AWS Lambda - IAM Access Key Disabler
The AWS Key disabler is a Lambda Function that disables AWS IAM User Access Keys after a set amount of time in order to reduce the risk associated with old access keys. Prerequisites: * Node.js with NPM installed * Gruntjs installed * AWSCLI commandline tool installed It also assumes that you have an AWS account with SES enabled, ie domain verified and sandbox mode removed. Installation instructions: 1. Grab yourself a copy of this script 2. Navigate into the /grunt folder 3. Setup the Grunt task runner, e.g. install its deps: npm install 4. Fill in the following information in /grunt/package.json 5. Set the aws_account_number value to your AWS account number
FEATURES
ALTERNATIVES
A tool that determines what AWS API calls are logged by CloudTrail and what they are logged as, and can also be used as an attack simulation framework.
Converts the format of various S3 buckets for bug bounty and security testing.
Open-source cloud-agnostic resource manager for analyzing and managing cloud cost, usage, security, and governance.
Cloud Security Suite (cs-suite) - Version 3.0 Usage for cloud security audits on AWS, GCP, Azure, and DigitalOcean.
Analyzes CloudTrail data of a given AWS account and generates a summary of recently active IAM principals, API calls they made, as well as regions, IP addresses and user agents they used.
Access Undenied parses AWS AccessDenied CloudTrail events, explains the reasons for them, and offers actionable fixes.
CloudScraper is a tool for enumerating cloud resources, including S3 Buckets, Azure Blobs, and Digital Ocean Storage Space.
A setuid implementation of a subset of user namespaces, providing a way to run unprivileged containers without requiring root privileges.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
System Two Security
An AI-powered platform that automates threat hunting and analysis by processing cyber threat intelligence and generating customized hunt packages for SOC teams.
Aikido Security
Aikido is an all-in-one security platform that combines multiple security scanning and management functions for cloud-native applications and infrastructure.
Permiso
Permiso is an Identity Threat Detection and Response platform that provides comprehensive visibility and protection for identities across multiple cloud environments.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.