#Cloud-security

Showing 60 of 82 repositories tagged #cloud-security, ranked by stars

mukul975
mukul975
Anthropic-Cybersecurity-Skills

817 structured cybersecurity skills for AI agents · Mapped to 6 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND, NIST AI RMF & MITRE F3 (Fight Fraud) · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platforms · 29 security domains · Apache 2.0

Score
100
★ 24.9k ⑂ 2.9k +494/day
Python
wazuh
wazuh
wazuh

Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

Score
100
★ 16.1k ⑂ 2.4k +4/day
C++
madhuakula
madhuakula
kubernetes-goat

Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀

Score
98
★ 5.7k ⑂ 1.0k +7/day
HTML
tenable
tenable
terrascan

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

Score
50
★ 5.2k ⑂ 555
Go
Hack-with-Github
Hack-with-Github
Free-Security-eBooks

Free Security and Hacking eBooks

Score
86
★ 4.9k ⑂ 1.1k +3/day
Hacking-the-Cloud
Hacking-the-Cloud
hackingthe.cloud

An encyclopedia for offensive and defensive security knowledge in cloud native technologies.

Score
96
★ 2.7k ⑂ 497 +8/day
Dockerfile
BishopFox
BishopFox
cloudfox

Automating situational awareness for cloud penetration tests.

Score
100
★ 2.5k ⑂ 243 +1/day
Go
4ndersonLin
4ndersonLin
awesome-cloud-security

🛡️ Awesome Cloud Security Resources ⚔️

Score
91
★ 2.5k ⑂ 373 +2/day
DataDog
DataDog
stratus-red-team

:cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud

Score
95
★ 2.4k ⑂ 307 +2/day
Go
salesforce
salesforce
cloudsplaining

Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.

Score
93
★ 2.2k ⑂ 217 +2/day
JavaScript
teamssix
teamssix
awesome-cloud-security

awesome cloud security 收集一些国内外不错的云安全资源,该项目主要面向国内的安全人员

Score
77
★ 2.1k ⑂ 237 +3/day
matanolabs
matanolabs
matano

Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS

Score
0
★ 1.7k ⑂ 121
Rust
chaitin
chaitin
veinmind-tools

veinmind-tools 是由长亭科技自研,基于 veinmind-sdk 打造的容器安全工具集

Score
74
★ 1.6k ⑂ 186 +1/day
Go
jassics
jassics
awesome-aws-security

Curated list of links, references, books videos, tutorials (Free or Paid), Exploit, CTFs, Hacking Practices etc. which are related to AWS Security

Score
89
★ 1.6k ⑂ 328 +2/day
tmobile
tmobile
pacbot

PacBot (Policy as Code Bot)

Score
72
★ 1.3k ⑂ 281
Java
bridgecrewio
bridgecrewio
terragoat

TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.

Score
100
★ 1.3k ⑂ 5.8k +2/day
HCL
SecurityFTW
SecurityFTW
cs-suite

Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.

Score
68
★ 1.2k ⑂ 209
Shell
Zeyad-Azima
Zeyad-Azima
Offensive-Resources

A Huge Learning Resources with Labs For Offensive Security Players

Score
84
★ 1.2k ⑂ 244 +1/day
0xsha
0xsha
CloudBrute

Awesome cloud enumerator

Score
67
★ 1.1k ⑂ 159 +2/day
Go
edgelesssys
edgelesssys
constellation

Constellation is a Kubernetes distribution for confidential computing, securing entire clusters on untrusted infrastructure. Constellation is in maintenance mode. New development continues in Contrast, which provides workload-level confidential computing using Confidential Containers. 👉 https://github.com/edgelesssys/contrast

Score
93
★ 1.1k ⑂ 62
Go
stackql
stackql
stackql

Query, provision and operate Cloud, SaaS, API and Model Context Protocol (MCP) resources through a unified SQL-based framework for humans and AI agents.

Score
0
★ 861 ⑂ 80
Go
uphiago
uphiago
recon-skills

156 offensive security skills for recon and pentest. Field-validated techniques from 600+ targets across 45+ sectors. Updated with browser fingerprint evasion, anti-bot bypass, hardcoded credential hunting, SCADA/ICS enumeration.

Score
88
★ 723 ⑂ 138 +146/day
Python
opengovern
opengovern
opensecurity

opensecurity: open-source security and compliance. See and secure your cloud, containers, code, networks, deployments, devices. Define your rules, get precise checks, fix gaps fast. Streamlined audits. No fluff.

