Explore 92 curated tools and resources
Want your tool featured here?
Get maximum visibility with pinned placement
A cloud-native security platform that provides asset inventory, vulnerability management, compliance monitoring, and security posture management across multiple cloud providers.
A cloud-native security platform that provides asset inventory, vulnerability management, compliance monitoring, and security posture management across multiple cloud providers.
A cloud-based security platform providing WAAP, ZTNA, public cloud security management, and threat intelligence sharing capabilities.
A cloud-based security platform providing WAAP, ZTNA, public cloud security management, and threat intelligence sharing capabilities.
A security platform that automates the deployment and management of security canaries across cloud infrastructure to detect potential intrusions and unauthorized access.
A security platform that automates the deployment and management of security canaries across cloud infrastructure to detect potential intrusions and unauthorized access.
A comprehensive analysis of AWS IAM Access Analyzer, evaluating its capabilities, limitations, and effectiveness in identifying publicly exposed AWS resources.
A comprehensive analysis of AWS IAM Access Analyzer, evaluating its capabilities, limitations, and effectiveness in identifying publicly exposed AWS resources.
Snyk Code is a real-time SAST tool that provides secure code analysis and actionable remediation advice to prevent code delays and ensure secure development.
Snyk Code is a real-time SAST tool that provides secure code analysis and actionable remediation advice to prevent code delays and ensure secure development.
A Python tool that tests multiple AWS S3 buckets for security misconfigurations including directory listing and upload permissions.
A Python tool that tests multiple AWS S3 buckets for security misconfigurations including directory listing and upload permissions.
A security toolkit for Amazon S3 that provides bucket scanning, policy validation, ACL management, and encryption features to identify and remediate S3 security vulnerabilities.
A security toolkit for Amazon S3 that provides bucket scanning, policy validation, ACL management, and encryption features to identify and remediate S3 security vulnerabilities.
A tool for enumerating and analyzing Amazon S3 buckets associated with specific targets to identify potential security misconfigurations.
A tool for enumerating and analyzing Amazon S3 buckets associated with specific targets to identify potential security misconfigurations.
A format conversion tool for S3 buckets designed to assist bug bounty hunters and security testers in standardizing bucket data during reconnaissance activities.
A format conversion tool for S3 buckets designed to assist bug bounty hunters and security testers in standardizing bucket data during reconnaissance activities.
A security tool that performs whitebox evaluation of S3 object permissions to identify publicly accessible files and generate reports on potential exposure risks.
A security tool that performs whitebox evaluation of S3 object permissions to identify publicly accessible files and generate reports on potential exposure risks.
A Chrome extension that automatically detects and lists Amazon S3 buckets while browsing websites.
A Chrome extension that automatically detects and lists Amazon S3 buckets while browsing websites.
A security tool for discovering and analyzing interesting files in AWS S3 buckets across multiple regions and bucket types.
A security tool for discovering and analyzing interesting files in AWS S3 buckets across multiple regions and bucket types.
S3cario is an AWS S3 bucket security testing tool that validates permissions and identifies potential vulnerabilities through scenario simulation.
S3cario is an AWS S3 bucket security testing tool that validates permissions and identifies potential vulnerabilities through scenario simulation.
TrailScraper is a command-line tool for extracting information from AWS CloudTrail logs and generating IAM policies based on actual API usage patterns.
TrailScraper is a command-line tool for extracting information from AWS CloudTrail logs and generating IAM policies based on actual API usage patterns.
S3Scanner is an open-source tool that scans S3 buckets across S3-compatible APIs to identify misconfigurations and security vulnerabilities.
S3Scanner is an open-source tool that scans S3 buckets across S3-compatible APIs to identify misconfigurations and security vulnerabilities.
Varna is an AWS serverless security tool that monitors CloudTrail logs using Event Query Language to detect and alert on suspicious activities in cloud environments.
Varna is an AWS serverless security tool that monitors CloudTrail logs using Event Query Language to detect and alert on suspicious activities in cloud environments.
Access Undenied on AWS analyzes CloudTrail AccessDenied events to explain access denial reasons and provide least-privilege remediation suggestions.
Access Undenied on AWS analyzes CloudTrail AccessDenied events to explain access denial reasons and provide least-privilege remediation suggestions.
A defense-in-depth security automation framework for AWS that combines threat intelligence, machine learning, and serverless technologies to prevent, detect, and respond to threats through automated security telemetry collection and analysis.
