Zeus AWS Auditing & Hardening Tool
Zeus is a powerful tool for AWS EC2 / S3 / CloudTrail / CloudWatch / KMS best hardening practices. It checks security settings according to the profiles the user creates and changes them to recommended settings based on the CIS AWS Benchmark source at request of the user. Currently, it only includes the Logging mechanism. Identity and Access Management: - Avoid the use of the 'root' account - Ensure multi-factor authentication (MFA) is enabled for all IAM users that have a console password - Ensure credentials unused for 90 days or greater are disabled - Ensure access keys are rotated every 90 days or less - Ensure IAM password policy requires at least one uppercase letter - Ensure IAM password policy requires at least one lowercase letter - Ensure IAM password policy requires at least one symbol - Ensure IAM password policy requires at least one number - Ensure IAM password policy requires minimum length of 14 or greater - Ensure no root account access key exists - Ensure MFA is enabled for the 'root' account - Ensure security questions are registered in the AWS account - Ensure IAM policies are attached only to groups or role - Enable detailed billing - Maintain current conta
FEATURES
ALTERNATIVES
A tool for spinning up insecure AWS infrastructure with Terraform for training and security assessment purposes.
A multi-cloud tool for centralizing assets across multiple clouds with minimal configuration.
An AWS Lambda auditing tool that provides asset visibility and actionable results through statistical analysis and security checks.
Exploit that launches a process on the host from within a Docker container run with the --privileged flag by abusing the Linux cgroup v1 “notification on release” feature.
A framework to analyze container images and gather useful information.
Open-source project for detecting security risks in cloud infrastructure accounts with support for AWS, Azure, GCP, OCI, and GitHub.
A Python script that lists all main resources of your AWS account, helping you find resources that affect billing and/or security.
Multi-cloud OSINT tool for enumerating public resources in AWS, Azure, and Google Cloud.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
System Two Security
An AI-powered platform that automates threat hunting and analysis by processing cyber threat intelligence and generating customized hunt packages for SOC teams.
Aikido Security
Aikido is an all-in-one security platform that combines multiple security scanning and management functions for cloud-native applications and infrastructure.
Permiso
Permiso is an Identity Threat Detection and Response platform that provides comprehensive visibility and protection for identities across multiple cloud environments.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.