awurster

trufflehog

Find and verify secrets

prezto

The configuration framework for Zsh

examples

Serverless Examples – A collection of boilerplates and examples of serverless architectures built with the Serverless Framework on AWS Lambda, Microsoft Azure, Google Cloud Functions, and more.

prowler

Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more

my-arsenal-of-aws-security-tools

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

cloudmapper

CloudMapper helps you analyze your Amazon Web Services (AWS) environments.

cloudquery

The open source high performance ELT framework powered by Apache Arrow

detect-secrets

An enterprise friendly way of detecting and preventing secrets in code.

SecretScanner

:unlock: :unlock: Find secrets and passwords in container images and file systems :unlock: :unlock:

streamalert

StreamAlert is a serverless, realtime data analysis framework which empowers you to ingest, analyze, and alert on data from any environment, using datasources and alerting logic you define.

timesketch

Collaborative forensic timeline analysis

policy_sentry

IAM Least Privilege Policy Generator

binaryalert

BinaryAlert: Serverless, Real-time & Retroactive Malware Detection.

flightsim

A utility to safely generate malicious network traffic patterns and evaluate controls.

repokid

AWS Least Privilege for Distributed, High-Velocity Deployment

diodb

Open-source vulnerability disclosure and bug bounty program database

osx-security-awesome

A collection of OSX and iOS security resources

aws-inventory

Discover resources created in an AWS account.

attack_data

A repository of curated datasets from various attacks

aardvark

Aardvark is a multi-account AWS IAM Access Advisor API

cloud-forensics-utils

Python library to carry out DFIR analysis on the Cloud

lambda-action

GitHub Action for Deploying Lambda code to an existing function

Tor-IP-Addresses

Hourly checked and updated list of IP Addresses of Tor and Tor Exit Nodes

aws-security-analytics-bootstrap

AWS Security Analytics Bootstrap enables customers to perform security investigations on AWS service logs by providing an Amazon Athena analysis environment that's quick to deploy, ready to use, and easy to maintain.

truffleHogRegexes

These are the regexes that power truffleHog

peerd

peerd is an AWS VPC Peering Connection management tool. It creates full-meshes of VPCs from a yaml file, and manages the full lifecycle of creation, deletion and route table updates needed to make VPC peerings useful across accounts and regions. Contributions welcome.

aws-list-resources

ioc-explorer

Explore Indicators of Compromise Automatically

karmabot

A Python based Slack Chatbot for community interaction

terraform-aws-ses-lambda-forwarder

This is a terraform module that creates an email forwarder using a combination of AWS SES and Lambda running the aws-lambda-ses-forwarder NPM module.