A defense-in-depth security automation framework for AWS that combines threat intelligence, machine learning, and serverless technologies to prevent, detect, and respond to threats through automated security telemetry collection and analysis.
A security assessment tool that identifies AWS IAM permissions by systematically testing API calls to determine the actual scope of access granted to specific credentials.
A security assessment tool that identifies AWS IAM permissions by systematically testing API calls to determine the actual scope of access granted to specific credentials.
aws-gate is a tool that enables secure connections to AWS EC2 instances through AWS Systems Manager Session Manager without requiring SSH keys or direct network access.
aws-gate is a tool that enables secure connections to AWS EC2 instances through AWS Systems Manager Session Manager without requiring SSH keys or direct network access.
A security tool for discovering S3 bucket references in web content and testing buckets for misconfigurations.
A security tool for discovering S3 bucket references in web content and testing buckets for misconfigurations.
A Lambda function that automatically disables AWS IAM User Access Keys after a specified time period to reduce security risks from aging credentials.
Aaia visualizes AWS IAM and Organizations data in Neo4j graph format to help identify security outliers and conduct privilege escalation analysis through Cypher queries.
Aaia visualizes AWS IAM and Organizations data in Neo4j graph format to help identify security outliers and conduct privilege escalation analysis through Cypher queries.
A search engine for open Amazon S3 buckets and their contents, allowing users to search for files using keywords, filename extensions, and full path.
A search engine for open Amazon S3 buckets and their contents, allowing users to search for files using keywords, filename extensions, and full path.
A post-exploitation framework for attacking AWS infrastructure, enabling attacks on EC2 instances without SSH keypairs and extraction of AWS secrets and parameters.
A post-exploitation framework for attacking AWS infrastructure, enabling attacks on EC2 instances without SSH keypairs and extraction of AWS secrets and parameters.
CloudJack identifies subdomain hijacking vulnerabilities in AWS accounts by detecting misconfigurations between Route53 DNS aliases and CloudFront distributions.
CloudJack identifies subdomain hijacking vulnerabilities in AWS accounts by detecting misconfigurations between Route53 DNS aliases and CloudFront distributions.
AWS Scout2 is a security assessment tool that uses the AWS API to gather configuration data and automatically identify security risks in AWS environments.
AWS Scout2 is a security assessment tool that uses the AWS API to gather configuration data and automatically identify security risks in AWS environments.
A tool that removes Exif metadata from images stored in AWS S3 buckets to protect privacy and eliminate sensitive embedded information.
A tool that removes Exif metadata from images stored in AWS S3 buckets to protect privacy and eliminate sensitive embedded information.
A comprehensive AWS security automation toolkit that provides event monitoring, data protection, resource management, and security configuration validation across AWS environments.
A comprehensive AWS security automation toolkit that provides event monitoring, data protection, resource management, and security configuration validation across AWS environments.
A multi-account AWS security tool that identifies misconfigurations, provides real-time reporting, and performs automated remediation to establish secure cloud guardrails.
A multi-account AWS security tool that identifies misconfigurations, provides real-time reporting, and performs automated remediation to establish secure cloud guardrails.
Comprehensive set of security controls for various AWS services to ensure a secure cloud environment.
Comprehensive set of security controls for various AWS services to ensure a secure cloud environment.
IAMSpy is a library that uses the Z3 prover to analyze AWS IAM policies and query whether specific actions are allowed or denied.
A cloud security analysis tool that creates digital twins of AWS environments using graph databases to identify attack paths and security misconfigurations through automated and manual rule-based assessments.
A cloud security analysis tool that creates digital twins of AWS environments using graph databases to identify attack paths and security misconfigurations through automated and manual rule-based assessments.
A collection of hands-on workshops and educational content focused on AWS security services, techniques, and best practices through practical scenarios.
A collection of hands-on workshops and educational content focused on AWS security services, techniques, and best practices through practical scenarios.
Dufflebag searches through public AWS EBS snapshots to identify accidentally exposed secrets and sensitive information.
Dufflebag searches through public AWS EBS snapshots to identify accidentally exposed secrets and sensitive information.
Repokid automatically removes unused service permissions from AWS IAM role inline policies using Access Advisor data to implement least privilege access.
LambdaGuard is an AWS Lambda auditing tool that provides security configuration checks, statistical analysis, and service dependency mapping for serverless functions.
LambdaGuard is an AWS Lambda auditing tool that provides security configuration checks, statistical analysis, and service dependency mapping for serverless functions.
