CloudSploit by Aqua Logo

CloudSploit by Aqua

0
Free
Visit Website

CloudSploit by Aqua is an open-source project designed to allow detection of security risks in cloud infrastructure accounts, including: Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP), Oracle Cloud Infrastructure (OCI), and GitHub. Deployment Options: - Self-Hosted - Hosted at Aqua Wave Installation Configuration: - Amazon Web Services - Microsoft Azure - Google Cloud Platform - Oracle Cloud Infrastructure CloudSploit Config File Credential Files Environment Variables Running CLI Options: - Compliance (HIPAA, PCI, CIS Benchmarks) - Output Formats (Console Output, Ignoring Passing Results, CSV, JSON, JUnit XML) - Collection Output - Suppressions - Running a Single Plugin Architecture Writing a Plugin Other Notes

FEATURES

ALTERNATIVES

A publicly open storage viewer for various storage services.

Burp extension for identifying cloud buckets and testing for vulnerabilities

Automated script for creating a vulnerable Azure cloud lab to train offensive security skills.

Metabadger helps prevent SSRF attacks on AWS EC2 by automating upgrades to the more secure Instance Metadata Service v2 (IMDSv2).

Detect off-instance key usage in AWS by analyzing CloudTrail files locally.

Lists AWS resources using the AWS Cloud Control API and writes them to a JSON output file.

A Python script that lists all main resources of your AWS account, helping you find resources that affect billing and/or security.

A tool for testing AWS S3 bucket permissions and security