161 tools and resources
Tessian is an AI-powered cloud email security solution that protects against advanced phishing, account compromise, data exfiltration, and helps coach users on email security.
Sense Defence is a next-generation web security suite that leverages AI to provide real-time threat detection and blocking.
VIDOC is an AI-powered security tool that automates code review, detects and fixes vulnerabilities, and monitors external security, ensuring the integrity of both human-written and AI-generated code in software development pipelines.
BuiltWith API client
A tool to escalate SSRF vulnerabilities on modern cloud environments
CloudScraper is a tool for enumerating cloud resources, including S3 Buckets, Azure Blobs, and Digital Ocean Storage Space.
Burp extension for identifying cloud buckets and testing for vulnerabilities
A command-line tool to get valuable information out of AWS CloudTrail and a general purpose toolbox for working with IAM policies
S3Scanner scans for misconfigured S3 buckets across S3-compatible APIs, identifying potential security vulnerabilities and data exposure risks.
A cybersecurity blog from Microsoft, featuring articles and guides on various security topics, including AI, threat intelligence, cloud security, and incident response.
AWS serverless cloud security tool for parsing and alerting on CloudTrail logs using EQL.
Krampus is a security solution for managing AWS objects and can be used as a cost-control tool.
A company that helps organizations create security-aware teams and produce bug-free software.
CLI program for cybersecurity solution management with multiple functionalities and authentication methods.
kube-hunter hunts for security weaknesses in Kubernetes clusters.
Load-balancing solution by Microsoft Azure with global infrastructure and financial guidance.
Automate actions on Security Command Center findings with automated disk snapshots, IAM grant revocation, and more.
pfSense is a leading open source firewall and network security solution, providing advanced protection and connectivity options.
Open-source policy-as-code software for multi-cloud and SaaS environments with GPT model conversations and custom analysis policies.
Open source software for leveraging insights from flow and packet analysis to identify potential security threats or attacks.
Cloud-based virus scan APIs for securing files, URLs, and content uploads with advanced anti-virus and malware scanning capabilities.
Tang is a server for binding data to network presence, providing an easy and secure alternative to key escrow.
A detection-as-code platform for streamlining cloud security operations and responding to security incidents.
A tool for discovering company infrastructure and apps on major cloud providers, beneficial for bug bounty hunters and penetration testers.
A search engine for open Amazon S3 buckets and their contents, allowing users to search for files using keywords, filename extensions, and full path.
Orchestration toolchain for scanning source code and infrastructure IaC against security risks.
A serverless application for creating and monitoring URL tokens with threat intelligence and customizable alerts.
Lists AWS resources using the AWS Cloud Control API and writes them to a JSON output file.
Managed Kubernetes Inspection Tool leveraging FOSS tools to query and validate security-related settings.
AWS account compliance using centrally managed Config Rules
Cloud Custodian (c7n) is a rules engine for managing public cloud accounts and resources with a focus on security, compliance, and cost optimization.
AWS Scout2 is a security tool for AWS administrators to assess their environment's security posture.
Tenzir is a data pipeline solution for optimizing cloud and data costs, running detections and analytics.
A technology-focused blog discussing innovations in painting and the importance of expert painters.
Implements a cloud version of the Shadow Copy attack against domain controllers in AWS, allowing theft of domain user hashes.
Sangfor Technologies is a leading cybersecurity, cloud, and infrastructure vendor providing effective cybersecurity and efficient enterprise cloud solutions.
A comprehensive incident response and threat hunting tool for Google Cloud Platform, providing logs and forensic data for effective incident response and threat hunting.
SentinelOne's Singularity Platform is an AI-powered enterprise security platform providing autonomous endpoint, cloud, identity, and data protection through its integrated XDR solution.
PacBot is a platform for continuous compliance monitoring, compliance reporting, and security automation for the cloud, with a plugin-based data ingestion architecture.
A community-driven list of sample security analytics for auditing cloud usage and detecting threats in Google Cloud.
An open-sourced framework for managing resources across hundreds of AWS Accounts
Azure DDoS Protection and Mitigation Services by Microsoft Azure for secure cloud solutions.
A learning and training project demonstrating common configuration errors in cloud environments.
Multi-account cloud security tool for AWS with real-time reporting and auto-remediation capabilities.
IAM Zero detects IAM issues and suggests least-privilege policies for AWS and other cloud platforms.
Comprehensive set of security controls for various AWS services to ensure a secure cloud environment.
Comprehensive cybersecurity tool for Microsoft Azure providing CSPM & CWPP capabilities.
Tool for analyzing cloud resources against best practices and generating reports.
Microsoft Azure's dedicated HSM for secure key management and cryptographic operations.
Azucar is a multi-threaded plugin-based tool for assessing Azure Cloud security.
Continually audit your AWS usage to simplify risk and compliance assessment.
