PureSec's repositories
awesome-serverless-security
A curated list of awesome serverless security resources such as (e)books, articles, whitepapers, blogs and research papers.
sas-top-10
Serverless Architectures Security Top 10 Guide
serverless-puresec-cli
Serverless plugin for least privileges.
FunctionShield
A Serverless Security Library for Developers. Regain Control Over Your AWS Lambda & Google Cloud Functions Runtimes.
lambda-proxy
Lambda-Proxy creates an HTTP proxy listening on localhost port 8082. When it receives an HTTP POST request with a very specific structure , it will parse the request, extract the relevant data required for the test, and will invoke your AWS Lambda function using the AWS SDK client.invoke() method. It was created for testing AWS Lambda functions with SQLMap as described here: https://www.puresec.io/blog/automated-sql-injection-testing-of-serverless-functions-on-a-shoestring-budget-and-some-good-music
lambda-config-rules
4 AWS Config rules that will boost your AWS Lambda security posture. Created as a companion to the AWS Config blog post by PureSec.
puresec-cli
PureSec CLI tools for improving the security of your serverless applications.
aws-parsecf
Parse AWS CloudFormation's intrinsic functions in the template
vulenrable-app
A sample vulnerable Node.js AWS Lambda function
node-csocket
Port for C's sys/socket.h methods for synchronous usage of sockets as file descriptors.
puresec-s3-public-scanner
An AWS Lambda function that scans your account for S3 buckets with any kind of public permissions
lambda-auth0-authorizer
An AWS Custom Authorizer for AWS Gateway that support Auth0 Bearer tokens.
Serverless-Goat
OWASP ServerlessGoat: a serverless application demonstrating common serverless security flaws
components
An easier way to build applications with cloud services. –
addressparser-malicious
Parse e-mail address fields with node.js
hello-retail
“Hello, Retail!” is an open-source, mobile-first, 100% serverless functional proof-of-concept showcasing a complete event sourcing approach applied to the retail platform space.
incubator-openwhisk-runtime-docker
Apache openwhisk
KairoScope-Backend-Reading
The microservice for KairoScope. This service is in charge of reading's operations.
node-gyp-build
Build tool and bindings loader for node-gyp that supports prebuilds
serverless-application-model
AWS Serverless Application Model (AWS SAM) prescribes rules for expressing Serverless applications on AWS.
serverless-azure-functions
Serverless Azure Functions Plugin – Add Azure Functions support to the Serverless Framework
serverless-plugin-ifelse
A Serverless Plugin to write If Else conditions in serverless YAML file
serverless-sentry-plugin
This plugin adds automatic forwarding of errors and exceptions to Sentry (https://sentry.io) and Serverless (https://serverless.com)
wg-serverless
CNCF Serverless WG