Aws

Krampus is an AWS resource management tool that automates the deletion and disabling of cloud objects based on JSON task files for security remediation and cost control.

A Python module for orchestrating remote forensic data acquisition and analysis from Linux instances using Amazon SSM.

An AWS incident response framework that uses Athena to analyze CloudTrail events and EventBridge for notifications to investigate API activity and detect security misconfigurations.

Access Undenied on AWS analyzes CloudTrail AccessDenied events to explain access denial reasons and provide least-privilege remediation suggestions.

A defense-in-depth security automation framework for AWS that combines threat intelligence, machine learning, and serverless technologies to prevent, detect, and respond to threats through automated security telemetry collection and analysis.

A command-line tool that shows configuration history and changes of AWS resources using AWS Config service.

Prowler is an open source multi-cloud security assessment tool that performs audits, compliance checks, and security evaluations across AWS, Azure, GCP, and Kubernetes environments.

A security assessment tool that identifies AWS IAM permissions by systematically testing API calls to determine the actual scope of access granted to specific credentials.

AWS Vault securely stores AWS IAM credentials in the operating system's keystore and generates temporary credentials for development environments.

A Python script that inventories and lists main AWS account resources to provide visibility into cloud infrastructure components that may impact billing or security.

Policy Sentry is an automated IAM policy generator that helps developers create least privilege AWS IAM policies through a template-based workflow.

Enables secure connections to AWS EC2 instances

A security tool for discovering S3 bucket references in web content and testing buckets for misconfigurations.

A Lambda function that automatically disables AWS IAM User Access Keys after a specified time period to reduce security risks from aging credentials.

pfSense is a leading open source firewall and network security solution, providing advanced protection and connectivity options.

A Python-based red team toolkit that leverages AWS boto3 SDK to perform offensive operations including credential extraction and file exfiltration from EC2 instances.

An open-source policy-as-code platform that analyzes multi-cloud and SaaS environments using SQL and YAML policies with GPT integration for security, cost, and architecture assessments.

Aaia visualizes AWS IAM and Organizations data in Neo4j graph format to help identify security outliers and conduct privilege escalation analysis through Cypher queries.

A black-box reconnaissance tool that discovers cloud infrastructure, files, and applications across major cloud providers for security testing purposes.

A search engine for open Amazon S3 buckets and their contents, allowing users to search for files using keywords, filename extensions, and full path.

Cloud_enum is a multi-cloud OSINT tool that enumerates publicly accessible resources across AWS, Azure, and Google Cloud platforms for security assessment purposes.

A post-exploitation framework for attacking AWS infrastructure, enabling attacks on EC2 instances without SSH keypairs and extraction of AWS secrets and parameters.

A serverless application that creates and monitors fake HTTP endpoints as honeytokens to detect attackers, malicious insiders, and automated threats.

A Python tool that uses AWS Cloud Control API to enumerate and catalog AWS resources across specified accounts and regions, outputting results in JSON format.