A collection of open source cloud security tools
Uncategorized
- duo-labs/cloudMapper creates network diagrams of AWS environments
- nccgroup/PMapper - A tool for quickly evaluating IAM permissions in AWS
- dagrz/aws_pwn - A collection of AWS penetration testing junk
- andresriancho/nimbostratus - Tools for fingerprinting and exploiting Amazon cloud infrastructures
- arkadiyt/aws_public_ips - Fetch all public IP addresses tied to your AWS account. Works with IPv4/IPv6, Classic/VPC networking, and across all AWS services
- carnal0wnage/weirdAAL - WeirdAAL (AWS Attack Library)
- bchew/dynamodump - Simple backup and restore for Amazon DynamoDB using boto
- nccgroup/Scout2 - Security auditing tool for AWS environments
- toniblyx/prowler - AWS Security Best Practices Assessment, Auditing, Hardening and Forensics Readiness Tool
- disruptops/resource-counter - counts the number of resources in different categories across Amazon regions
- capitalone/cloud-custodian - Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources
- RhinoSecurityLabs/pacu - Rhino Security Labs' AWS penetration testing toolkit
Credentials
CloudFormation
- stelligent/cfn_nag - Linting tool for CloudFormation templates
- Skyscanner/cfripper - Lambda function to "rip apart" a CloudFormation template and check it for security compliance.
S3 tool
- jordanpotti/AWSBucketDump - a tool to quickly enumerate AWS S3 buckets to look for loot
- https://github.com/tomdev/teh_s3_bucketeers/
- sa7mon/S3Scanner - Scan for open S3 buckets and dump
- Quikko/BuQuikker - Supports multi threading for the bucketeer script
- glen-mac/goGetBucket - AWS S3 Bucket discovery through alterations and permutations
- nahamsec/lazys3 - A Ruby script to bruteforce for AWS s3 buckets using different permutations
- bbb31/slurp - Enumerate S3 buckets via certstream, domain, or keywords
- kromtech/s3-inspector - Tool to check AWS S3 bucket permissions
- fransr/bucket-disclose.sh - Using error messages to decloak an S3 bucket. Uses soap, unicode, post, multipart, streaming and index listing as ways of figure it out
- W00t3k/inSp3ctor - AWS S3 Bucket/Object Finder - S3域名爆破
Auditing
- DenizParlak/Zeus - AWS Auditing & Hardening Tool
- SecurityFTW/cs-suite - Cloud Security Suite - One stop tool for auditing the security posture of AWS & GCP infrastructure
- RiotGames/cloud-inquisitor - Enforce ownership and data security within AWS
- Netflix/security_monkey - monitors your AWS and GCP accounts for policy changes and alerts on insecure configurations
- cloudsploit/scans - AWS security scanning checks
- Netflix/repokid - AWS Least Privilege for Distributed, High-Velocity Deployment