aws-allowlister
Automatically compile AWS SCPs for compliant AWS services based on preferred frameworks.
Find exposed AWS cloud assets that you did not know you had. A comprehensive asset inventory is step one to any capable security program. Smogcloud enables security engineers, penetration testers, and AWS administrators to monitor the collective changes that create dynamic and ephemeral internet-facing assets on a more frequent basis. It may be useful to identify Internet-facing FQDNs and IPs across one or hundreds of AWS accounts, misconfigurations or vulnerabilities, assets that are no longer in use, services not currently monitored, and shadow IT. To get started, install and setup golang, then install Smogcloud using the provided command. Set up AWS environment variables for the account you wish to query, and run the application.
Automatically compile AWS SCPs for compliant AWS services based on preferred frameworks.
CLI tool for deleting AWS resources in bulk with inspecting functionality.
DataCop is a custom AWS framework for mitigating S3 bucket attack vectors based on customer configuration.
Automated script for creating a vulnerable Azure cloud lab to train offensive security skills.
FunctionShield is a Serverless Security Library for Developers to enforce strict security controls on AWS Lambda & Google Cloud Functions runtimes.
A collection of tools for forensics teams to collect evidence from cloud platforms