A comprehensive library documenting Amazon S3 attack scenarios and risk-based mitigation strategies for cloud storage security.
A comprehensive library documenting Amazon S3 attack scenarios and risk-based mitigation strategies for cloud storage security.
ZeusCloud is an open source cloud security platform that discovers AWS assets, identifies attack paths, and provides remediation guidance with customizable compliance controls.
ZeusCloud is an open source cloud security platform that discovers AWS assets, identifies attack paths, and provides remediation guidance with customizable compliance controls.
A Docker container that bundles preinstalled AWS security tools for streamlined security operations and assessments in AWS environments.
A Docker container that bundles preinstalled AWS security tools for streamlined security operations and assessments in AWS environments.
A collection of AWS-native scripts and automation tools for DevSecOps, incident response, and security remediation in cloud environments.
A collection of AWS-native scripts and automation tools for DevSecOps, incident response, and security remediation in cloud environments.
aws-allowlister automatically generates AWS Service Control Policies that restrict access to only compliance-framework-approved AWS services.
aws-allowlister automatically generates AWS Service Control Policies that restrict access to only compliance-framework-approved AWS services.
A collection of scripts and guidance for generating proof-of-concept Amazon GuardDuty findings to help users understand and test AWS security detection capabilities.
A collection of scripts and guidance for generating proof-of-concept Amazon GuardDuty findings to help users understand and test AWS security detection capabilities.
A Terraform module that establishes security baseline configurations for AWS accounts based on CIS benchmarks and AWS security best practices.
A Terraform module that establishes security baseline configurations for AWS accounts based on CIS benchmarks and AWS security best practices.
A Ruby-based tool that enumerates all public IPv4 and IPv6 addresses associated with an AWS account across multiple services including EC2, CloudFront, ELB, RDS, and others.
A Ruby-based tool that enumerates all public IPv4 and IPv6 addresses associated with an AWS account across multiple services including EC2, CloudFront, ELB, RDS, and others.
CloudTrail Partitioner automates the creation and management of partitioned Athena tables for AWS CloudTrail logs with nightly partition updates.
CloudTrail Partitioner automates the creation and management of partitioned Athena tables for AWS CloudTrail logs with nightly partition updates.
A Terraform tool that creates intentionally misconfigured AWS infrastructure with 84 vulnerabilities across 22 services for security training and testing purposes.
A Terraform tool that creates intentionally misconfigured AWS infrastructure with 84 vulnerabilities across 22 services for security training and testing purposes.
A distributed AWS security auditing tool that continuously enumerates and scans internet-facing AWS services to identify potentially misconfigured resources.
A distributed AWS security auditing tool that continuously enumerates and scans internet-facing AWS services to identify potentially misconfigured resources.
A GitHub action that lints AWS IAM policy documents to identify security issues and misconfigurations with configurable severity levels and custom rules.
A GitHub action that lints AWS IAM policy documents to identify security issues and misconfigurations with configurable severity levels and custom rules.
A Python script that performs security testing attacks against AWS Cognito services including account creation, user enumeration, and privilege escalation vulnerabilities.
A Python script that performs security testing attacks against AWS Cognito services including account creation, user enumeration, and privilege escalation vulnerabilities.
CloudGoat is a vulnerable-by-design AWS deployment tool that creates intentionally insecure cloud environments for hands-on cybersecurity training through capture-the-flag scenarios.
CloudGoat is a vulnerable-by-design AWS deployment tool that creates intentionally insecure cloud environments for hands-on cybersecurity training through capture-the-flag scenarios.
A command-line tool that analyzes local CloudTrail files to detect off-instance AWS key usage patterns for security monitoring and forensic analysis.
A command-line tool that analyzes local CloudTrail files to detect off-instance AWS key usage patterns for security monitoring and forensic analysis.
A cloud-based key management service for encrypting and digitally signing data.
A cloud-based key management service for encrypting and digitally signing data.
Network Access Analyzer is an AWS VPC feature that identifies unintended network access to cloud resources by analyzing internet gateways, route tables, ACLs, and security groups.
Network Access Analyzer is an AWS VPC feature that identifies unintended network access to cloud resources by analyzing internet gateways, route tables, ACLs, and security groups.
Cloud Inquisitor is an AWS security tool that monitors resource ownership, detects domain hijacking, verifies security services, and manages IAM policies across multiple accounts.
Cloud Inquisitor is an AWS security tool that monitors resource ownership, detects domain hijacking, verifies security services, and manages IAM policies across multiple accounts.