Score
56
★ 716 ⑂ 29
TypeScript
Funkmyster
Funkmyster
awesome-cloud-security

A curated list of awesome cloud security blogs, podcasts, standards, projects, and examples.

Score
61
★ 666 ⑂ 130
HXSecurity
HXSecurity
TerraformGoat

TerraformGoat is HXSecurity research lab's "Vulnerable by Design" multi cloud deployment tool.

Score
58
★ 638 ⑂ 94
HCL
Esonhugh
Esonhugh
Attack_Code

文章 Attack Code 的详细全文。安全和开发总是具有伴生属性,尤其是云的安全方向,本篇文章是希望能帮助到读者的云安全入门材料。Full text of the article Attack Code. Security and development always have concomitant attributes, and this is especially true with the security direction of the cloud. This article is an introduction to cloud security that I hope will help readers.

Score
51
★ 560 ⑂ 39 +1/day
Shell
jassics
jassics
security-interview-questions

Security interview questions with possible explanation for roles in AppSec, Pentesting, Cloud Security, DevSecOps, Network Security and so on

Score
82
★ 468 ⑂ 94
vectra-ai-research
vectra-ai-research
MAAD-AF

MAAD Attack Framework - An attack tool for simple, fast & effective security testing of M365 & Entra ID (Azure AD).

Score
79
★ 428 ⑂ 63
PowerShell
jassics
jassics
cybersecurity-roadmap

Skills and career roadmap for various security roles like application security, cloud security, DevSecOps, security engineer, security researchers, pentesting, api security, network security, mobile security and so on with helpful resources, guidelines

Score
81
★ 427 ⑂ 59 +2/day
Aabyss-Team
Aabyss-Team
awsKeyTools

AWS云平台 AccessKey 泄漏利用工具

Score
46
★ 396 ⑂ 47
Python
awslabs
awslabs
iam-policy-autopilot

IAM Policy Autopilot is an open source static code analysis tool that helps you quickly create baseline AWS IAM policies that you can refine as your application evolves. This tool is available as a command-line utility and MCP server for use within AI coding assistants for quickly building IAM policies.

Score
100
★ 376 ⑂ 42
Rust
BishopFox
BishopFox
smogcloud

Find cloud assets that no one wants exposed 🔎 ☁️

Score
44
★ 350 ⑂ 33
Go
AabyssZG
AabyssZG
Docker-TCP-Scan

旨在以攻促防,针对Docker TCP socket的开源利用工具

Score
42
★ 345 ⑂ 27
Python
mazen160
mazen160
tfquery

tfquery: Run SQL queries on your Terraform infrastructure. Query resources and analyze its configuration using a SQL-powered framework.

Score
36
★ 332 ⑂ 19
Python
Metarget
Metarget
awesome-cloud-native-security

awesome resources about cloud native security 🐿

Score
57
★ 328 ⑂ 57
kosty-cloud
kosty-cloud
kosty

Scan 30+ AWS services. Find cost waste. Detect security gaps. Map your attack surface. One command.

Score
86
★ 270 ⑂ 24
Python
antgroup
antgroup
CloudRec

CloudRec is an open source multi-cloud security posture management (CSPM) platform designed to help organizations improve the security of their cloud environments.

Score
75
★ 187 ⑂ 24 +1/day
Go
YDCloudSecurity
YDCloudSecurity
cloud-security-guides
Score
29
★ 180 ⑂ 7
depalmar
depalmar
ai_for_the_win

Build AI-powered security tools. 50+ hands-on labs covering ML, LLMs, RAG, threat detection, DFIR, and red teaming. Includes Colab notebooks, Docker environment, and CTF challenges.

Score
70
★ 151 ⑂ 23
Python
rezmoss
rezmoss
cloud-provider-ip-addresses

Daily-updated IP ranges for 35+ providers (AWS, Azure, GCP, Cloudflare, GitHub, Fastly, Linode + GoogleBot, BingBot, GPTBot) in 12+ formats: TXT, JSON, CSV, SQL, Nginx, Apache, iptables, nftables, UFW, HAProxy, Caddy + merged CIDRs

Score
79
★ 146 ⑂ 16 +5/day
Shell
iknowjason
iknowjason
AriaCloud

A Docker container for remote penetration testing.

