toniblyx
my-arsenal-of-aws-security-tools
Shell

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

Last updated Jul 8, 2026
9.5k
Stars
1.6k
Forks
7
Issues
+2
Stars/day
Attention Score
99
Language breakdown
Shell 87.9%
Makefile 12.1%
โ–ธ Files click to expand
README

Table of Contents

Contribute

Do you want to contribute to this list? Feel free to send a PR and make sure your tool is Open Source.

| Name | Description | Popularity | Metadata | | ---------- | :---------- | :----------: | :----------: | | My Arsenal of AWS Security Tools | This list of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.|stars| contributors watchers last-commit open-issues closed-issues |

Defensive: Hardening, Security Assessment and Inventory

| Name | Description | Popularity | Metadata | | ---------- | :---------- | :----------: | :----------: | | Prowler | Prowler is an Open Source Security tool for AWS, Azure and GCP to perform Cloud Security best practices assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more. (Python) |stars| contributorswatcherslast-commit open-issues closed-issues | | CloudMapper | helps you analyze your AWS environments (Python) |stars| contributorswatcherslast-commit open-issues closed-issues | | ScoutSuite | Multi-Cloud Security auditing tool for AWS Google Cloud and Azure environments (python) |stars| contributorswatcherslast-commit open-issues closed-issues | | CloudCustodian | Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources |stars| contributorswatcherslast-commit open-issues closed-issues | | ICE | Ice provides insights from a usage and cost perspective with high detail dashboards. |stars| contributorswatcherslast-commit open-issues closed-issues | | CloudSploit Scans | AWS security scanning checks (NodeJS) |stars| contributorswatcherslast-commit open-issues closed-issues | | AWS Network Access Analyzer | Automation for Amazon VPC Network Access Analyzer to identify all possible Internet Gateway reachability for your resources across all your AWS accounts |stars| contributorswatcherslast-commit open-issues closed-issues | | CloudTracker | helps you find over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies (Python) |stars| contributorswatcherslast-commit open-issues closed-issues | | AWS Security Benchmarks | scripts and templates guidance related to the AWS CIS Foundation framework (Python) |stars| contributorswatcherslast-commit open-issues closed-issues | | AWS Public IPs | Fetch all public IP addresses tied to your AWS account. Works with IPv4/IPv6 Classic/VPC networking and across all AWS services (Ruby) |stars| contributorswatcherslast-commit open-issues closed-issues | | PMapper | Advanced and Automated AWS IAM Evaluation (Python) |stars| contributorswatcherslast-commit open-issues closed-issues | | nccgroup AWS-Inventory | Make a inventory of all your resources across regions (Python) |stars| contributorswatcherslast-commit open-issues closed-issues | | Resource Counter | Counts number of resources in categories across regions |stars| contributorswatcherslast-commit open-issues closed-issues | | SkyArk | SkyArk provides advanced discovery and security assessment for the most privileged entities in the tested AWS. |stars| contributorswatcherslast-commit open-issues closed-issues | | findmytakeover | find dangling domains in a multi cloud environment | stars | contributors watchers last-commit open-issues closed-issues | | Trailblazer AWS | Trailblazer AWS determine what AWS API calls are logged by CloudTrail and what they are logged as. You can also use TrailBlazer as an attack simulation framework. |stars| contributorswatcherslast-commit open-issues closed-issues | | Lunar | Security auditing tool based on several security frameworks (it does some AWS checks) |stars| contributorswatcherslast-commit open-issues closed-issues | | Cloud-reports | Scans your AWS cloud resources and generates reports |stars| contributorswatcherslast-commit open-issues closed-issues | | Pacbot | Platform for continuous compliance monitoring compliance reporting and security automation for the cloud |stars| contributorswatcherslast-commit open-issues closed-issues | | cs-suite | Integrates tools like Scout2 and Prowler among others |stars| contributorswatcherslast-commit open-issues closed-issues | | aws-key-disabler | A small lambda script that will disable access keys older than a given amount of days |stars| contributorswatcherslast-commit open-issues closed-issues | | Antiope | AWS Inventory and Compliance Framework |stars| contributorswatcherslast-commit open-issues closed-issues | | Cloud Reports | Scans your AWS cloud resources and generates reports and includes security best practices. |stars| contributorswatcherslast-commit open-issues closed-issues | | Terraform AWS Secure Baseline | Terraform module to set up your AWS account with the secure |stars| contributorswatcherslast-commit open-issues closed-issues | | ZeusCloud | Discover, prioritize, and remediate security risks in your AWS cloud environments. | stars| contributors watchers last-commit open-issues closed-issues | | Cartography | Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database. |stars| contributorswatcherslast-commit open-issues closed-issues | | TrailScraper | A command-line tool to get valuable information out of AWS CloudTrail |stars| contributorswatcherslast-commit open-issues closed-issues | | Komiser | Cloud Environment Inspector analyze and manage cloud cost usage security and governance in one place. |stars| contributorswatcherslast-commit