A collection of automation scripts that quickly enable essential AWS security and compliance features that are not activated by default in AWS accounts.
A collection of automation scripts that quickly enable essential AWS security and compliance features that are not activated by default in AWS accounts.
CloudMapper is an AWS security analysis tool that audits configurations, identifies misconfigurations, analyzes IAM policies, finds unused resources, and provides network visualization capabilities.
CloudMapper is an AWS security analysis tool that audits configurations, identifies misconfigurations, analyzes IAM policies, finds unused resources, and provides network visualization capabilities.
kube2iam provides IAM credentials to Kubernetes containers by intercepting EC2 metadata API calls and retrieving temporary AWS credentials based on pod annotations.
Ice is an AWS cloud cost management tool that provides multi-level visibility into cloud spending and resource utilization to support informed reservation purchases and resource optimization decisions.
Ice is an AWS cloud cost management tool that provides multi-level visibility into cloud spending and resource utilization to support informed reservation purchases and resource optimization decisions.
A collection of AWS security benchmark resources including CIS Foundations Benchmark 1.1, best practices guides, and configuration documentation for securing Amazon Web Services environments.
A collection of AWS security benchmark resources including CIS Foundations Benchmark 1.1, best practices guides, and configuration documentation for securing Amazon Web Services environments.
Documentation of an AWS IAM privilege escalation technique that exploits the iam:CreatePolicyVersion permission to gain elevated access through policy manipulation.
Documentation of an AWS IAM privilege escalation technique that exploits the iam:CreatePolicyVersion permission to gain elevated access through policy manipulation.
AWS IR is a Python command line utility for automated incident response and mitigation of instance and key compromises in Amazon Web Services environments.
AWS IR is a Python command line utility for automated incident response and mitigation of instance and key compromises in Amazon Web Services environments.
WeirdAAL is an open-source framework that provides tools and libraries for simulating attacks and testing security vulnerabilities in AWS environments.
WeirdAAL is an open-source framework that provides tools and libraries for simulating attacks and testing security vulnerabilities in AWS environments.
Metabadger automates the upgrade of AWS EC2 instances to use the more secure Instance Metadata Service v2 (IMDSv2) to prevent SSRF attacks and reduce attack surface.
Metabadger automates the upgrade of AWS EC2 instances to use the more secure Instance Metadata Service v2 (IMDSv2) to prevent SSRF attacks and reduce attack surface.
Discover and protect sensitive data at scale with automated data discovery and security assessment.
Discover and protect sensitive data at scale with automated data discovery and security assessment.
PrismX is a cloud security dashboard that provides centralized AWS security monitoring based on CIS benchmarks with JIRA integration for issue management.
PrismX is a cloud security dashboard that provides centralized AWS security monitoring based on CIS benchmarks with JIRA integration for issue management.
MetaHub is an open-source vulnerability management tool that provides impact-contextual analysis of security findings in AWS environments through automated contextualization, ownership identification, and prioritization scoring.
MetaHub is an open-source vulnerability management tool that provides impact-contextual analysis of security findings in AWS environments through automated contextualization, ownership identification, and prioritization scoring.
CloudFrunt identifies misconfigured Amazon CloudFront domains that are vulnerable to hijacking due to improper CNAME configuration.
CloudFrunt identifies misconfigured Amazon CloudFront domains that are vulnerable to hijacking due to improper CNAME configuration.
A Python command line tool that scans directories for AWS credentials in files, designed for CI/CD integration to prevent credential exposure in builds.
A Python command line tool that scans directories for AWS credentials in files, designed for CI/CD integration to prevent credential exposure in builds.
SkyWrapper analyzes temporary token behaviors in AWS accounts to detect suspicious activities and generates Excel reports with findings summaries.
SkyWrapper analyzes temporary token behaviors in AWS accounts to detect suspicious activities and generates Excel reports with findings summaries.
A Python-based modular incident response tool for AWS environments that enables automated security actions across EC2, IAM, VPC, and other AWS resources.
A Python-based modular incident response tool for AWS environments that enables automated security actions across EC2, IAM, VPC, and other AWS resources.
A collection of Python scripts for conducting penetration testing activities against Amazon Web Services (AWS) environments.
A collection of Python scripts for conducting penetration testing activities against Amazon Web Services (AWS) environments.
A community repository of custom AWS Config rules for evaluating AWS resource configurations against compliance and security standards.
