Aws
Explore 160 curated tools and resources
Search by name, description, or purpose... (⌘+K)
PINNED
Promoted • 6 toolsCommercial
Data Protection
Commercial
Network Security
Commercial
Consulting
Commercial
Application Security
Commercial
Cloud Security
Commercial
Application Security
Want your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
AWS IAM Access Analyzer is a tool for implementing and maintaining least privilege access in AWS environments through automated analysis and validation of IAM policies and permissions.
AWS IAM Access Analyzer is a tool for implementing and maintaining least privilege access in AWS environments through automated analysis and validation of IAM policies and permissions.
A comprehensive analysis of AWS IAM Access Analyzer, evaluating its capabilities, limitations, and effectiveness in identifying publicly exposed AWS resources.
A comprehensive analysis of AWS IAM Access Analyzer, evaluating its capabilities, limitations, and effectiveness in identifying publicly exposed AWS resources.
Snyk Code is a real-time SAST tool that provides secure code analysis and actionable remediation advice to prevent code delays and ensure secure development.
Snyk Code is a real-time SAST tool that provides secure code analysis and actionable remediation advice to prevent code delays and ensure secure development.
A Python script to test the security of AWS S3 buckets
A tool to enumerate S3 buckets for a specific target
Converts the format of various S3 buckets for bug bounty and security testing.
Converts the format of various S3 buckets for bug bounty and security testing.
A tool to identify publicly accessible S3 objects
A security tool to identify interesting files in AWS S3 buckets
A tool for testing AWS S3 bucket permissions and security
A command-line tool to get valuable information out of AWS CloudTrail and a general purpose toolbox for working with IAM policies
A command-line tool to get valuable information out of AWS CloudTrail and a general purpose toolbox for working with IAM policies
S3Scanner scans for misconfigured S3 buckets across S3-compatible APIs, identifying potential security vulnerabilities and data exposure risks.
S3Scanner scans for misconfigured S3 buckets across S3-compatible APIs, identifying potential security vulnerabilities and data exposure risks.
AWS serverless cloud security tool for parsing and alerting on CloudTrail logs using EQL.
AWS serverless cloud security tool for parsing and alerting on CloudTrail logs using EQL.
Krampus is a security solution for managing AWS objects and can be used as a cost-control tool.
Krampus is a security solution for managing AWS objects and can be used as a cost-control tool.
A python module for orchestrating content acquisitions and analysis via Amazon SSM.
A python module for orchestrating content acquisitions and analysis via Amazon SSM.
Access Undenied parses AWS AccessDenied CloudTrail events, explains the reasons for them, and offers actionable fixes.
Access Undenied parses AWS AccessDenied CloudTrail events, explains the reasons for them, and offers actionable fixes.
A defense-in-depth security automation and monitoring framework utilizing threat intelligence, machine learning, and serverless technologies.
A defense-in-depth security automation and monitoring framework utilizing threat intelligence, machine learning, and serverless technologies.
An open-source security tool for AWS, Azure, Google Cloud, and Kubernetes security assessments and audits.
Identify AWS IAM permissions by brute-forcing API calls.
Securely store and access AWS credentials in a development environment.
A Python script that lists all main resources of your AWS account, helping you find resources that affect billing and/or security.
A Python script that lists all main resources of your AWS account, helping you find resources that affect billing and/or security.
A tool that generates least privilege IAM policies for AWS services
A tool that generates least privilege IAM policies for AWS services
A tool to find S3 buckets from HTML, JS, and bucket misconfiguration testing
A tool to find S3 buckets from HTML, JS, and bucket misconfiguration testing
A Lambda Function that disables AWS IAM User Access Keys after a set amount of time to reduce the risk associated with old access keys.
A Lambda Function that disables AWS IAM User Access Keys after a set amount of time to reduce the risk associated with old access keys.
pfSense is a leading open source firewall and network security solution, providing advanced protection and connectivity options.
pfSense is a leading open source firewall and network security solution, providing advanced protection and connectivity options.
