8,816 tools
A proof-of-concept toolkit for fingerprinting and exploiting Amazon Web Services cloud infrastructures using the boto library.
A proof-of-concept toolkit for fingerprinting and exploiting Amazon Web Services cloud infrastructures using the boto library.
A shell script-based Unix security auditing tool that generates scored compliance reports based on CIS frameworks and provides lockdown capabilities with rollback functionality.
A shell script-based Unix security auditing tool that generates scored compliance reports based on CIS frameworks and provides lockdown capabilities with rollback functionality.
A cloud security assessment tool that collects cloud resource information, analyzes it against best practices, and generates compliance reports in multiple formats.
A cloud security assessment tool that collects cloud resource information, analyzes it against best practices, and generates compliance reports in multiple formats.
A Python-based modular incident response tool for AWS environments that enables automated security actions across EC2, IAM, VPC, and other AWS resources.
A Python-based modular incident response tool for AWS environments that enables automated security actions across EC2, IAM, VPC, and other AWS resources.
A Ruby-based tool that creates visual diagrams of AWS EC2 security group configurations to help understand network access patterns and security relationships.
A Ruby-based tool that creates visual diagrams of AWS EC2 security group configurations to help understand network access patterns and security relationships.
Security Monkey monitors AWS, GCP, and OpenStack environments for policy changes and insecure configurations, providing historical tracking and alerting capabilities through a centralized interface.
Security Monkey monitors AWS, GCP, and OpenStack environments for policy changes and insecure configurations, providing historical tracking and alerting capabilities through a centralized interface.
ASH is an automated security scanning tool that integrates multiple open-source security scanners to perform preliminary security checks on code, infrastructure, and IAM configurations during development.
ASH is an automated security scanning tool that integrates multiple open-source security scanners to perform preliminary security checks on code, infrastructure, and IAM configurations during development.
A command-line tool for searching AWS CloudWatch logs using pattern matching with configurable parameters for log groups, time ranges, and regions.
A command-line tool for searching AWS CloudWatch logs using pattern matching with configurable parameters for log groups, time ranges, and regions.
A collection of Python scripts for conducting penetration testing activities against Amazon Web Services (AWS) environments.
A collection of Python scripts for conducting penetration testing activities against Amazon Web Services (AWS) environments.
TrailScraper is a command-line tool for extracting information from AWS CloudTrail logs and generating IAM policies based on actual API usage patterns.
TrailScraper is a command-line tool for extracting information from AWS CloudTrail logs and generating IAM policies based on actual API usage patterns.
A multi-cloud DNS security tool that detects dangling DNS records and potential subdomain takeover vulnerabilities by scanning cloud infrastructure and DNS zones.
A multi-cloud DNS security tool that detects dangling DNS records and potential subdomain takeover vulnerabilities by scanning cloud infrastructure and DNS zones.
Metabadger automates the upgrade of AWS EC2 instances to use the more secure Instance Metadata Service v2 (IMDSv2) to prevent SSRF attacks and reduce attack surface.
Metabadger automates the upgrade of AWS EC2 instances to use the more secure Instance Metadata Service v2 (IMDSv2) to prevent SSRF attacks and reduce attack surface.
An open-source framework that inventories and manages AWS resources across multiple accounts by collecting data via Cross Account Assume Roles and storing it in a centralized S3 bucket for analysis.
An open-source framework that inventories and manages AWS resources across multiple accounts by collecting data via Cross Account Assume Roles and storing it in a centralized S3 bucket for analysis.
Prevents you from committing passwords and other sensitive information to a git repository.
Prevents you from committing passwords and other sensitive information to a git repository.
Repokid automatically removes unused service permissions from AWS IAM role inline policies using Access Advisor data to implement least privilege access.
Repokid automatically removes unused service permissions from AWS IAM role inline policies using Access Advisor data to implement least privilege access.
A command-line tool that analyzes local CloudTrail files to detect off-instance AWS key usage patterns for security monitoring and forensic analysis.
A command-line tool that analyzes local CloudTrail files to detect off-instance AWS key usage patterns for security monitoring and forensic analysis.
A distributed AWS security auditing tool that continuously enumerates and scans internet-facing AWS services to identify potentially misconfigured resources.
A distributed AWS security auditing tool that continuously enumerates and scans internet-facing AWS services to identify potentially misconfigured resources.
A command line tool that counts and inventories AWS resources across multiple regions, providing visibility into cloud infrastructure with efficient API querying.
A command line tool that counts and inventories AWS resources across multiple regions, providing visibility into cloud infrastructure with efficient API querying.
A Python script that inventories and lists main AWS account resources to provide visibility into cloud infrastructure components that may impact billing or security.
A Python script that inventories and lists main AWS account resources to provide visibility into cloud infrastructure components that may impact billing or security.
A Python command line tool that scans directories for AWS credentials in files, designed for CI/CD integration to prevent credential exposure in builds.
A Python command line tool that scans directories for AWS credentials in files, designed for CI/CD integration to prevent credential exposure in builds.
rpCheckup is an AWS resource policy security analysis tool that identifies public, external, intra-organizational, and private resource access patterns across AWS accounts.
rpCheckup is an AWS resource policy security analysis tool that identifies public, external, intra-organizational, and private resource access patterns across AWS accounts.
StaDynA is a system supporting security app analysis in the presence of dynamic code update features.
StaDynA is a system supporting security app analysis in the presence of dynamic code update features.
FSquaDRA detects repackaged Android applications by computing Jaccard similarity over file digests within APK packages using pre-computed signing digests for improved performance.
FSquaDRA detects repackaged Android applications by computing Jaccard similarity over file digests within APK packages using pre-computed signing digests for improved performance.
A Python-based Docker security audit tool that performs CIS benchmark assessments with customizable profiles and JSON reporting capabilities.
A Python-based Docker security audit tool that performs CIS benchmark assessments with customizable profiles and JSON reporting capabilities.