aws-security-365 icon indicating copy to clipboard operation
aws-security-365 copied to clipboard

Published 20 hours ago verified publisher icon praveensastry

Metadata

A collection of open source tools to assess, harden and audit various AWS services from a security perspective

aws-security-365

A collection of open source tools to assess, harden and audit various AWS services from a security perspective

Hardening and Security Assessment

  • Scout2: https://github.com/nccgroup/Scout2 - Security auditing tool for AWS environments (Python)
  • Prowler: https://github.com/toniblyx/prowler - CIS benchmarks and additional checks for security best practices in AWS (Shell Script)
  • CloudSploit: https://github.com/cloudsploit/scans - AWS security scanning checks (NodeJS)
  • CloudMapper: https://github.com/duo-labs/cloudmapper - helps you analyze your AWS environments (Python)
  • CloudTracker: https://github.com/duo-labs/cloudtracker - helps you find over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies (Python)
  • AWS Security Benchmarks: https://github.com/awslabs/aws-security-benchmark - scrips and templates guidance related to the AWS CIS Foundation framework (Python)
  • AWS Public IPs: https://github.com/arkadiyt/aws_public_ips - Fetch all public IP addresses tied to your AWS account. Works with IPv4/IPv6, Classic/VPC networking, and across all AWS services (Ruby)
  • PMapper: https://github.com/nccgroup/PMapper - Advanced and Automated AWS IAM Evaluation (Python)
  • SkyArk: https://github.com/cyberark/SkyArk - SkyArk provides advanced discovery and security assessment for the most privileged entities in the tested AWS.

Offensive

  • weirdALL: https://github.com/carnal0wnage/weirdAAL - AWS Attack Library
  • Pacu: https://github.com/RhinoSecurityLabs/pacu - AWS penetration testing toolkit
  • Cred Scanner: https://github.com/disruptops/cred_scanner
  • AWS PWN: https://github.com/dagrz/aws_pwn
  • Cloudfrunt: https://github.com/MindPointGroup/cloudfrunt
  • Cloudjack: https://github.com/prevade/cloudjack
  • Nimbostratus: https://github.com/andresriancho/nimbostratus

Continuous Security Auditing

  • AWS Config: Repository of sample Custom Rules for AWS Config: https://github.com/awslabs/aws-config-rules
  • AWS Security Automation: https://github.com/awslabs/aws-security-automation - AWS scripts and resources for DevSecOps and automated incident response
  • Security Monkey: https://github.com/Netflix/security_monkey
  • Krampus: (as Security Monkey complement) https://github.com/sendgrid/krampus
  • Cloud Inquisitor: https://github.com/RiotGames/cloud-inquisitor
  • CloudCustodian: https://github.com/capitalone/cloud-custodian
  • AWS Key Disabler: Disable keys after X days: https://github.com/te-papa/aws-key-disabler
  • Repokid Least Privilege: https://github.com/Netflix/repokid
  • Wazuh CloudTrail module: https://documentation.wazuh.com/current/amazon/index.html
  • Hammer: https://github.com/dowjones/hammer
  • Streamalert: https://github.com/airbnb/streamalert
  • Billing Alerts: Billing Alerts CFN templates https://github.com/btkrausen/AWS/tree/master/CloudFormation/Billing%20Alerts

Incident Response:

  • AWS IR: https://github.com/ThreatResponse/aws_ir - AWS specific Incident Response and Forensics Tool
  • Margaritashotgun: https://github.com/ThreatResponse/margaritashotgun - Linux memory remote acquisition tool
  • LiMEaide: https://kd8bny.github.io/LiMEaide/ - Linux memory remote acquisition tool
  • Diffy: https://github.com/Netflix-Skunkworks/diffy - Triage tool used during cloud-centric security incidents

Serverless:

  • Puresec CLI : https://github.com/puresec/serverless-puresec-cli - Serverless plugin for least privileges

Development Security

  • CFN NAG: https://github.com/stelligent/cfn_nag - CloudFormation security test (Ruby)
  • Git-secrets: https://github.com/awslabs/git-secrets

S3 Buckets Auditing

  • Sandcastle: https://github.com/Parasimpaticki/sandcastle
  • Mass3: https://github.com/smiegles/mass3
  • S3enum: https://github.com/koenrh/s3enum
  • S3 Bucketeers: https://github.com/tomdev/teh_s3_bucketeers/
  • Bucket Stream: https://github.com/eth0izzle/bucket-stream
  • S3 Buckets Finder: https://github.com/gwen001/s3-buckets-finder
  • S3 Find: https://github.com/aaparmeggiani/s3find
  • Slurp: https://github.com/bbb31/slurp
  • S3 Inspector: https://github.com/kromtech/s3-inspector
  • S3 Fuzzer: https://github.com/petermbenjamin/s3-fuzzer
  • AWS Bucket Dump: https://github.com/jordanpotti/AWSBucketDump
  • S3 Scan: https://github.com/bear/s3scan
  • S3 Scanner: https://github.com/sa7mon/S3Scanner
  • S3 Finder: https://github.com/magisterquis/s3finder
  • S3 Scan: https://github.com/abhn/S3Scan
  • Honey Buckets: https://breachinsider.com/honey-buckets/
  • Buchhacker: https://www.thebuckhacker.com/
  • Gray Hat Warfare: https://buckets.grayhatwarfare.com/
  • S3 Meta: https://github.com/whitfin/s3-meta

Iventory Management:

  • AWS-Inventory: https://github.com/nccgroup/aws-inventory - Make a inventory of all your resources across regions (Python)
  • Resource Counter: https://github.com/disruptops/resource-counter - Counts number of resources in categories across regions
  • ICE: https://github.com/Teevity/ice - Ice provides insights from a usage and cost perspective, with high detail dashboards

Training:

  • http://flaws.cloud/
  • https://github.com/RhinoSecurityLabs/cloudgoat

Thanks to @toniblyx for the original repo

Metadata

16
Stars
2
Forks
Watchers

Owner

verified publisher icon praveensastry

Metadata

A collection of open source tools to assess, harden and audit various AWS services from a security perspective

Back