Redboto is a collection of scripts for red team operations against the AWS API.
Redboto is a collection of scripts for red team operations against the AWS API.
A tool for visualizing AWS IAM and Organizations in a graph format with Neo4j, supporting anomaly detection and custom data processing.
A search engine for open Amazon S3 buckets and their contents, allowing users to search for files using keywords, filename extensions, and full path.
A search engine for open Amazon S3 buckets and their contents, allowing users to search for files using keywords, filename extensions, and full path.
Multi-cloud OSINT tool for enumerating public resources in AWS, Azure, and Google Cloud.
Multi-cloud OSINT tool for enumerating public resources in AWS, Azure, and Google Cloud.
A post-exploitation framework for attacking running AWS infrastructure
Lists AWS resources using the AWS Cloud Control API and writes them to a JSON output file.
Lists AWS resources using the AWS Cloud Control API and writes them to a JSON output file.
AWS account compliance using centrally managed Config Rules
A tool that assesses AWS accounts for subdomain hijacking vulnerabilities in Route53 and CloudFront configurations.
A tool that assesses AWS accounts for subdomain hijacking vulnerabilities in Route53 and CloudFront configurations.
AWS Scout2 is a security tool for AWS administrators to assess their environment's security posture.
AWS Scout2 is a security tool for AWS administrators to assess their environment's security posture.
Python package for processing and analyzing Zeek data with Pandas, scikit-learn, Kafka, and Spark, with offloading capabilities and improved data analysis features.
Python package for processing and analyzing Zeek data with Pandas, scikit-learn, Kafka, and Spark, with offloading capabilities and improved data analysis features.
Implements a cloud version of the Shadow Copy attack against domain controllers in AWS, allowing theft of domain user hashes.
Implements a cloud version of the Shadow Copy attack against domain controllers in AWS, allowing theft of domain user hashes.
On-demand access to AWS and ISV compliance reports with time-saving benefits.
An open-sourced framework for managing resources across hundreds of AWS Accounts
An open-sourced framework for managing resources across hundreds of AWS Accounts
Tool to clean Exif data from images in AWS S3 bucket
A collection of AWS security architectures for various security operations.
A collection of AWS security architectures for various security operations.
Multi-account cloud security tool for AWS with real-time reporting and auto-remediation capabilities.
Multi-account cloud security tool for AWS with real-time reporting and auto-remediation capabilities.
IAM Zero detects IAM issues and suggests least-privilege policies for AWS and other cloud platforms.
IAM Zero detects IAM issues and suggests least-privilege policies for AWS and other cloud platforms.
Comprehensive set of security controls for various AWS services to ensure a secure cloud environment.
Comprehensive set of security controls for various AWS services to ensure a secure cloud environment.
Continually audit your AWS usage to simplify risk and compliance assessment.
Continually audit your AWS usage to simplify risk and compliance assessment.
Nuvola is a tool for security analysis on AWS environments with a focus on creating a digital twin of cloud platforms.
Nuvola is a tool for security analysis on AWS environments with a focus on creating a digital twin of cloud platforms.
CloudFox helps gain situational awareness in unfamiliar cloud environments for penetration testers and offensive security professionals.
CloudFox helps gain situational awareness in unfamiliar cloud environments for penetration testers and offensive security professionals.
Open-source project for detecting security risks in cloud infrastructure accounts with support for AWS, Azure, GCP, OCI, and GitHub.
Open-source project for detecting security risks in cloud infrastructure accounts with support for AWS, Azure, GCP, OCI, and GitHub.
Pacu is an open-source AWS exploitation framework for offensive security testing against cloud environments.
Pacu is an open-source AWS exploitation framework for offensive security testing against cloud environments.
A collection of security workshops and hands-on content for AWS security services and techniques
A collection of security workshops and hands-on content for AWS security services and techniques
A tool for searching through public EBS snapshots for secrets, organized as an Elastic Beanstalk application.