Score
32
★ 141 ⑂ 28
HCL
riskprofiler
riskprofiler
CloudFrontier

Monitor the internet attack surface of various public cloud environments. Currently supports AWS, GCP, Azure, DigitalOcean and Oracle Cloud.

Score
53
★ 134 ⑂ 23
Lua
7WaySecurity
7WaySecurity
cloud_osint

☁️ Curated Cloud OSINT resources — dorks, tools, and techniques for AWS, Azure, GCP, Oracle Cloud, and other major providers reconnaissance

Score
65
★ 133 ⑂ 19
cleancloud-io
cleancloud-io
cleancloud

The cloud hygiene platform - including AI and GPU infrastructure

Score
71
★ 118 ⑂ 9
Python
dm-fedorov
dm-fedorov
cybersecurity-roadmap

Схема карьерных треков в кибербезопасности

Score
35
★ 99 ⑂ 20
TocConsulting
TocConsulting
awsmap

A fast, comprehensive tool for mapping and inventorying AWS resources across 150+ services and all regions.

Score
0
★ 95 ⑂ 13
Python
groovyBugify
groovyBugify
aws-security-mcp

A Model Context Protocol server that connects AI assistants like Claude to AWS security services, allowing them to autonomously query, inspect, and analyze AWS infrastructure for security issues and misconfigurations.

Score
0
★ 84 ⑂ 15 +1/day
Python
madhuakula
madhuakula
spotter

Spotter is a comprehensive Kubernetes security scanner that uses CEL-based rules to identify security vulnerabilities, misconfigurations, and compliance violations across your Kubernetes clusters, manifests, and CI/CD pipelines.

Score
25
★ 76 ⑂ 1
Go
CloudDefenseAI
CloudDefenseAI
AWSZeroTrustPolicy

Adaptive AWS Zero Trust Policy made easy: Auto-generate least-privilege policies based on user activity in real time! Accelerate the adoption of smart access control

Score
19
★ 75 ⑂ 15
Python
s0cm0nkey
s0cm0nkey
Security-Reference-Guide

Curated cyber security resources for blue team, red team, DFIR, OSINT, AppSec, cloud security, security logging, and training.

Score
63
★ 75 ⑂ 30
HTML
arceuzvx
arceuzvx
Cybersecurity_resources

A comprehensive collection of free cybersecurity eBooks categorized by topics and updated regularly

Score
49
★ 70 ⑂ 9 +2/day
EEN421
EEN421
KQL-Queries

Ian Hanley's deceptively simple KQL queries.

Score
54
★ 68 ⑂ 13
goldfiglabs
goldfiglabs
introspector

A schema and set of tools for using SQL to query cloud infrastructure.

Score
16
★ 66 ⑂ 5
Python
gebalamariusz
gebalamariusz
cloud-audit

Fast, opinionated AWS security scanner. Curated checks. Zero noise. Copy-paste fixes.

Score
60
★ 65 ⑂ 13 +2/day
Python
AirWalk-Digital
AirWalk-Digital
AWSXenos

AWSXenos will list all the trust relationships in all the IAM roles, S3 buckets, and more

Score
14
★ 64 ⑂ 5
Python
bogdanticu88
bogdanticu88
threatmap

IaC threat modeler with STRIDE, MITRE ATT&CK, and PASTA frameworks. REST API, GraphQL, and Docker support for Terraform, CloudFormation, and Kubernetes.

Score
64
★ 60 ⑂ 9
Python
ncc-erik-steringer
ncc-erik-steringer
Aerides

An implementation of infrastructure-as-code scanning using dynamic tooling.

Score
7
★ 56 ⑂ 0
HCL
Adversis
Adversis
PandorasBox

Security tool to quickly audit Public Box files and folders.

Score
18
★ 56 ⑂ 22
Python
kopexa-grc
kopexa-grc
kspec

A modern, extensible framework for defining and enforcing security policies across your digital infrastructure.

Score
0
★ 52 ⑂ 3
Go
pwnedlabs
pwnedlabs
pwncloudos

PWNCLOUDOS

Score
47
★ 52 ⑂ 7
Python
Related Topics
#security#aws#aws-security#cloud#cybersecurity#devsecops#security-tools#azure#gcp#penetration-testing#infosec#docker

© 2026 GitRepoTrend · GitHub repositories by topic · Updated weekly