Aws

A Go-based tool for discovering and inventorying internet-facing AWS assets across single or multiple accounts to help maintain comprehensive cloud attack surface visibility.

DataCop is an AWS framework that automatically blocks S3 buckets containing PII or classified information based on AWS Macie findings and configurable security policies.

WeirdAAL is an open-source framework that provides tools and libraries for simulating attacks and testing security vulnerabilities in AWS environments.

A training program that teaches security professionals how to conduct penetration testing and attack simulations against AWS and Azure cloud infrastructure.

Metabadger automates the upgrade of AWS EC2 instances to use the more secure Instance Metadata Service v2 (IMDSv2) to prevent SSRF attacks and reduce attack surface.

Romana automates cloud-native network isolation and distributed firewall policies for Kubernetes and OpenStack environments using topology-aware IPAM without overlays.

AWS Network Firewall provides fine-grained control over network traffic and enables easy deployment of firewall security.

Discover and protect sensitive data at scale with automated data discovery and security assessment.

SkyArk is a cloud security scanning tool that identifies privileged entities in AWS and Azure environments to help mitigate Cloud Shadow Admin threats.

A NodeJS/TypeScript library that generates IAM Policy Actions Statements for AWS services with predefined constants and factory classes for AWS CDK integration.

An open source cloud-native security data lake platform for AWS that normalizes security logs into structured data with Detection-as-Code capabilities and vendor-neutral storage using open standards.

PrismX is a cloud security dashboard that provides centralized AWS security monitoring based on CIS benchmarks with JIRA integration for issue management.

MetaHub is an open-source vulnerability management tool that provides impact-contextual analysis of security findings in AWS environments through automated contextualization, ownership identification, and prioritization scoring.

CloudFrunt identifies misconfigured Amazon CloudFront domains that are vulnerable to hijacking due to improper CNAME configuration.

A Python command line tool that scans directories for AWS credentials in files, designed for CI/CD integration to prevent credential exposure in builds.

SkyWrapper analyzes temporary token behaviors in AWS accounts to detect suspicious activities and generates Excel reports with findings summaries.

A Python-based modular incident response tool for AWS environments that enables automated security actions across EC2, IAM, VPC, and other AWS resources.

Kiam is a Kubernetes agent that allows Pods to assume AWS IAM roles, though it is being deprecated in favor of AWS' official IAM roles for Service Accounts solution.

A collection of Python scripts for conducting penetration testing activities against Amazon Web Services (AWS) environments.

Track user activity and API usage on AWS and in hybrid and multicloud environments.

A Python utility that identifies and exploits domains vulnerable to AWS name server takeover attacks by detecting misconfigured DNS settings.

A community repository of custom AWS Config rules for evaluating AWS resource configurations against compliance and security standards.

Principal Mapper is a Python tool that models AWS IAM configurations as directed graphs to identify privilege escalation risks and alternative attack paths in AWS environments.

A Ruby-based tool that creates visual diagrams of AWS EC2 security group configurations to help understand network access patterns and security relationships.