A tool for searching through public EBS snapshots for secrets, organized as an Elastic Beanstalk application.
Repokid uses Access Advisor to remove unused service permissions from IAM roles in AWS.
Repokid uses Access Advisor to remove unused service permissions from IAM roles in AWS.
An AWS Lambda auditing tool that provides asset visibility and actionable results through statistical analysis and security checks.
An AWS Lambda auditing tool that provides asset visibility and actionable results through statistical analysis and security checks.
A library of Amazon S3 attack scenarios with mitigation strategies.
A library of Amazon S3 attack scenarios with mitigation strategies.
A portable Docker container with preinstalled AWS security tools for SecOps on AWS.
A portable Docker container with preinstalled AWS security tools for SecOps on AWS.
Open-source project for building instrumented environments to simulate attacks and test detections.
Open-source project for building instrumented environments to simulate attacks and test detections.
Analyzes CloudTrail data of a given AWS account and generates a summary of recently active IAM principals, API calls they made, as well as regions, IP addresses and user agents they used.
Analyzes CloudTrail data of a given AWS account and generates a summary of recently active IAM principals, API calls they made, as well as regions, IP addresses and user agents they used.
Collection of scripts and resources for DevSecOps, Security Automation and Automated Incident Response Remediation.
Collection of scripts and resources for DevSecOps, Security Automation and Automated Incident Response Remediation.
CFRipper is a Library and CLI security analyzer for AWS CloudFormation templates.
CFRipper is a Library and CLI security analyzer for AWS CloudFormation templates.
Automatically compile AWS SCPs for compliant AWS services based on preferred frameworks.
Automatically compile AWS SCPs for compliant AWS services based on preferred frameworks.
CLI tool for deleting AWS resources in bulk with inspecting functionality.
CLI tool for deleting AWS resources in bulk with inspecting functionality.
A project for demonstrating AWS attack techniques with a focus on ethical hacking practices.
A project for demonstrating AWS attack techniques with a focus on ethical hacking practices.
Generate Amazon GuardDuty findings related to real AWS resources with multiple tests available.
Generate Amazon GuardDuty findings related to real AWS resources with multiple tests available.
A serverless, real-time, and retroactive malware detection tool that scans files with YARA rules and alerts incident response teams.
A serverless, real-time, and retroactive malware detection tool that scans files with YARA rules and alerts incident response teams.
Centralized workforce identity management for AWS applications.
A tool that discovers all AWS resources created in an account
A tool that discovers all AWS resources created in an account
A distributed systems simulator that creates vulnerable Kubernetes clusters in AWS for security training and vulnerability mitigation practice.
A distributed systems simulator that creates vulnerable Kubernetes clusters in AWS for security training and vulnerability mitigation practice.
A Terraform module to set up a secure AWS account configuration baseline
A Terraform module to set up a secure AWS account configuration baseline
AWS Web Application Firewalls (WAFs) protect web applications and APIs from attacks, providing prebuilt security rules and the ability to create custom rules.
AWS Web Application Firewalls (WAFs) protect web applications and APIs from attacks, providing prebuilt security rules and the ability to create custom rules.
A tool to fetch all public IP addresses associated with an AWS account
A tool to fetch all public IP addresses associated with an AWS account
A project that sets up partitioned Athena tables for CloudTrail logs and updates partitions nightly.
A project that sets up partitioned Athena tables for CloudTrail logs and updates partitions nightly.
Cloud Security Suite (cs-suite) - Version 3.0 Usage for cloud security audits on AWS, GCP, Azure, and DigitalOcean.
Cloud Security Suite (cs-suite) - Version 3.0 Usage for cloud security audits on AWS, GCP, Azure, and DigitalOcean.
A tool for spinning up insecure AWS infrastructure with Terraform for training and security assessment purposes.
A tool for spinning up insecure AWS infrastructure with Terraform for training and security assessment purposes.
