Cloud Container Attack Tool (CCAT)
Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments. Quick reference Where to get help: the Pacu/CloudGoat/CCAT Community Slack, or Stack Overflow Where to file issues: https://github.com/RhinoSecurityLabs/ccat/issues Maintained by: the Rhino Assessment Team Requirements Python 3.5+ is required. Docker is required. Note: CCAT is tested with Docker Engine 19.03.1 version. Named profile is required for using AWS functionality. A service account or access token is required for using GCP functionality. Installation We recommend using the provided Docker image to run CCAT, so that you will not face any difficulty with the required dependencies on your own system. Install CCAT from source $ git clone https://github.com/RhinoSecurityLabs/ccat.git $ cd ccat $ python3 setup.py install $ python3 ccat.py Use CCAT's Docker Image Warning: Running this command will mount your local AWS configuration files into the Docker container when it is launched. This means that any user with access to the container will have access to your host computer's AWS credentials. Warning: Running this command will mount your local Unix
FEATURES
ALTERNATIVES
gVisor is an application kernel that provides isolation for running sandboxed containers.
A tool that determines what AWS API calls are logged by CloudTrail and what they are logged as, and can also be used as an attack simulation framework.
Access Undenied parses AWS AccessDenied CloudTrail events, explains the reasons for them, and offers actionable fixes.
Nuvola is a tool for security analysis on AWS environments with a focus on creating a digital twin of cloud platforms.
Managed Kubernetes Inspection Tool leveraging FOSS tools to query and validate security-related settings.
A setuid implementation of a subset of user namespaces, providing a way to run unprivileged containers without requiring root privileges.
A Lambda Function that disables AWS IAM User Access Keys after a set amount of time to reduce the risk associated with old access keys.
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.