Nuvola is a tool for security analysis on AWS environments with a focus on creating a digital twin of cloud platforms.
CloudFox helps gain situational awareness in unfamiliar cloud environments for penetration testers and offensive security professionals.
ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring.
An all-in-one email outreach platform for finding and connecting with professionals, with features for lead discovery, email verification, and cold email campaigns.
Metadata repository with installation tools and cloud provider support.
Open-source project for detecting security risks in cloud infrastructure accounts with support for AWS, Azure, GCP, OCI, and GitHub.
Microsoft Azure service for safeguarding cryptographic keys and secrets.
Pacu is an open-source AWS exploitation framework for offensive security testing against cloud environments.
A dynamic infrastructure framework for efficient multi-cloud security operations and distributed scanning.
A tool for searching through public EBS snapshots for secrets, organized as an Elastic Beanstalk application.
Create Docker container images for testing and long-term use.
Comprehensive cybersecurity platform for hybrid and multi-cloud environments
A tool for identifying security issues in CloudFormation templates.
A game packed with real-life examples of how not to store secrets in software, with 46 challenges to solve.
An open source cloud security platform for discovering, prioritizing, and remediating risks in the cloud.
A portable Docker container with preinstalled AWS security tools for SecOps on AWS.
Resmo's Cybersecurity Blog provides expert insights and tools for securing SaaS applications and cloud documents for IT and security teams.
Contains various use cases of Kubernetes Network Policies and sample YAML files.
Analyzes CloudTrail data of a given AWS account and generates a summary of recently active IAM principals, API calls they made, as well as regions, IP addresses and user agents they used.
Open-source set of libraries and drivers to accelerate network performance.
Emsisoft Enterprise Security + EDR provides robust and proven endpoint security for organizations of all sizes with layered protection and a cloud-based management console.
CFRipper is a Library and CLI security analyzer for AWS CloudFormation templates.
SANS Blog provides extensive cybersecurity training and certifications tailored to a wide range of IT security areas and skill levels.
CLI tool for deleting AWS resources in bulk with inspecting functionality.
Top 15 recommendations to protect your business from email-borne threats with Security Gateway.
A tool that discovers all AWS resources created in an account
Symantec Enterprise Cloud provides comprehensive cybersecurity for large enterprises, with a focus on data-centric hybrid security and innovation in threat and data protection.
Comprehensive endpoint protection platform providing unified visibility and security for cloud workloads, endpoints, and containers.
Fast Intercept is a security automation platform that empowers users to maximize their existing security products and automate routine tasks.
Interactive online malware sandbox for real-time analysis and threat intelligence
A tool to fetch all public IP addresses associated with an AWS account
A project that sets up partitioned Athena tables for CloudTrail logs and updates partitions nightly.
Cisco Umbrella is a cloud security platform that offers protection against threats on the internet by blocking malicious activity.
Cloud Security Suite (cs-suite) - Version 3.0 Usage for cloud security audits on AWS, GCP, Azure, and DigitalOcean.
AWS Cloud Security offers security services and compliance tools for securing data and applications on AWS.
A robust and flexible hunt and incident response tool for investigating AzureAD, Azure, and M365 environments.
A small project for continuous auditing of internet-facing AWS services
A service that analyzes and visualizes security data to investigate potential security issues.
Elastic is a search-powered AI company that enables users to find answers from all data in real-time at scale.
Automated script for creating a vulnerable Azure cloud lab to train offensive security skills.
Assess, audit, and evaluate configurations of AWS resources.
CloudGoat is a 'Vulnerable by Design' AWS deployment tool for honing cloud cybersecurity skills through 'capture-the-flag' style scenarios.
Automate AWS security checks and centralize security alerts.
Detect off-instance key usage in AWS by analyzing CloudTrail files locally.
A cloud-based key management service for encrypting and digitally signing data.
Identify unintended network access to AWS resources and ensure network security by analyzing network reachability conditions.
A security tool that monitors AWS objects for ownership attribution, detects domain hijacking, and verifies security services.
Scripts to quickly fix security and compliance issues
A collection of tools for forensics teams to collect evidence from cloud platforms
A tool to analyze and audit AWS environments for security issues and misconfigurations.
Ice provides a birds-eye view of cloud resources and usage patterns in AWS.
A highly interactive honeypot for observing access from attackers by building easily targeted and compromised web applications, forwarding logs to Google BigQuery for accumulation and visualization.
Multi-cloud antivirus scanning API with CLAMAV and YARA support for AWS S3, Azure Blob Storage, and GCP Cloud Storage.
Stay up-to-date on the latest trends and developments in AWS Cloud Security with this weekly digest newsletter.
A tool that detects dangling DNS records in a multi-cloud environment to prevent subdomain takeovers.
Find exposed AWS cloud assets that you did not know you had.
