Smogcloud
Find exposed AWS cloud assets that you did not know you had. A comprehensive asset inventory is step one to any capable security program. Smogcloud enables security engineers, penetration testers, and AWS administrators to monitor the collective changes that create dynamic and ephemeral internet-facing assets on a more frequent basis. It may be useful to identify Internet-facing FQDNs and IPs across one or hundreds of AWS accounts, misconfigurations or vulnerabilities, assets that are no longer in use, services not currently monitored, and shadow IT. To get started, install and setup golang, then install Smogcloud using the provided command. Set up AWS environment variables for the account you wish to query, and run the application.
FEATURES
ALTERNATIVES
A collection of tools to debug and inspect Kubernetes resources and applications, managing eBPF programs execution and mapping kernel primitives to Kubernetes resources.
A project exploring minimal set of restrictions for running untrusted code using Linux containers in a concise codebase.
Azure Guardrails enables rapid enforcement of cloud security guardrails by generating Terraform files for Azure Policy Initiatives.
CloudScraper is a tool for enumerating cloud resources, including S3 Buckets, Azure Blobs, and Digital Ocean Storage Space.
Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.
Converts the format of various S3 buckets for bug bounty and security testing.
A small project for continuous auditing of internet-facing AWS services
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.