Dow Jones Hammer is a multi-account cloud security tool for AWS that identifies misconfigurations and insecure data exposures within AWS resources, provides near real-time reporting capabilities, and can perform auto-remediation of some misconfigurations to create secure guardrails for products deployed on the cloud. The documentation is available on GitHub Pages at https://dowjones.github.io/hammer/. It covers security features like insecure services, cloud security issues, and technologies used such as Python 3.6, AWS services, Terraform, JIRA, and Slack.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
In-depth analysis and insights on various cloud security topics by Rhino Security Labs team
A collection of security workshops and hands-on content for AWS security services and techniques
Open-source project for detecting security risks in cloud infrastructure accounts with support for AWS, Azure, GCP, OCI, and GitHub.
S3Scanner scans for misconfigured S3 buckets across S3-compatible APIs, identifying potential security vulnerabilities and data exposure risks.
Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.
A search engine for open Amazon S3 buckets and their contents, allowing users to search for files using keywords, filename extensions, and full path.
Discover and understand the Docker Layer 2 ICC Bug and its implications on inter-container communication.
Automate actions on Security Command Center findings with automated disk snapshots, IAM grant revocation, and more.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.