#Cloudsecurity
Showing 32 of 32 repositories tagged #cloudsecurity, ranked by stars
Prowler is the world’s most widely used open-source cloud security platform that automates security and compliance across any cloud environment.
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀
Open Source Cloud Native Application Protection Platform (CNAPP)
Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
IAM Least Privilege Policy Generator
awesome cloud security 收集一些国内外不错的云安全资源,该项目主要面向国内的安全人员
A secure low code deception runtime framework, leveraging AI for System Virtualization.
This repo includes Books and imp notes related to GCP, Azure, AWS, Docker, K8s, and DevOps. More, exam and interview prep notes.
T Wiki 云安全知识文库,可能是国内首个云安全知识文库?
Cloudlist is a tool for listing Assets from multiple Cloud Providers.
Extensible auto-tagger for your IaC files. The ultimate way to link entities in the cloud back to the codified resource which created it.
Open Source Cloud Security
LC(List Cloud)是一个多云攻击面资产梳理工具
TerraformGoat is HXSecurity research lab's "Vulnerable by Design" multi cloud deployment tool.
一款帮助云租户发现和测试云上风险、增强云上防护能力的综合性开源工具
文章 Attack Code 的详细全文。安全和开发总是具有伴生属性,尤其是云的安全方向,本篇文章是希望能帮助到读者的云安全入门材料。Full text of the article Attack Code. Security and development always have concomitant attributes, and this is especially true with the security direction of the cloud. This article is an introduction to cloud security that I hope will help readers.
Vajra is a UI-based tool with multiple techniques for attacking and enumerating in the target's Azure and AWS environment. It features an intuitive web-based user interface built with the Python Flask module for a better user experience. The primary focus of this tool is to have different attacking techniques all at one place with web UI interfaces.
Trustline: Check external access on your AWS account
Monitor the internet attack surface of various public cloud environments. Currently supports AWS, GCP, Azure, DigitalOcean and Oracle Cloud.
Learn DevSecOps and Cloud Security Engineering fundamentals.
Curating Falco rules with MITRE ATT&CK Matrix
Lightweight security tool for auditing your organization's Conditional Access Policies (CAPs) in Microsoft Entra ID for potential misconfigurations.
Blogpost series showcasing interesting cloud - web app security bugs
A schema and set of tools for using SQL to query cloud infrastructure.
A Lambda-powered Security Orchestration framework for AWS GuardDuty
OWASP EKS Goat is a deliberately vulnerable EKS cluster environment to explore AWS cloud-native security through hands-on attack and defense labs with walkthrough.
This repository contains links to awesome security articles.
HazProne is a Cloud Pentesting Framework that emulates close to Real-World Scenarios by deploying Vulnerable-By-Demand AWS resources enabling you to pentest Vulnerabilities within, and hence, gain a better understanding of what could go wrong and why!!
CyberSec Resources: FRAMEWORKS & STANDARDS; Pentesting Audits & Hacking; PURPLE TEAMING, AD, API, web, clouds, CTF, OSINT, Pentest tools, Network Security, Privilege escalation, Exploiting, Reversing, Secure Code, Bug Bounty, ...
读过的安全文章离线归档 | begin in 2023.11.23
Multi-arch Docker images to perform security operations via containerized workflows.