Aws

AWS Cloud Security offers security services and compliance tools for securing data and applications on AWS.

Provision, manage, and renew SSL/TLS certificates for your AWS resources with AWS Certificate Manager.

A distributed AWS security auditing tool that continuously enumerates and scans internet-facing AWS services to identify potentially misconfigured resources.

A GitHub action that lints AWS IAM policy documents to identify security issues and misconfigurations with configurable severity levels and custom rules.

A comprehensive repository of payloads and bypass techniques for web application security testing and penetration testing across multiple platforms and attack vectors.

An automated AWS security compliance remediation system that uses Lambda functions and SQS queues to automatically fix security violations detected by AWS Config.

A tutorial on setting up Dionaea on an EC2 instance in 20 minutes

A Python script that performs security testing attacks against AWS Cognito services including account creation, user enumeration, and privilege escalation vulnerabilities.

Terrascan is a static code analyzer that scans Infrastructure as Code for security misconfigurations and compliance violations across multiple cloud platforms and container environments.

Assess, audit, and evaluate configurations of AWS resources.

CloudGoat is a vulnerable-by-design AWS deployment tool that creates intentionally insecure cloud environments for hands-on cybersecurity training through capture-the-flag scenarios.

Automate AWS security checks and centralize security alerts.

A command-line tool that analyzes local CloudTrail files to detect off-instance AWS key usage patterns for security monitoring and forensic analysis.

A cloud-based key management service for encrypting and digitally signing data.

Lambda-Proxy is a utility that enables SQL injection testing of AWS Lambda functions by converting SQLMap HTTP attacks into Lambda invoke calls through a local proxy.

Network Access Analyzer is an AWS VPC feature that identifies unintended network access to cloud resources by analyzing internet gateways, route tables, ACLs, and security groups.

Cloud Inquisitor is an AWS security tool that monitors resource ownership, detects domain hijacking, verifies security services, and manages IAM policies across multiple accounts.

A collection of automation scripts that quickly enable essential AWS security and compliance features that are not activated by default in AWS accounts.

A Terraform module that provides a compliance-focused AWS EKS setup with security hardening for PCI-DSS, SOC2, and HIPAA requirements.

A forensics toolkit for collecting digital evidence from Google Cloud Platform, Microsoft Azure, and Amazon Web Services during incident response investigations.

CloudMapper is an AWS security analysis tool that audits configurations, identifies misconfigurations, analyzes IAM policies, finds unused resources, and provides network visualization capabilities.

kube2iam provides IAM credentials to Kubernetes containers by intercepting EC2 metadata API calls and retrieving temporary AWS credentials based on pod annotations.

Ice is an AWS cloud cost management tool that provides multi-level visibility into cloud spending and resource utilization to support informed reservation purchases and resource optimization decisions.

A collection of AWS security benchmark resources including CIS Foundations Benchmark 1.1, best practices guides, and configuration documentation for securing Amazon Web Services environments.