AWS Cloud Security offers security services and compliance tools for securing data and applications on AWS.
AWS Cloud Security offers security services and compliance tools for securing data and applications on AWS.
A small project for continuous auditing of internet-facing AWS services
A small project for continuous auditing of internet-facing AWS services
A tutorial on setting up Dionaea on an EC2 instance in 20 minutes
A script that implements Cognito attacks such as Account Oracle or Priviledge Escalation
A script that implements Cognito attacks such as Account Oracle or Priviledge Escalation
Static code analyzer for Infrastructure as Code with 500+ security policies and support for various IaC tools and cloud platforms.
Assess, audit, and evaluate configurations of AWS resources.
CloudGoat is a 'Vulnerable by Design' AWS deployment tool for honing cloud cybersecurity skills through 'capture-the-flag' style scenarios.
CloudGoat is a 'Vulnerable by Design' AWS deployment tool for honing cloud cybersecurity skills through 'capture-the-flag' style scenarios.
Automate AWS security checks and centralize security alerts.
Detect off-instance key usage in AWS by analyzing CloudTrail files locally.
Detect off-instance key usage in AWS by analyzing CloudTrail files locally.
A cloud-based key management service for encrypting and digitally signing data.
A cloud-based key management service for encrypting and digitally signing data.
A utility for testing AWS Lambda functions for SQL Injection vulnerabilities using SQLMap attacks.
A utility for testing AWS Lambda functions for SQL Injection vulnerabilities using SQLMap attacks.
Identify unintended network access to AWS resources and ensure network security by analyzing network reachability conditions.
Identify unintended network access to AWS resources and ensure network security by analyzing network reachability conditions.
A security tool that monitors AWS objects for ownership attribution, detects domain hijacking, and verifies security services.
A security tool that monitors AWS objects for ownership attribution, detects domain hijacking, and verifies security services.
Scripts to quickly fix security and compliance issues
A customized AWS EKS setup for PCI-DSS, SOC2, and HIPAA compliance
A customized AWS EKS setup for PCI-DSS, SOC2, and HIPAA compliance
A tool to analyze and audit AWS environments for security issues and misconfigurations.
A tool to analyze and audit AWS environments for security issues and misconfigurations.
Redirects EC2 metadata API traffic to a container that retrieves temporary AWS credentials and proxies other calls to the EC2 metadata API.
Ice provides a birds-eye view of cloud resources and usage patterns in AWS.
A collection of resources for securing AWS environments using the CIS Amazon Web Services Foundations Benchmark 1.1
A collection of resources for securing AWS environments using the CIS Amazon Web Services Foundations Benchmark 1.1
A tool for discovering open S3 Buckets starting from a domain using various techniques such as crawling and DNS crawling.
A tool for discovering open S3 Buckets starting from a domain using various techniques such as crawling and DNS crawling.
Chamber is a tool for managing secrets that utilizes AWS SSM Parameter Store.
An attacker can create a new IAM policy version and set it as the default version without requiring the iam:SetDefaultPolicyVersion permission.
An attacker can create a new IAM policy version and set it as the default version without requiring the iam:SetDefaultPolicyVersion permission.
Multi-cloud antivirus scanning API with CLAMAV and YARA support for AWS S3, Azure Blob Storage, and GCP Cloud Storage.
Stay up-to-date on the latest trends and developments in AWS Cloud Security with this weekly digest newsletter.
Stay up-to-date on the latest trends and developments in AWS Cloud Security with this weekly digest newsletter.
Python command line utility for incident response in AWS
A cloud-native, event-driven data pipeline toolkit for security teams with extensible data processing and serverless deployment.
A cloud-native, event-driven data pipeline toolkit for security teams with extensible data processing and serverless deployment.
Find exposed AWS cloud assets that you did not know you had.
DataCop is a custom AWS framework for mitigating S3 bucket attack vectors based on customer configuration.