DataCop is a custom AWS framework for mitigating S3 bucket attack vectors based on customer configuration.
An open-source framework for testing and validating the security of AWS services and resources.
A free training course and lab environment for learning to test and attack cloud infrastructure, including AWS and Azure.
Azure Guardrails enables rapid enforcement of cloud security guardrails by generating Terraform files for Azure Policy Initiatives.
AI-Powered Cloud Assistant for building, securing, and operating cloud environments.
Cloudmarker is a cloud monitoring tool and framework that audits Azure and GCP cloud environments.
Romana automates cloud native network creation and secures applications with a distributed firewall.
AWS Network Firewall provides fine-grained control over network traffic and enables easy deployment of firewall security.
A system for reserving classrooms at the University of Pisa.
CrowdSec is a behavior detection engine with a global IP reputation network.
Cloud security project focusing on discovering and protecting privileged entities in AWS and Azure environments.
Zero Online Banking offers a convenient way to manage money with various features like checking account activity and transferring funds securely.
Open source security data lake for AWS with real-time log normalization and Detection-as-Code capabilities.
Cloud Security Dashboard with AWS CIS Security Benchmarks and JIRA integration.
TeamTNT is modifying its malicious shell scripts after they were made public by security researchers.
Identifies misconfigured CloudFront domains vulnerable to hijacking
Helm plugin for decrypting encrypted Helm value files on the fly and integrating with cloud native secret managers.
AhnLab PLUS is a unified security platform providing comprehensive cybersecurity solutions for businesses.
Open-source universal secret manager for developers with seamless integration to various cloud services and vaults.
Webroot Endpoint Protection provides advanced cloud-based protection against malicious files, scripts, exploits, and URLs to keep businesses safe from cyberattacks.
Comprehensive suite of tools and resources by Microsoft Azure for ensuring security and protection of data and applications in the cloud.
Directory containing components to build labs for Chapter 29 with setup instructions and VM information.
A tool to conduct preliminary security checks in code, infrastructure, or IAM configurations using various open-source tools.
A multi-cloud tool for centralizing assets across multiple clouds with minimal configuration.
Open source DDoS protection system with centralized policy for network operators.
Track user activity and API usage on AWS and in hybrid and multicloud environments.
AWS Community repository of custom Config rules with instructions for leveraging and developing AWS Config Rules.
A series of levels teaching about common mistakes and gotchas when using Amazon Web Services (AWS).
Monitors AWS and GCP accounts for policy changes and alerts on insecure configurations, with support for OpenStack and GitHub monitoring.
A framework for executing attacker actions in the cloud with YAML-based format for defining TTPs and detection properties, deployable via AWS-native CI/CD pipeline.
A set of tools for fingerprinting and exploiting Amazon cloud infrastructures
Centrally Manage Cloud Firewall Rules with AWS Firewall Manager
Manage single-tenant hardware security modules (HSMs) on AWS.
A command line tool that counts Amazon resources across regions and displays the results in a friendly format.
Open-source cloud-agnostic resource manager for analyzing and managing cloud cost, usage, security, and governance.
Amazon GuardDuty is a threat detection service for AWS accounts.
AWS Shield provides managed DDoS protection for your applications, automatically detecting and mitigating sophisticated network-level DDoS events.
A secret keeper that stores secrets in DynamoDB, encrypted at rest.
Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.
Netis Cloud Probe is an open source project for capturing and analyzing network packets across different machines.
A graph-based tool for visualizing effective access and resource relationships within AWS
An AWS resource policy security checkup tool that identifies public, external account access, intra-org account access, and private resources.
Acronis Cyber Protect is an integrated cybersecurity and data protection platform that provides comprehensive protection for businesses, service providers, and individuals.
Diffy is a digital forensics and incident response (DFIR) tool developed by Netflix's Security Intelligence and Response Team (SIRT) for scoping compromises across cloud instances.
A comprehensive guide to investigating security incidents in popular cloud platforms, covering essential tools, logs, and techniques for cloud investigation and incident response.
Scalable, cost-effective application recovery to AWS.
Open-source platform for IT and security teams with flexibility in feature usage and support for various platforms.
In-depth analysis and insights on various cloud security topics by Rhino Security Labs team
A command-line tool for managing and analyzing Microsoft Forefront TMG and UAG configurations.
CloudTracker helps identify over-privileged IAM users and roles by analyzing CloudTrail logs.
Static code analysis tool for infrastructure as code (IaC) and software composition analysis (SCA) with over 1000 built-in policies for AWS, Azure, and Google Cloud.
IT Security Guru provides up-to-date news and expert insights on a wide range of cybersecurity topics.
Zeus is a powerful tool for AWS EC2 / S3 / CloudTrail / CloudWatch / KMS best hardening practices with a focus on Identity and Access Management.
Open source multi-cloud security-auditing tool for assessing security posture of cloud environments.