A community repository of custom AWS Config rules for evaluating AWS resource configurations against compliance and security standards.
Principal Mapper is a Python tool that models AWS IAM configurations as directed graphs to identify privilege escalation risks and alternative attack paths in AWS environments.
Principal Mapper is a Python tool that models AWS IAM configurations as directed graphs to identify privilege escalation risks and alternative attack paths in AWS environments.
A Ruby-based tool that creates visual diagrams of AWS EC2 security group configurations to help understand network access patterns and security relationships.
A Ruby-based tool that creates visual diagrams of AWS EC2 security group configurations to help understand network access patterns and security relationships.
A proof-of-concept toolkit for fingerprinting and exploiting Amazon Web Services cloud infrastructures using the boto library.
A proof-of-concept toolkit for fingerprinting and exploiting Amazon Web Services cloud infrastructures using the boto library.
A CLI tool for generating AWS IAM policy documents, SAM policy templates, and SAM Connectors using JSON definitions from the AWS Policy Generator.
A CLI tool for generating AWS IAM policy documents, SAM policy templates, and SAM Connectors using JSON definitions from the AWS Policy Generator.
A multi-threaded Ruby tool for comprehensive AWS security inventory collection that gathers detailed resource attributes, metadata, and policy information across AWS environments.
A multi-threaded Ruby tool for comprehensive AWS security inventory collection that gathers detailed resource attributes, metadata, and policy information across AWS environments.
A command-line tool for searching AWS CloudWatch logs using pattern matching with configurable parameters for log groups, time ranges, and regions.
A command-line tool for searching AWS CloudWatch logs using pattern matching with configurable parameters for log groups, time ranges, and regions.
Amazon GuardDuty is a threat detection service for AWS accounts.
Amazon GuardDuty is a threat detection service for AWS accounts.
An AWS IAM security assessment tool that identifies least privilege violations and generates risk-prioritized reports for IAM policy remediation.
An AWS IAM security assessment tool that identifies least privilege violations and generates risk-prioritized reports for IAM policy remediation.
IAM Floyd is a code generation tool that provides a fluent interface for creating AWS IAM policy statements with comprehensive service coverage and CDK integration support.
IAM Floyd is a code generation tool that provides a fluent interface for creating AWS IAM policy statements with comprehensive service coverage and CDK integration support.
ConsoleMe is a web service that simplifies AWS IAM permissions and credential management across multiple accounts through self-service workflows and centralized administration.
CredStash is a credential management tool that securely stores and retrieves sensitive information using AWS KMS encryption.
CredStash is a credential management tool that securely stores and retrieves sensitive information using AWS KMS encryption.
A graph-based tool for visualizing AWS access permissions and resource relationships to identify potential attack paths and privilege escalation opportunities.
A graph-based tool for visualizing AWS access permissions and resource relationships to identify potential attack paths and privilege escalation opportunities.
rpCheckup is an AWS resource policy security analysis tool that identifies public, external, intra-organizational, and private resource access patterns across AWS accounts.
rpCheckup is an AWS resource policy security analysis tool that identifies public, external, intra-organizational, and private resource access patterns across AWS accounts.
A CLI utility that simplifies switching between different AWS roles by automatically managing AWS credentials file modifications.
A CLI utility that simplifies switching between different AWS roles by automatically managing AWS credentials file modifications.
A command-line tool that performs automated IAM policy security linting across AWS accounts and organizations using AWS Access Analyzer validation.
A command-line tool that performs automated IAM policy security linting across AWS accounts and organizations using AWS Access Analyzer validation.
CloudTracker analyzes CloudTrail logs against IAM policies to identify over-privileged AWS users and roles by comparing actual permission usage with granted permissions.
CloudTracker analyzes CloudTrail logs against IAM policies to identify over-privileged AWS users and roles by comparing actual permission usage with granted permissions.
A serverless SOAR framework for AWS GuardDuty that automatically executes configurable response actions based on security findings and threat severity.
A serverless SOAR framework for AWS GuardDuty that automatically executes configurable response actions based on security findings and threat severity.
A proof of concept for using the SSM Agent in Fargate for incident response
A proof of concept for using the SSM Agent in Fargate for incident response
Zeus is an AWS security auditing and hardening tool that evaluates cloud configurations against CIS benchmarks and can automatically apply recommended security settings.
Zeus is an AWS security auditing and hardening tool that evaluates cloud configurations against CIS benchmarks and can automatically apply recommended security settings.