AWS List Resources
Uses the AWS Cloud Control API to list resources that are present in a given AWS account and region(s). Discovered resources are written to a JSON output file. Make sure you have AWS credentials configured for your target account. This can either be done using environment variables or by specifying a named profile in the optional --profile argument. Read-only IAM permissions are sufficient. If you run the script against specific regions, it is recommended to also include the us-east-1 region. This ensures that resources of global AWS services are captured as well. Example invocations: pip install -r requirements.txt python aws_list_resources.py --regions us-east-1,eu-central-1 python aws_list_resources.py --regions ALL python aws_list_resources.py --regions ALL --include-resource-types AWS::EC2::*,AWS::DynamoDB::* --exclude-resource-types AWS::EC2::DHCPOptions,AWS::EC2::VPCGatewayAttachment Supported arguments: --exclude-resource-types do not list the specified comma-separated resource types (supports wildcards) --include-resource-types only list the specified comma-separated resource types (supports wildcards)
FEATURES
ALTERNATIVES
A script and library for identifying risks in AWS IAM configuration
Generate Amazon GuardDuty findings related to real AWS resources with multiple tests available.
Docker's Actuary automates security best-practices checks for Docker containers.
Cloudmarker is a cloud monitoring tool and framework that audits Azure and GCP cloud environments.
A CLI tool and Go library for generating a Software Bill of Materials (SBOM) from container images and filesystems.
A security tool that monitors AWS objects for ownership attribution, detects domain hijacking, and verifies security services.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
System Two Security
An AI-powered platform that automates threat hunting and analysis by processing cyber threat intelligence and generating customized hunt packages for SOC teams.
Aikido Security
Aikido is an all-in-one security platform that combines multiple security scanning and management functions for cloud-native applications and infrastructure.
Permiso
Permiso is an Identity Threat Detection and Response platform that provides comprehensive visibility and protection for identities across multiple cloud environments.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.