Cloud

A training program that teaches security professionals how to conduct penetration testing and attack simulations against AWS and Azure cloud infrastructure.

Metabadger automates the upgrade of AWS EC2 instances to use the more secure Instance Metadata Service v2 (IMDSv2) to prevent SSRF attacks and reduce attack surface.

A PowerShell toolkit for penetration testing Microsoft Azure environments, providing discovery, configuration auditing, and post-exploitation capabilities.

Cloudmarker is a configurable cloud monitoring tool and framework that audits Azure and GCP environments by retrieving, analyzing, and alerting on cloud security data.

Shuffle Automation is an accessible automation platform that provides workflow automation capabilities for security operations with both self-hosted and cloud deployment options.

SkyArk is a cloud security scanning tool that identifies privileged entities in AWS and Azure environments to help mitigate Cloud Shadow Admin threats.

A NodeJS/TypeScript library that generates IAM Policy Actions Statements for AWS services with predefined constants and factory classes for AWS CDK integration.

Zero Online Banking offers a convenient way to manage money with various features like checking account activity and transferring funds securely.

SkyWrapper analyzes temporary token behaviors in AWS accounts to detect suspicious activities and generates Excel reports with findings summaries.

Teller is a command-line secret management tool that integrates with various cloud providers and vaults to securely populate environment variables during development workflows.

A collection of Python scripts for conducting penetration testing activities against Amazon Web Services (AWS) environments.

A multi-cloud asset enumeration tool that helps blue teams centralize and inventory assets across multiple cloud providers with minimal configuration.

Advanced threat prevention and detection platform leveraging Deep CDR, Multiscanning, and Sandbox technologies to protect against data breaches and ransom attacks.

Security Monkey monitors AWS, GCP, and OpenStack environments for policy changes and insecure configurations, providing historical tracking and alerting capabilities through a centralized interface.

A proof-of-concept toolkit for fingerprinting and exploiting Amazon Web Services cloud infrastructures using the boto library.

A command line tool that counts and inventories AWS resources across multiple regions, providing visibility into cloud infrastructure with efficient API querying.

A multi-threaded Ruby tool for comprehensive AWS security inventory collection that gathers detailed resource attributes, metadata, and policy information across AWS environments.

Template-based incident response runbooks for AWS environments following NIST guidelines to help organizations handle common cloud security incidents.