Cloud Container Attack Tool (CCAT)
Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments. Quick reference Where to get help: the Pacu/CloudGoat/CCAT Community Slack, or Stack Overflow Where to file issues: https://github.com/RhinoSecurityLabs/ccat/issues Maintained by: the Rhino Assessment Team Requirements Python 3.5+ is required. Docker is required. Note: CCAT is tested with Docker Engine 19.03.1 version. Named profile is required for using AWS functionality. A service account or access token is required for using GCP functionality. Installation We recommend using the provided Docker image to run CCAT, so that you will not face any difficulty with the required dependencies on your own system. Install CCAT from source $ git clone https://github.com/RhinoSecurityLabs/ccat.git $ cd ccat $ python3 setup.py install $ python3 ccat.py Use CCAT's Docker Image Warning: Running this command will mount your local AWS configuration files into the Docker container when it is launched. This means that any user with access to the container will have access to your host computer's AWS credentials. Warning: Running this command will mount your local Unix
FEATURES
ALTERNATIVES
In-depth analysis and insights on various cloud security topics by Rhino Security Labs team
Comprehensive suite of tools and resources by Microsoft Azure for ensuring security and protection of data and applications in the cloud.
Automate actions on Security Command Center findings with automated disk snapshots, IAM grant revocation, and more.
Generate Amazon GuardDuty findings related to real AWS resources with multiple tests available.
Multi-cloud OSINT tool for enumerating public resources in AWS, Azure, and Google Cloud.
Gatekeeper is a policy management tool for Kubernetes that provides an extensible, parameterized policy library and native Kubernetes CRDs for instantiating and extending the policy library.
A collection of tools for forensics teams to collect evidence from cloud platforms
Open source multi-cloud security-auditing tool for assessing security posture of cloud environments.
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.