CloudMapper
CloudMapper helps you analyze your Amazon Web Services (AWS) environments. It now contains much more functionality, including auditing for security issues. Commands: * audit: Check for potential misconfigurations. * collect: Collect metadata about an account. * find_admins: Look at IAM policies to identify admin users and roles, or principals with specific privileges. * find_unused: Look for unused resources in the account. Finds unused Security Groups, Elastic IPs, network interfaces, volumes and elastic load balancers. * prepare/webserver: See Network Visualizations * public: Find public hosts and port ranges. * sg_ips: Get geoip info on CIDRs trusted in Security Groups. * stats: Show counts of resources for accounts. * weboftrust: Show Web Of Trust.
FEATURES
SIMILAR TOOLS
Automate actions on Security Command Center findings with automated disk snapshots, IAM grant revocation, and more.
In-depth analysis and insights on various cloud security topics by Rhino Security Labs team
Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.
Learn how to secure applications in Kubernetes Engine by granting varying levels of privilege based on requirements.
Multi-cloud OSINT tool for enumerating public resources in AWS, Azure, and Google Cloud.
Open-source project for detecting security risks in cloud infrastructure accounts with support for AWS, Azure, GCP, OCI, and GitHub.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
Tool for assessing compliance and running vulnerability scans on Docker images.
PINNED
Proton Pass is a cross-platform password manager that provides encrypted storage, password generation, and security monitoring features with integrated 2FA and dark web monitoring capabilities.
NordVPN is a commercial VPN service that encrypts internet connections and hides IP addresses through a global network of servers, featuring integrated threat protection and multi-device support.
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.