Showcase your innovative cybersecurity solution to our dedicated audience of security professionals.
Reach out!
CloudScraper is a tool for enumerating cloud resources, including S3 Buckets, Azure Blobs, and Digital Ocean Storage Space.
Burp extension for identifying cloud buckets and testing for vulnerabilities
A command-line tool to get valuable information out of AWS CloudTrail and a general purpose toolbox for working with IAM policies
S3Scanner scans for misconfigured S3 buckets across S3-compatible APIs, identifying potential security vulnerabilities and data exposure risks.
AWS serverless cloud security tool for parsing and alerting on CloudTrail logs using EQL.
Krampus is a security solution for managing AWS objects and can be used as a cost-control tool.
Automate actions on Security Command Center findings with automated disk snapshots, IAM grant revocation, and more.
Open-source policy-as-code software for multi-cloud and SaaS environments with GPT model conversations and custom analysis policies.
A detection-as-code platform for streamlining cloud security operations and responding to security incidents.
A tool for discovering company infrastructure and apps on major cloud providers, beneficial for bug bounty hunters and penetration testers.
A search engine for open Amazon S3 buckets and their contents, allowing users to search for files using keywords, filename extensions, and full path.
Lists AWS resources using the AWS Cloud Control API and writes them to a JSON output file.
Managed Kubernetes Inspection Tool leveraging FOSS tools to query and validate security-related settings.
Cloud Custodian (c7n) is a rules engine for managing public cloud accounts and resources with a focus on security, compliance, and cost optimization.
AWS Scout2 is a security tool for AWS administrators to assess their environment's security posture.
Implements a cloud version of the Shadow Copy attack against domain controllers in AWS, allowing theft of domain user hashes.
An open-sourced framework for managing resources across hundreds of AWS Accounts
Multi-account cloud security tool for AWS with real-time reporting and auto-remediation capabilities.
Comprehensive set of security controls for various AWS services to ensure a secure cloud environment.
Comprehensive cybersecurity tool for Microsoft Azure providing CSPM & CWPP capabilities.
Tool for analyzing cloud resources against best practices and generating reports.
Azucar is a multi-threaded plugin-based tool for assessing Azure Cloud security.
Nuvola is a tool for security analysis on AWS environments with a focus on creating a digital twin of cloud platforms.
CloudFox helps gain situational awareness in unfamiliar cloud environments for penetration testers and offensive security professionals.
Open-source project for detecting security risks in cloud infrastructure accounts with support for AWS, Azure, GCP, OCI, and GitHub.
A dynamic infrastructure framework for efficient multi-cloud security operations and distributed scanning.
Create Docker container images for testing and long-term use.
A tool for identifying security issues in CloudFormation templates.
An open source cloud security platform for discovering, prioritizing, and remediating risks in the cloud.
Analyzes CloudTrail data of a given AWS account and generates a summary of recently active IAM principals, API calls they made, as well as regions, IP addresses and user agents they used.
CLI tool for deleting AWS resources in bulk with inspecting functionality.
A tool that discovers all AWS resources created in an account
A tool to fetch all public IP addresses associated with an AWS account
A project that sets up partitioned Athena tables for CloudTrail logs and updates partitions nightly.
Cloud Security Suite (cs-suite) - Version 3.0 Usage for cloud security audits on AWS, GCP, Azure, and DigitalOcean.
AWS Cloud Security offers security services and compliance tools for securing data and applications on AWS.
A small project for continuous auditing of internet-facing AWS services
Automated script for creating a vulnerable Azure cloud lab to train offensive security skills.
Automate AWS security checks and centralize security alerts.
Detect off-instance key usage in AWS by analyzing CloudTrail files locally.
A security tool that monitors AWS objects for ownership attribution, detects domain hijacking, and verifies security services.
A collection of tools for forensics teams to collect evidence from cloud platforms
A tool to analyze and audit AWS environments for security issues and misconfigurations.
Ice provides a birds-eye view of cloud resources and usage patterns in AWS.
Stay up-to-date on the latest trends and developments in AWS Cloud Security with this weekly digest newsletter.
Find exposed AWS cloud assets that you did not know you had.
DataCop is a custom AWS framework for mitigating S3 bucket attack vectors based on customer configuration.
An open-source framework for testing and validating the security of AWS services and resources.
A free training course and lab environment for learning to test and attack cloud infrastructure, including AWS and Azure.
Azure Guardrails enables rapid enforcement of cloud security guardrails by generating Terraform files for Azure Policy Initiatives.
AI-Powered Cloud Assistant for building, securing, and operating cloud environments.
Cloudmarker is a cloud monitoring tool and framework that audits Azure and GCP cloud environments.
Cloud security project focusing on discovering and protecting privileged entities in AWS and Azure environments.
Cloud Security Dashboard with AWS CIS Security Benchmarks and JIRA integration.
Comprehensive suite of tools and resources by Microsoft Azure for ensuring security and protection of data and applications in the cloud.
A multi-cloud tool for centralizing assets across multiple clouds with minimal configuration.
Monitors AWS and GCP accounts for policy changes and alerts on insecure configurations, with support for OpenStack and GitHub monitoring.
A framework for executing attacker actions in the cloud with YAML-based format for defining TTPs and detection properties, deployable via AWS-native CI/CD pipeline.
A set of tools for fingerprinting and exploiting Amazon cloud infrastructures
Centrally Manage Cloud Firewall Rules with AWS Firewall Manager
A command line tool that counts Amazon resources across regions and displays the results in a friendly format.
Open-source cloud-agnostic resource manager for analyzing and managing cloud cost, usage, security, and governance.
Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.
A graph-based tool for visualizing effective access and resource relationships within AWS
An AWS resource policy security checkup tool that identifies public, external account access, intra-org account access, and private resources.
In-depth analysis and insights on various cloud security topics by Rhino Security Labs team
Zeus is a powerful tool for AWS EC2 / S3 / CloudTrail / CloudWatch / KMS best hardening practices with a focus on Identity and Access Management.
Open source multi-cloud security-auditing tool for assessing security posture of cloud environments.
