AWS Security Hub
Automate AWS security checks and centralize security alerts.
This repository contains some tools to be used by forensics teams to collect evidence from cloud platforms. Currently, Google Cloud Platform, Microsoft Azure, and Amazon Web Services are supported. It consists of one module called libcloudforensics which implements functions that can be desirable in the context of incident response in a cloud environment, as well as a CLI wrapper tool for these functions. Documentation can be found on the ReadTheDocs page. Quick access: Installation User Manual How to contribute
Automate AWS security checks and centralize security alerts.
Multi-account cloud security tool for AWS with real-time reporting and auto-remediation capabilities.
A framework to analyze container images and gather useful information.
Exploit that launches a process on the host from within a Docker container run with the --privileged flag by abusing the Linux cgroup v1 “notification on release” feature.
A framework for executing attacker actions in the cloud with YAML-based format for defining TTPs and detection properties, deployable via AWS-native CI/CD pipeline.
Find exposed AWS cloud assets that you did not know you had.