Actions
  ☆159Oct 29, 2024Updated last year
• runreveal / sigmalite

  View on GitHub
  ☆52Dec 13, 2025Updated 2 months ago
• orcasecurity / orca-toolbox

  View on GitHub
  ☆124May 26, 2025Updated 9 months ago
• DataDog / threatest

  View on GitHub
  Threatest is a CLI and Go framework for end-to-end testing threat detection rules.
  ☆338Feb 13, 2026Updated 3 weeks ago
• disruptops / assess_network

  View on GitHub
  Assess certain AWS network configurations
  ☆12Aug 22, 2018Updated 7 years ago
• DataDog / workload-security-evaluator

  View on GitHub
  ## Auto-archived due to inactivity. ## Tooling to simulate runtime attacks and test default runtime detections from Datadog Cloud Securit…
  ☆37Oct 17, 2024Updated last year
• DataDog / managed-kubernetes-auditing-toolkit

  View on GitHub
  All-in-one auditing toolkit for identifying common security issues in managed Kubernetes environments. Currently supports Amazon EKS.
  ☆370Updated this week
• easttimor / aws-incident-response

  View on GitHub
  ☆375Feb 23, 2024Updated 2 years ago
• adanalvarez / TrailDiscover

  View on GitHub
  An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and secur…
  ☆174Feb 22, 2026Updated last week
• unknownhad / CloudIntel

  View on GitHub
  This repo contains IOC, malware and malware analysis associated with Public cloud
  ☆249Nov 11, 2024Updated last year
• ReversecLabs / leonidas

  View on GitHub
  Automated Attack Simulation in the Cloud, complete with detection use cases.
  ☆606Nov 28, 2024Updated last year
• salesforce / cloudsplaining

  View on GitHub
  Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized repo…
  ☆2,185Updated this week
• aidansteele / awsaccountcreds

  View on GitHub
  ☆23Feb 20, 2023Updated 3 years ago
• RhinoSecurityLabs / cloudgoat

  View on GitHub
  CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool
  ☆3,490Feb 12, 2026Updated 3 weeks ago
• RhinoSecurityLabs / pacu

  View on GitHub
  The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
  ☆5,080Feb 24, 2026Updated last week
• devops-kung-fu / bomber

  View on GitHub
  Scans Software Bill of Materials (SBOMs) for security vulnerabilities
  ☆605Feb 10, 2026Updated 3 weeks ago
• anunay-bhatt / secure-serverless-reference-architecture

  View on GitHub
  A walkthrough of security controls for a serverless architecture via a demo application
  ☆11May 11, 2022Updated 3 years ago
• DataDog / grimoire

  View on GitHub
  Generate datasets of cloud audit logs for common attacks
  ☆234Feb 13, 2026Updated 3 weeks ago
• projectdiscovery / cloudlist

  View on GitHub
  Cloudlist is a tool for listing Assets from multiple Cloud Providers.
  ☆1,006Updated this week
• CloudSecurityAlliance / gsd-project

  View on GitHub
  Global Security Database Project
  ☆28Mar 4, 2023Updated 3 years ago
• Permiso-io-tools / LogLicker

  View on GitHub
  Tool for obfuscating and deobfuscating data.
  ☆76Mar 20, 2024Updated last year
• wiz-sec-public / namespacehound

  View on GitHub
  NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.
  ☆112Jan 2, 2025Updated last year
• Algbra-Labs-OSS / Chronicle

  View on GitHub
  ☆65May 21, 2024Updated last year