k-rail
A workload policy enforcement tool for Kubernetes with various supported policies and configuration options.
The cfn-nag tool scans CloudFormation templates to identify insecure infrastructure patterns such as overly permissive IAM rules, security group rules, lack of access logs, encryption, and password literals. It can be installed via gem or brew, and can be integrated into CodePipeline for automated scanning.
A workload policy enforcement tool for Kubernetes with various supported policies and configuration options.
A framework for executing attacker actions in the cloud with YAML-based format for defining TTPs and detection properties, deployable via AWS-native CI/CD pipeline.
An open-source framework for testing and validating the security of AWS services and resources.
A search engine for open Amazon S3 buckets and their contents, allowing users to search for files using keywords, filename extensions, and full path.
gVisor is an application kernel that provides isolation for running sandboxed containers.
Automated script for creating a vulnerable Azure cloud lab to train offensive security skills.