Cloud Security for Cloud

A cloud and database asset intelligence platform that provides continuous monitoring, compliance management, and security posture assessment across hybrid cloud environments.

A cloud native application protection platform that provides security monitoring and protection across cloud, on-premises, and hybrid environments.

Cloud runtime security platform that uses eBPF technology to monitor cloud infrastructure, detect anomalies, and identify potential security threats in real-time.

A Python tool that tests multiple AWS S3 buckets for security misconfigurations including directory listing and upload permissions.

A security tool that performs whitebox evaluation of S3 object permissions to identify publicly accessible files and generate reports on potential exposure risks.

A Burp Suite extension that uses Shodan to discover cloud buckets and tests them for publicly accessible vulnerabilities through passive scanning.

S3cario is an AWS S3 bucket security testing tool that validates permissions and identifies potential vulnerabilities through scenario simulation.

TrailScraper is a command-line tool for extracting information from AWS CloudTrail logs and generating IAM policies based on actual API usage patterns.

A command-line tool that shows configuration history and changes of AWS resources using AWS Config service.

Cloud Sniper is a centralized cloud security operations platform that provides incident response, threat correlation, and automated security actions for cloud infrastructure protection.

NBD (Network Block Device) is a network protocol implementation that allows clients to access remote block devices over a network as if they were local storage.

AWS Scout2 is a security assessment tool that uses the AWS API to gather configuration data and automatically identify security risks in AWS environments.

TerraGoat is a deliberately vulnerable Terraform repository that demonstrates common cloud infrastructure misconfigurations for training and testing security tools.

Dufflebag searches through public AWS EBS snapshots to identify accidentally exposed secrets and sensitive information.

An archived community-driven collection of open source cloud security tools that provided monitoring and compliance capabilities for cloud infrastructure.

CloudTrail Partitioner automates the creation and management of partitioned Athena tables for AWS CloudTrail logs with nightly partition updates.

A userland implementation of the Network Block Device protocol that enables remote block device access over network connections for distributed storage and virtualization use cases.

Ice is an AWS cloud cost management tool that provides multi-level visibility into cloud spending and resource utilization to support informed reservation purchases and resource optimization decisions.

Metabadger automates the upgrade of AWS EC2 instances to use the more secure Instance Metadata Service v2 (IMDSv2) to prevent SSRF attacks and reduce attack surface.

Cloudmarker is a configurable cloud monitoring tool and framework that audits Azure and GCP environments by retrieving, analyzing, and alerting on cloud security data.

SkyArk is a cloud security scanning tool that identifies privileged entities in AWS and Azure environments to help mitigate Cloud Shadow Admin threats.

SkyWrapper analyzes temporary token behaviors in AWS accounts to detect suspicious activities and generates Excel reports with findings summaries.

Teller is a command-line secret management tool that integrates with various cloud providers and vaults to securely populate environment variables during development workflows.

Security Monkey monitors AWS, GCP, and OpenStack environments for policy changes and insecure configurations, providing historical tracking and alerting capabilities through a centralized interface.