Cloud Security

AWS Web Application Firewalls (WAFs) are cloud-based security services that protect web applications and APIs from internet-based attacks through customizable filtering rules and centralized management capabilities.

A Ruby-based tool that enumerates all public IPv4 and IPv6 addresses associated with an AWS account across multiple services including EC2, CloudFront, ELB, RDS, and others.

CloudTrail Partitioner automates the creation and management of partitioned Athena tables for AWS CloudTrail logs with nightly partition updates.

Cisco Umbrella is a cloud security platform that offers protection against threats on the internet by blocking malicious activity.

A command-line security auditing tool that performs Lynis-based security assessments across AWS, GCP, Azure, and DigitalOcean cloud platforms.

A Terraform tool that creates intentionally misconfigured AWS infrastructure with 84 vulnerabilities across 22 services for security training and testing purposes.

AWS Cloud Security offers security services and compliance tools for securing data and applications on AWS.

A robust and flexible hunt and incident response tool for investigating AzureAD, Azure, and M365 environments.

A distributed AWS security auditing tool that continuously enumerates and scans internet-facing AWS services to identify potentially misconfigured resources.

A GitHub action that lints AWS IAM policy documents to identify security issues and misconfigurations with configurable severity levels and custom rules.

A comprehensive repository of payloads and bypass techniques for web application security testing and penetration testing across multiple platforms and attack vectors.

An automated AWS security compliance remediation system that uses Lambda functions and SQS queues to automatically fix security violations detected by AWS Config.

A service that analyzes and visualizes security data to investigate potential security issues.

Elastic is a search-powered AI company that enables users to find answers from all data in real-time at scale.

AHHHZURE is an automated deployment script that creates vulnerable Azure cloud lab environments for offensive security training and cloud penetration testing practice.

Starbase is a graph-based security analysis platform that provides automated asset discovery and relationship mapping across external services and systems to enhance attack surface visibility.

Terrascan is a static code analyzer that scans Infrastructure as Code for security misconfigurations and compliance violations across multiple cloud platforms and container environments.

Assess, audit, and evaluate configurations of AWS resources.

CloudGoat is a vulnerable-by-design AWS deployment tool that creates intentionally insecure cloud environments for hands-on cybersecurity training through capture-the-flag scenarios.

Automate AWS security checks and centralize security alerts.

A command-line tool that analyzes local CloudTrail files to detect off-instance AWS key usage patterns for security monitoring and forensic analysis.

A cloud-based key management service for encrypting and digitally signing data.

Lambda-Proxy is a utility that enables SQL injection testing of AWS Lambda functions by converting SQLMap HTTP attacks into Lambda invoke calls through a local proxy.

Network Access Analyzer is an AWS VPC feature that identifies unintended network access to cloud resources by analyzing internet gateways, route tables, ACLs, and security groups.