Leonidas
A framework for executing attacker actions in the cloud with YAML-based format for defining TTPs and detection properties, deployable via AWS-native CI/CD pipeline.
Cloudlist is a multi-cloud tool for getting Assets from Cloud Providers. It is intended for blue teams to centralize assets across multiple clouds with minimal configuration. Features include listing cloud assets with multiple configurations, support for multiple cloud providers, output formats, filters, and extensibility. It also supports stdout for pipeline integration. Usage: cloudlist -h for help and various flags for configuration and filtering.
A framework for executing attacker actions in the cloud with YAML-based format for defining TTPs and detection properties, deployable via AWS-native CI/CD pipeline.
Metabadger helps prevent SSRF attacks on AWS EC2 by automating upgrades to the more secure Instance Metadata Service v2 (IMDSv2).
Docker security audit tool with custom audit profiles and JSON report generation based on CIS Docker 1.6 Benchmark.
AI-Powered Cloud Assistant for building, securing, and operating cloud environments.
A CLI tool and Go library for generating a Software Bill of Materials (SBOM) from container images and filesystems.
A tool for spinning up insecure AWS infrastructure with Terraform for training and security assessment purposes.