open-issues closed-issues | | Perimeterator | AWS perimeter monitoring. Periodically scan internet facing AWS resources to detect misconfigured services |stars| contributorswatcherslast-commit open-issues closed-issues | | PolicySentry | IAM Least Privilege Policy Generator auditor and analysis database |stars| contributorswatcherslast-commit open-issues closed-issues | | Zeus | AWS Auditing & Hardening Tool |stars| contributorswatcherslast-commit open-issues closed-issues | | janiko71 AWS-inventory | Python script for AWS resources inventory |stars| contributorswatcherslast-commit open-issues closed-issues | | awspx | A graph-based tool for visualizing effective access and resource relationships in AWS environments |stars| contributorswatcherslast-commit open-issues closed-issues | | clinv | DevSecOps command line asset inventory tool |stars| contributorswatcherslast-commit open-issues closed-issues | | aws-gate | Enhanced AWS SSM Session manager CLI client |stars| contributors watchers last-commit open-issues closed-issues | | Detecting Credential Compromise | Detecting of your compromised credential in AWS |stars| contributorswatcherslast-commit open-issues closed-issues| | AWS-Security-Toolbox (AST) | AWS Security Toolbox (Docker Image) for Security Assessments |stars| contributors watchers last-commit open-issues closed-issues | | iam-lint | Github action for linting AWS IAM policy documents for correctness and possible security issues |stars| contributors watchers last-commit open-issues closed-issues | | aws-security-viz | A tool to visualize aws security groups. |stars| contributors watchers last-commit open-issues closed-issues | | AirIAM | Least privilege AWS IAM using Terraform |stars| contributors watchers last-commit open-issues closed-issues | | Cloudsplaining | AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized HTML report. |stars| contributors watchers last-commit open-issues closed-issues | | iam-policy-generator | A simple library to generate IAM policy statements with no need to remember all the actions APIs | stars | contributors watchers last-commit open-issues closed-issues | | SkyWrapper | SkyWrapper helps to discover suspicious creation forms and uses of temporary tokens in AWS | stars | contributors watchers last-commit open-issues closed-issues | | aws-recon | Multi-threaded AWS inventory collection tool | stars | contributors watchers last-commit open-issues closed-issues | | iam-policies-cli | A CLI tool for building simple to complex IAM policies | stars | contributors watchers last-commit open-issues closed-issues | | Aaia | AWS Identity and Access Management Visualizer and Anomaly Finder | stars | contributors watchers last-commit open-issues closed-issues | | iam-floyd | IAM policy statement generator with fluent interface - Available for Node.js, Python, .Net and Java | stars | contributors watchers last-commit open-issues closed-issues | | rpCheckup | AWS resource policy security checkup tool that identifies public, external account access, intra-org account access, and private resources. | stars | contributors watchers last-commit open-issues closed-issues | | S3 Exif Cleaner | Remove EXIF data from all objects in an S3 bucket |stars| contributorswatcherslast-commit open-issues closed-issues | | Steampipe | Use SQL to instantly query your cloud services (AWS, Azure, GCP and more). Open source CLI. No DB required. (SQL) |stars| contributorswatcherslast-commit open-issues closed-issues | | access-undenied-aws | Parses AWS AccessDenied CloudTrail events, explains the reasons for them, and offers actionable remediation steps. | stars | contributors watchers last-commit open-issues closed-issues | | Metabadger | Prevent SSRF attacks on AWS EC2 via automated upgrades to the more secure Instance Metadata Service v2 (IMDSv2). |stars| contributorswatcherslast-commit open-issues closed-issues | | AWS-Firewall Factory | Deploy, update, and stage your WAFs while managing them centrally via FMS (CDK) |stars| contributors watchers last-commit open-issues closed-issues | | IAMSpy | A library that utilises the Z3 prover to attempt to answer questions about AWS IAM. |stars| contributors watchers last-commit open-issues closed-issues | | nuvola | Dump and perform automatic and manual security analysis on AWS environments configurations and services using predefined, extensible and custom rules created using a simple Yaml syntax |stars| contributorswatcherslast-commit open-issues closed-issues | | aws-security-architectures | Architectures for AWS security. (Detect, Alarm, Macie, etc.) Many architectures will be added in the future. |stars| contributors watchers last-commit open-issues closed-issues | | MetaHub for AWS Security Hub | MetaHub is the CLI utility for AWS Security Hub which provides you with extra functionality like grouping your findings by affected reources, executing MetaChecks and MetaTags directly in the affected resource for enriching your findings, filters on top of MetaChecks and MetaTags, different reports like CSV, JSON and HTML, bulk updates, and enriching your findings directly in AWS Security Hub. | stars | contributors watchers last-commit open-issues closed-issues | | Matano | Matano is an open source cloud-native security lake platform (SIEM alternative) for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS. | stars | contributors watchers last-commit open-issues
๐Ÿ”— More in this category

ยฉ 2026 GitRepoTrend ยท toniblyx/my-arsenal-of-aws-security-tools ยท Updated daily from GitHub