CFRipper
CFRipper is a Library and CLI security analyzer for AWS CloudFormation templates. You can use CFRipper to prevent deploying insecure AWS resources into your Cloud environment. You can write your own compliance checks by adding new custom plugins. Docs and more details available in [CFRipper Documentation](https://cfripper.readthedocs.io/) CLI Usage: Normal execution: $ cfripper /tmp/root.yaml /tmp/root_bypass.json --format txt Analysing /tmp/root.yaml... Not adding CrossAccountTrustRule failure in rootRole because no AWS Account ID was found in the config. Valid: False Issues found: - FullWildcardPrincipalRule: rootRole should not allow full wildcard '*', or wildcard in account ID like 'arn:aws:iam::*:12345' at '*' - IAMRolesOverprivilegedRule: Role 'rootRole' contains an insecure permission '*' in policy 'root' Analysing /tmp/root_bypass.json... Valid: True Using the 'resolve' flag: $ cfripper /tmp/root.yaml /tmp/root_bypass.json --format txt --resolve Analysing /tmp/root.yaml... Not adding CrossAccountTrustRule failure in rootRole because no AWS Account ID was found in the config. Valid: False Issues found: - FullWildcardPrincipalRule: rootRole should not allow full wildcard '*', or wildcard in acco
FEATURES
ALTERNATIVES
Aikido is an all-in-one security platform that combines multiple security scanning and management functions for cloud-native applications and infrastructure.
A source code search engine for searching alphanumeric snippets, signatures, or keywords in web page HTML, JS, and CSS code.
A Burp extension for scanning JavaScript files for endpoint links
Automatically redirect users from www to non-www for a secure connection.
Integrates static APK analysis with Yara and requires re-compilation of Yara with the androguard module.
A comprehensive toolkit for web application security testing, offering a range of products and solutions for identifying vulnerabilities and improving security posture.
OpenRASP directly integrates its protection engine into the application server by instrumentation, providing context-aware protection and detailed stack trace logging.
InQL is a Burp Suite extension for advanced GraphQL testing and vulnerability detection
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.