Leonidas
0
Free
This is the repository containing Leonidas, a framework for executing attacker actions in the cloud. It provides a YAML-based format for defining cloud attacker tactics, techniques and procedures (TTPs) and their associated detection properties. These definitions can then be compiled into: A web API exposing each test case as an individual endpoint Sigma rules (https://github.com/Neo23x0/sigma) for detection Documentation - see http://detectioninthe.cloud/ for an example. The API is deployed via an AWS-native CI/CD pipeline, and it is invoked via web requests secured by an API key. To build documentation or Sigma rules, you'll need to install the generator locally and can generate Sigma rules and documentation accordingly.
FEATURES
The author has not provided features for this tool yet. If you are the author, please sign in or claim the tool to add features by clicking the icon above.
ALTERNATIVES
Krampus is a security solution for managing AWS objects and can be used as a cost-control tool.
Free
Burp extension for identifying cloud buckets and testing for vulnerabilities
Free
Show the history and changes between configuration versions of AWS resources
Free
An AWS Lambda auditing tool that provides asset visibility and actionable results through statistical analysis and security checks.
Free
Lists AWS resources using the AWS Cloud Control API and writes them to a JSON output file.
Free
Cloud Security Suite (cs-suite) - Version 3.0 Usage for cloud security audits on AWS, GCP, Azure, and DigitalOcean.
Free
CloudScraper is a tool for enumerating cloud resources, including S3 Buckets, Azure Blobs, and Digital Ocean Storage Space.
Free
An open-source security tool for AWS, Azure, Google Cloud, and Kubernetes security assessments and audits.
Free
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Free
Security Operations
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Free
Blogs and News
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Commercial
Cloud Security
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.
Commercial
AI Security