There are 37 repositories under aws-security topic.
Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
Security Monkey monitors AWS, GCP, OpenStack, and GitHub orgs for assets and their changes over time.
Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
🛡️ Awesome Cloud Security Resources ⚔️
IAM Least Privilege Policy Generator
Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.
:cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud
Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS
Curated list of links, references, books videos, tutorials (Free or Paid), Exploit, CTFs, Hacking Practices etc. which are related to AWS Security
Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.
TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
Example solutions demonstrating how to implement patterns within the AWS Security Reference Architecture guide using CloudFormation (including Customizations for AWS Control Tower) and Terraform.
Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!
ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring supporting 100s of services and evaluations to harden your CSP & SaaS environments with controls mapped to over 20 industry, regulatory, and best practice controls frameworks
A graph-based tool for visualizing effective access and resource relationships in AWS environments.
Least privilege AWS IAM Terraformer
A curated list of awesome cloud security blogs, podcasts, standards, projects, and examples.
TerraformGoat is HXSecurity research lab's "Vulnerable by Design" multi cloud deployment tool.
Amazon Web Services (AWS) Guide. Learn all about Amazon Web Services Tools, Services, and Certifications.
Library and CLI tool for analysing CloudFormation templates and check them for security compliance.
cloudgrep is grep for cloud storage
All-in-one auditing toolkit for identifying common security issues in managed Kubernetes environments. Currently supports Amazon EKS.
Vulnerability scanning just got lazier
Skills and career roadmap for various security roles like application security, cloud security, DevSecOps, security engineer, security researchers, pentesting, api security, network security, mobile security and so on with helpful resources, guidelines
Open source application to instantly remediate common security issues through the use of AWS Config
rpCheckup is an AWS resource policy security checkup tool that identifies public, external account access, intra-org account access, and private resources.
A step-by-step walkthrough of CloudGoat 2.0 scenarios.
Monitor the internet attack surface of various public cloud environments. Currently supports AWS, GCP, Azure, DigitalOcean and Oracle Cloud.
Cfngoat is Bridgecrew's "Vulnerable by Design" Cloudformation repository. Cfngoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and security implications
A command line security audit tool for Amazon Web Services