CFRipper Logo

CFRipper

0
Free
Visit Website

CFRipper is a Library and CLI security analyzer for AWS CloudFormation templates. You can use CFRipper to prevent deploying insecure AWS resources into your Cloud environment. You can write your own compliance checks by adding new custom plugins. Docs and more details available in [CFRipper Documentation](https://cfripper.readthedocs.io/) CLI Usage: Normal execution: $ cfripper /tmp/root.yaml /tmp/root_bypass.json --format txt Analysing /tmp/root.yaml... Not adding CrossAccountTrustRule failure in rootRole because no AWS Account ID was found in the config. Valid: False Issues found: - FullWildcardPrincipalRule: rootRole should not allow full wildcard '*', or wildcard in account ID like 'arn:aws:iam::*:12345' at '*' - IAMRolesOverprivilegedRule: Role 'rootRole' contains an insecure permission '*' in policy 'root' Analysing /tmp/root_bypass.json... Valid: True Using the 'resolve' flag: $ cfripper /tmp/root.yaml /tmp/root_bypass.json --format txt --resolve Analysing /tmp/root.yaml... Not adding CrossAccountTrustRule failure in rootRole because no AWS Account ID was found in the config. Valid: False Issues found: - FullWildcardPrincipalRule: rootRole should not allow full wildcard '*', or wildcard in acco

FEATURES

ALTERNATIVES

A tool for identifying potential security vulnerabilities in dependency configurations by checking for lingering free namespaces for private package names.

A collection of mobile security resources with tools, white papers, ebooks, and webinars.

Security design review automation tool that scans design documents and provides security requirements to development teams during the planning phase.

InQL is a Burp Suite extension for advanced GraphQL testing and vulnerability detection

An agentless API security platform that discovers, tests, and secures APIs through source code analysis without requiring traffic monitoring.

An integrated application security platform that combines software composition analysis, container scanning, and runtime security monitoring to identify and prioritize vulnerabilities based on actual usage and risk.

An open-source modern Dependency Walker for Windows developers.

YLS Language Server for YARA Language with comprehensive features and Python 3.8 support.