WeirdAAL (AWS Attack Library)
WeirdAAL is an open-source framework for testing and validating the security of AWS services and resources. It provides a set of tools and libraries for simulating various types of attacks and vulnerabilities, allowing security researchers and penetration testers to test the security of AWS environments. WeirdAAL is designed to be highly customizable and extensible, making it a valuable tool for security professionals and researchers.
FEATURES
ALTERNATIVES
A tool for pillaging Docker registries to extract image manifests and configurations.
Generate Amazon GuardDuty findings related to real AWS resources with multiple tests available.
Cloud Security Dashboard with AWS CIS Security Benchmarks and JIRA integration.
CloudDefense.AI is a Cloud Native Application Protection Platform (CNAPP) that safeguards cloud infrastructure and cloud-native apps with expertise, precision, and confidence.
Exploit that launches a process on the host from within a Docker container run with the --privileged flag by abusing the Linux cgroup v1 “notification on release” feature.
A project that sets up partitioned Athena tables for CloudTrail logs and updates partitions nightly.
Tool for analyzing cloud resources against best practices and generating reports.
Metabadger helps prevent SSRF attacks on AWS EC2 by automating upgrades to the more secure Instance Metadata Service v2 (IMDSv2).
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
System Two Security
An AI-powered platform that automates threat hunting and analysis by processing cyber threat intelligence and generating customized hunt packages for SOC teams.
Aikido Security
Aikido is an all-in-one security platform that combines multiple security scanning and management functions for cloud-native applications and infrastructure.
Permiso
Permiso is an Identity Threat Detection and Response platform that provides comprehensive visibility and protection for identities across multiple cloud environments.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.