-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
psastry
committed
Aug 8, 2018
1 parent
e4af23d
commit ef03109
Showing
1 changed file
with
85 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,2 +1,86 @@ | ||
| # aws-security-365 | ||
| A collection of open source tools to defend, attack, audit etc.. various AWS services | ||
|
|
||
| A collection of open source tools to assess, harden and audit various AWS services from a security perspective | ||
|
|
||
| # Hardening and Security Assessment | ||
|
|
||
| Scout2: https://github.com/nccgroup/Scout2 - Security auditing tool for AWS environments (Python) | ||
| Prowler: https://github.com/toniblyx/prowler - CIS benchmarks and additional checks for security best practices in AWS (Shell Script) | ||
| CloudSploit: https://github.com/cloudsploit/scans - AWS security scanning checks (NodeJS) | ||
| CloudMapper: https://github.com/duo-labs/cloudmapper - helps you analyze your AWS environments (Python) | ||
| CloudTracker: https://github.com/duo-labs/cloudtracker - helps you find over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies (Python) | ||
| AWS Security Benchmarks: https://github.com/awslabs/aws-security-benchmark - scrips and templates guidance related to the AWS CIS Foundation framework (Python) | ||
| AWS Public IPs: https://github.com/arkadiyt/aws_public_ips - Fetch all public IP addresses tied to your AWS account. Works with IPv4/IPv6, Classic/VPC networking, and across all AWS services (Ruby) | ||
| PMapper: https://github.com/nccgroup/PMapper - Advanced and Automated AWS IAM Evaluation (Python) | ||
| SkyArk: https://github.com/cyberark/SkyArk - SkyArk provides advanced discovery and security assessment for the most privileged entities in the tested AWS. | ||
|
|
||
| # Offensive | ||
|
|
||
| weirdALL: https://github.com/carnal0wnage/weirdAAL - AWS Attack Library | ||
| Pacu: https://github.com/RhinoSecurityLabs/pacu - AWS penetration testing toolkit | ||
| Cred Scanner: https://github.com/disruptops/cred_scanner | ||
| AWS PWN: https://github.com/dagrz/aws_pwn | ||
| Cloudfrunt: https://github.com/MindPointGroup/cloudfrunt | ||
| Cloudjack: https://github.com/prevade/cloudjack | ||
| Nimbostratus: https://github.com/andresriancho/nimbostratus | ||
|
|
||
| # Continuous Security Auditing | ||
|
|
||
| AWS Config: Repository of sample Custom Rules for AWS Config: https://github.com/awslabs/aws-config-rules | ||
| AWS Security Automation: https://github.com/awslabs/aws-security-automation - AWS scripts and resources for DevSecOps and automated incident response | ||
| Security Monkey: https://github.com/Netflix/security_monkey | ||
| Krampus (as Security Monkey complement) https://github.com/sendgrid/krampus | ||
| Cloud Inquisitor: https://github.com/RiotGames/cloud-inquisitor | ||
| CloudCustodian: https://github.com/capitalone/cloud-custodian | ||
| Disable keys after X days: https://github.com/te-papa/aws-key-disabler | ||
| Repokid Least Privilege: https://github.com/Netflix/repokid | ||
| Wazuh CloudTrail module: https://documentation.wazuh.com/current/amazon/index.html | ||
| Hammer: https://github.com/dowjones/hammer | ||
| Streamalert: https://github.com/airbnb/streamalert | ||
| Billing Alerts CFN templates https://github.com/btkrausen/AWS/tree/master/CloudFormation/Billing%20Alerts | ||
|
|
||
| # Incident Response: | ||
|
|
||
| AWS IR: https://github.com/ThreatResponse/aws_ir - AWS specific Incident Response and Forensics Tool | ||
| Margaritashotgun: https://github.com/ThreatResponse/margaritashotgun - Linux memory remote acquisition tool | ||
| LiMEaide: https://kd8bny.github.io/LiMEaide/ - Linux memory remote acquisition tool | ||
| Diffy: https://github.com/Netflix-Skunkworks/diffy - Triage tool used during cloud-centric security incidents | ||
|
|
||
| # Development Security | ||
|
|
||
| CFN NAG: https://github.com/stelligent/cfn_nag - CloudFormation security test (Ruby) | ||
| Git-secrets: https://github.com/awslabs/git-secrets | ||
|
|
||
| # S3 Buckets Auditing | ||
|
|
||
| https://github.com/Parasimpaticki/sandcastle | ||
| https://github.com/smiegles/mass3 | ||
| https://github.com/koenrh/s3enum | ||
| https://github.com/tomdev/teh_s3_bucketeers/ | ||
| https://github.com/eth0izzle/bucket-stream | ||
| https://github.com/gwen001/s3-buckets-finder | ||
| https://github.com/aaparmeggiani/s3find | ||
| https://github.com/bbb31/slurp | ||
| https://github.com/random-robbie/slurp | ||
| https://github.com/kromtech/s3-inspector | ||
| https://github.com/petermbenjamin/s3-fuzzer | ||
| https://github.com/jordanpotti/AWSBucketDump | ||
| https://github.com/bear/s3scan | ||
| https://github.com/sa7mon/S3Scanner | ||
| https://github.com/magisterquis/s3finder | ||
| https://github.com/abhn/S3Scan | ||
| https://breachinsider.com/honey-buckets/ | ||
| https://www.thebuckhacker.com/ | ||
| https://buckets.grayhatwarfare.com/ | ||
| https://github.com/whitfin/s3-meta | ||
|
|
||
| # Iventory Management: | ||
|
|
||
| AWS-Inventory: https://github.com/nccgroup/aws-inventory - Make a inventory of all your resources across regions (Python) | ||
| Resource Counter: https://github.com/disruptops/resource-counter - Counts number of resources in categories across regions | ||
| ICE: https://github.com/Teevity/ice - Ice provides insights from a usage and cost perspective, with high detail dashboards. | ||
|
|
||
| # Training: | ||
|
|
||
| http://flaws.cloud/ | ||
| https://github.com/RhinoSecurityLabs/cloudgoat |