CloudMapper
CloudMapper helps you analyze your Amazon Web Services (AWS) environments. It now contains much more functionality, including auditing for security issues. Commands: * audit: Check for potential misconfigurations. * collect: Collect metadata about an account. * find_admins: Look at IAM policies to identify admin users and roles, or principals with specific privileges. * find_unused: Look for unused resources in the account. Finds unused Security Groups, Elastic IPs, network interfaces, volumes and elastic load balancers. * prepare/webserver: See Network Visualizations * public: Find public hosts and port ranges. * sg_ips: Get geoip info on CIDRs trusted in Security Groups. * stats: Show counts of resources for accounts. * weboftrust: Show Web Of Trust.
FEATURES
ALTERNATIVES
DataCop is a custom AWS framework for mitigating S3 bucket attack vectors based on customer configuration.
A search engine for open Amazon S3 buckets and their contents, allowing users to search for files using keywords, filename extensions, and full path.
Cloud Security Dashboard with AWS CIS Security Benchmarks and JIRA integration.
A command line tool that counts Amazon resources across regions and displays the results in a friendly format.
A command-line tool to get valuable information out of AWS CloudTrail and a general purpose toolbox for working with IAM policies
A small project for continuous auditing of internet-facing AWS services
A script and library for identifying risks in AWS IAM configuration
AWS serverless cloud security tool for parsing and alerting on CloudTrail logs using EQL.
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.