AWS Cloud Security
AWS Cloud Security offers security services and compliance tools for securing data and applications on AWS.
This project takes a Docker registry and pillages the manifest and configuration for each image in its catalog. It uses Google's crane command's package, which should follow docker's keychain semantics. If you would like to override this, just change authn.DefaultKeychain as described in the https://github.com/google/go-containerregistry/tree/master/pkg/authn/k8schain Install: ```git clone https://github.com/nccgroup/go-pillage-registries.git cd go-pillage-registries go install ./...``` Usage: ```$ pilreg Usage: pilreg <registry> [flags] Flags: -c, --cache string Path to cache image layers (optional, only used if images are pulled) -h, --help help for pilreg -i, --insecure Fetch Data over plaintext -r, --repos strings list of repositories to scan on the registry. If blank, pilreg will attempt to enumerate them using the catalog API -o, --results string Path to directory for storing results. If blank, outputs configs and manifests as json object to Stdout.(must be used if 'store-images` is enabled) -k, --skip-tls Disables TLS certificate verification -s, --store-images Downloads filesystem for discovered images and stores an archive in the output directory (Disabled by default)
AWS Cloud Security offers security services and compliance tools for securing data and applications on AWS.
CloudScraper is a tool for enumerating cloud resources, including S3 Buckets, Azure Blobs, and Digital Ocean Storage Space.
Multi-account cloud security tool for AWS with real-time reporting and auto-remediation capabilities.
Open source multi-cloud security-auditing tool for assessing security posture of cloud environments.
Metabadger helps prevent SSRF attacks on AWS EC2 by automating upgrades to the more secure Instance Metadata Service v2 (IMDSv2).
A security tool to identify interesting files in AWS S3 buckets