Leonidas Logo

Leonidas

0
Free
Visit Website

This is the repository containing Leonidas, a framework for executing attacker actions in the cloud. It provides a YAML-based format for defining cloud attacker tactics, techniques and procedures (TTPs) and their associated detection properties. These definitions can then be compiled into: A web API exposing each test case as an individual endpoint Sigma rules (https://github.com/Neo23x0/sigma) for detection Documentation - see http://detectioninthe.cloud/ for an example. The API is deployed via an AWS-native CI/CD pipeline, and it is invoked via web requests secured by an API key. To build documentation or Sigma rules, you'll need to install the generator locally and can generate Sigma rules and documentation accordingly.

FEATURES

ALTERNATIVES

A multi-cloud tool for centralizing assets across multiple clouds with minimal configuration.

Multi-cloud OSINT tool for enumerating public resources in AWS, Azure, and Google Cloud.

A tool to analyze and audit AWS environments for security issues and misconfigurations.

AWS Cloud Security offers security services and compliance tools for securing data and applications on AWS.

Gatekeeper is a policy management tool for Kubernetes that provides an extensible, parameterized policy library and native Kubernetes CRDs for instantiating and extending the policy library.

Lists Amazon S3 Buckets while browsing

Kubeadm is a tool for creating Kubernetes clusters with best practices.

A security tool to identify interesting files in AWS S3 buckets

PINNED