DataCop is a custom AWS framework for mitigating S3 bucket attack vectors based on customer configuration.
An open-source framework for testing and validating the security of AWS services and resources.
An open-source framework for testing and validating the security of AWS services and resources.
A free training course and lab environment for learning to test and attack cloud infrastructure, including AWS and Azure.
A free training course and lab environment for learning to test and attack cloud infrastructure, including AWS and Azure.
Metabadger helps prevent SSRF attacks on AWS EC2 by automating upgrades to the more secure Instance Metadata Service v2 (IMDSv2).
Metabadger helps prevent SSRF attacks on AWS EC2 by automating upgrades to the more secure Instance Metadata Service v2 (IMDSv2).
AWS Network Firewall provides fine-grained control over network traffic and enables easy deployment of firewall security.
AWS Network Firewall provides fine-grained control over network traffic and enables easy deployment of firewall security.
Discover and protect sensitive data at scale with automated data discovery and security assessment.
Discover and protect sensitive data at scale with automated data discovery and security assessment.
A NodeJS/Typescript library for generating IAM Policy Actions Statements for AWS CDK with predefined constants and a factory class.
Open source security data lake for AWS with real-time log normalization and Detection-as-Code capabilities.
Open source security data lake for AWS with real-time log normalization and Detection-as-Code capabilities.
Cloud Security Dashboard with AWS CIS Security Benchmarks and JIRA integration.
Cloud Security Dashboard with AWS CIS Security Benchmarks and JIRA integration.
Automated contextual security findings enrichment and impact evaluation tool for vulnerability management.
Automated contextual security findings enrichment and impact evaluation tool for vulnerability management.
A tool for finding AWS credentials in files, optimized for Jenkins integration.
Helm plugin for decrypting encrypted Helm value files on the fly and integrating with cloud native secret managers.
Open-source tool for analyzing AWS temporary tokens to detect malicious activity.
Open-source tool for analyzing AWS temporary tokens to detect malicious activity.
A module-based AWS response tool for incident response in AWS environments.
A module-based AWS response tool for incident response in AWS environments.
Collection of penetration testing scripts for AWS with a focus on reconnaissance.
Collection of penetration testing scripts for AWS with a focus on reconnaissance.
SOPS is an editor of encrypted files supporting various formats and encryption methods.
SOPS is an editor of encrypted files supporting various formats and encryption methods.
A tool to conduct preliminary security checks in code, infrastructure, or IAM configurations using various open-source tools.
A tool to conduct preliminary security checks in code, infrastructure, or IAM configurations using various open-source tools.
Track user activity and API usage on AWS and in hybrid and multicloud environments.
Track user activity and API usage on AWS and in hybrid and multicloud environments.
AWS Community repository of custom Config rules with instructions for leveraging and developing AWS Config Rules.
AWS Community repository of custom Config rules with instructions for leveraging and developing AWS Config Rules.
A script and library for identifying risks in AWS IAM configuration
A script and library for identifying risks in AWS IAM configuration
A series of levels teaching about common mistakes and gotchas when using Amazon Web Services (AWS).
A series of levels teaching about common mistakes and gotchas when using Amazon Web Services (AWS).
Monitors AWS and GCP accounts for policy changes and alerts on insecure configurations, with support for OpenStack and GitHub monitoring.
Monitors AWS and GCP accounts for policy changes and alerts on insecure configurations, with support for OpenStack and GitHub monitoring.
A set of tools for fingerprinting and exploiting Amazon cloud infrastructures
A set of tools for fingerprinting and exploiting Amazon cloud infrastructures
Centrally Manage Cloud Firewall Rules with AWS Firewall Manager
Centrally Manage Cloud Firewall Rules with AWS Firewall Manager
Manage single-tenant hardware security modules (HSMs) on AWS.
A command line tool that counts Amazon resources across regions and displays the results in a friendly format.
A command line tool that counts Amazon resources across regions and displays the results in a friendly format.
