Aws Security

Metabadger automates the upgrade of AWS EC2 instances to use the more secure Instance Metadata Service v2 (IMDSv2) to prevent SSRF attacks and reduce attack surface.

Discover and protect sensitive data at scale with automated data discovery and security assessment.

PrismX is a cloud security dashboard that provides centralized AWS security monitoring based on CIS benchmarks with JIRA integration for issue management.

MetaHub is an open-source vulnerability management tool that provides impact-contextual analysis of security findings in AWS environments through automated contextualization, ownership identification, and prioritization scoring.

CloudFrunt identifies misconfigured Amazon CloudFront domains that are vulnerable to hijacking due to improper CNAME configuration.

A Python command line tool that scans directories for AWS credentials in files, designed for CI/CD integration to prevent credential exposure in builds.

SkyWrapper analyzes temporary token behaviors in AWS accounts to detect suspicious activities and generates Excel reports with findings summaries.

A Python-based modular incident response tool for AWS environments that enables automated security actions across EC2, IAM, VPC, and other AWS resources.

A collection of Python scripts for conducting penetration testing activities against Amazon Web Services (AWS) environments.

A community repository of custom AWS Config rules for evaluating AWS resource configurations against compliance and security standards.

Principal Mapper is a Python tool that models AWS IAM configurations as directed graphs to identify privilege escalation risks and alternative attack paths in AWS environments.

A Ruby-based tool that creates visual diagrams of AWS EC2 security group configurations to help understand network access patterns and security relationships.

A proof-of-concept toolkit for fingerprinting and exploiting Amazon Web Services cloud infrastructures using the boto library.

A CLI tool for generating AWS IAM policy documents, SAM policy templates, and SAM Connectors using JSON definitions from the AWS Policy Generator.

A multi-threaded Ruby tool for comprehensive AWS security inventory collection that gathers detailed resource attributes, metadata, and policy information across AWS environments.

A command-line tool for searching AWS CloudWatch logs using pattern matching with configurable parameters for log groups, time ranges, and regions.

Amazon GuardDuty is a threat detection service for AWS accounts.

An AWS IAM security assessment tool that identifies least privilege violations and generates risk-prioritized reports for IAM policy remediation.

IAM Floyd is a code generation tool that provides a fluent interface for creating AWS IAM policy statements with comprehensive service coverage and CDK integration support.

ConsoleMe is a web service that simplifies AWS IAM permissions and credential management across multiple accounts through self-service workflows and centralized administration.

CredStash is a credential management tool that securely stores and retrieves sensitive information using AWS KMS encryption.

A graph-based tool for visualizing AWS access permissions and resource relationships to identify potential attack paths and privilege escalation opportunities.

rpCheckup is an AWS resource policy security analysis tool that identifies public, external, intra-organizational, and private resource access patterns across AWS accounts.

A CLI utility that simplifies switching between different AWS roles by automatically managing AWS credentials file modifications.