A multi-threaded AWS security-focused inventory collection tool with comprehensive resource coverage and efficient data collection methods.
Search AWS CloudWatch logs on the command line with aws-sdk-for-go.
Amazon GuardDuty is a threat detection service for AWS accounts.
Amazon GuardDuty is a threat detection service for AWS accounts.
AWS IAM Security Assessment tool for identifying violations of least privilege and generating risk-prioritized reports.
AWS IAM Security Assessment tool for identifying violations of least privilege and generating risk-prioritized reports.
AWS Shield provides managed DDoS protection for your applications, automatically detecting and mitigating sophisticated network-level DDoS events.
AWS Shield provides managed DDoS protection for your applications, automatically detecting and mitigating sophisticated network-level DDoS events.
A secret keeper that stores secrets in DynamoDB, encrypted at rest.
Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.
Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.
A web service for easier AWS IAM permissions and credential management with various login methods and IAM Self-Service Wizard.
A web service for easier AWS IAM permissions and credential management with various login methods and IAM Self-Service Wizard.
AirIAM is an AWS IAM to least privilege Terraform execution framework that compiles AWS IAM usage and leverages that data to create a least-privilege IAM Terraform.
AirIAM is an AWS IAM to least privilege Terraform execution framework that compiles AWS IAM usage and leverages that data to create a least-privilege IAM Terraform.
A graph-based tool for visualizing effective access and resource relationships within AWS
A graph-based tool for visualizing effective access and resource relationships within AWS
A tool that determines what AWS API calls are logged by CloudTrail and what they are logged as, and can also be used as an attack simulation framework.
A tool that determines what AWS API calls are logged by CloudTrail and what they are logged as, and can also be used as an attack simulation framework.
An AWS resource policy security checkup tool that identifies public, external account access, intra-org account access, and private resources.
An AWS resource policy security checkup tool that identifies public, external account access, intra-org account access, and private resources.
A fully managed service that securely stores, rotates, and manages sensitive data such as database credentials and API keys.
A fully managed service that securely stores, rotates, and manages sensitive data such as database credentials and API keys.
Diffy is a digital forensics and incident response (DFIR) tool developed by Netflix's Security Intelligence and Response Team (SIRT) for scoping compromises across cloud instances.
Diffy is a digital forensics and incident response (DFIR) tool developed by Netflix's Security Intelligence and Response Team (SIRT) for scoping compromises across cloud instances.
A CLI utility that makes it easier to switch between different AWS roles
A CLI utility that makes it easier to switch between different AWS roles
Scalable, cost-effective application recovery to AWS.
Scalable, cost-effective application recovery to AWS.
Runs IAM policy linting checks against AWS accounts to identify security best practices and policy errors.
Runs IAM policy linting checks against AWS accounts to identify security best practices and policy errors.
In-depth analysis and insights on various cloud security topics by Rhino Security Labs team
In-depth analysis and insights on various cloud security topics by Rhino Security Labs team
CloudTracker helps identify over-privileged IAM users and roles by analyzing CloudTrail logs.
CloudTracker helps identify over-privileged IAM users and roles by analyzing CloudTrail logs.
A Serverless Security Orchestration Automation and Response (SOAR) Framework for AWS GuardDuty with various supported actions.
A Serverless Security Orchestration Automation and Response (SOAR) Framework for AWS GuardDuty with various supported actions.
A proof of concept for using the SSM Agent in Fargate for incident response
A proof of concept for using the SSM Agent in Fargate for incident response
Templates for incident response run-books tailored for AWS environments based on NIST guidelines.
Templates for incident response run-books tailored for AWS environments based on NIST guidelines.
Zeus is a powerful tool for AWS EC2 / S3 / CloudTrail / CloudWatch / KMS best hardening practices with a focus on Identity and Access Management.
Zeus is a powerful tool for AWS EC2 / S3 / CloudTrail / CloudWatch / KMS best hardening practices with a focus on Identity and Access Management.
