#
cloudsecurity
Here are 47 public repositories matching this topic...
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀
docker
kubernetes
infrastructure
security
microservices
helm
container
hacking
owasp
cloud-native
pentesting
cloudsecurity
devsecops
cloud-security
container-security
vulnerable-app
kubernetes-security
kubernetes-goat
-
Updated
Apr 30, 2022 - HTML
IAM Least Privilege Policy Generator
-
Updated
May 2, 2022 - Python
serverless
secops
cloud-native
security-vulnerability
vulnerability-detection
vulnerability-management
observability
vulnerability-scanners
vulnerability-assessment
log4j2
threat-analysis
security-tools
cloudsecurity
devsecops
vulnerability-scanning
scanning-tool
registry-scanning
cwpp
-
Updated
May 3, 2022 - JavaScript
A tool for quickly evaluating IAM permissions in AWS.
-
Updated
Apr 12, 2022 - Python
dirsigler
commented
Jul 28, 2021
Is your feature request related to a problem? Please describe.
I wanted to try Yor out for personal projects and found out, that the Terraform provider I use are as it seems not supported to run Yor against it.
For example I have a K3S Cluster at Civo or some development machines at Scaleway.
As it seems DigitalOcean is also not supported - at least I don't receive any errors or recommended
good first issue
Good for newcomers
Dow Jones Hammer : Protect the cloud with the power of the cloud(AWS)
-
Updated
Apr 12, 2022 - Python
Cloudlist is a tool for listing Assets from multiple Cloud Providers.
-
Updated
May 2, 2022 - Go
Knowledge seeks no man
kubernetes
aws
devops
azure
gcp
iac
cybersecurity
infrastructure-as-code
k8s
sre
aws-security
googlecloud
cloudsecurity
devsecops
cloud-security
googlecloudplatform
azure-security
gcp-security
microsoftazure
amazonwebservices
-
Updated
May 2, 2022
Vajra is a UI-based tool with multiple techniques for attacking and enumerating in the target's Azure environment. It features an intuitive web-based user interface built with the Python Flask module for a better user experience. The primary focus of this tool is to have different attacking techniques all at one place with web UI interfaces.
-
Updated
Mar 8, 2022 - CSS
rpCheckup is an AWS resource policy security checkup tool that identifies public, external account access, intra-org account access, and private resources.
-
Updated
Apr 22, 2021 - Go
Microsoft Sentinel 4 SecOps
microsoft
security
azure
incident-response
secops
threat-hunting
siem
hunting
soc
ir
cloudsecurity
threat-intelligence
azure-sentinel
microsoft-sentinel
-
Updated
May 3, 2022 - PowerShell
rezoan
commented
Jul 14, 2021
In my ubuntu 20.04.2.0, i have python 2.7.18 and pip3 20.0.2.
I was trying to install prancer-basic via pip3 install prancer-basic
It get installed successfully with below warning:
WARNING: The scripts populate_json, prancer, register_key_in_azure_vault, terraform_to_json and validator are installed in '/home/r4redu/.local/bin' which is not on PATH.
Consider adding this director
Monitor the internet attack surface of various public cloud environments. Currently supports AWS, GCP, Azure, DigitalOcean and Oracle Cloud.
aws
digitalocean
serverless
azure
api-gateway
dynamodb
lambda-functions
gcp
oracle
cybersecurity
serverless-framework
cyber-security
aws-security
cloudsecurity
cloud-security
azure-security
gcp-security
shadowrisk
shadow-risk
-
Updated
Apr 29, 2022 - Python
A Cloud Security Posture Manager or CSPM with a focus on security analysis for the modern cloud stack and a focus on the emerging threat landscape such as cloud ransomware and supply chain attacks.
aws
security
security-audit
cloud
gcp
security-vulnerability
security-scanner
security-tools
cloudsecurity
security-testing
cspm
-
Updated
Apr 29, 2022 - Java
Cfngoat is Bridgecrew's "Vulnerable by Design" Cloudformation repository. Cfngoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
-
Updated
Feb 16, 2022
A schema and set of tools for using SQL to query cloud infrastructure.
aws
security
postgres
sql
iam
secops
cloud-infrastructure
cmdb
infosec
database-schema
aws-security
security-groups
security-tools
cloudsecurity
devsecops
cloud-security
compliance-as-code
compliance-automation
cspm
infrastructure-as-deployed
-
Updated
Oct 8, 2021 - Python
Static analysis for CloudFormation templates to identify common misconfiguration
go
golang
aws
cloudformation
static-analysis
aws-cloudformation
hacktoberfest
aws-sam
cloudsecurity
aws-sam-cli
-
Updated
Feb 16, 2022 - Go
A Lambda-powered Security Orchestration framework for AWS GuardDuty
aws
cloud
aws-lambda
incident-response
cybersecurity
siem
threatintel
aws-security
blueteam
cloudsecurity
soar
aws-guardduty
-
Updated
Dec 15, 2019 - Python
Terraform provider for Policy Sentry (IAM least privilege generator and auditor)
-
Updated
Apr 15, 2022 - Go
This repository contains links to awesome security articles.
-
Updated
Mar 4, 2022
HazProne is a Cloud Pentesting Framework that emulates close to Real-World Scenarios by deploying Vulnerable-By-Demand AWS resources enabling you to pentest Vulnerabilities within, and hence, gain a better understanding of what could go wrong and why!!
terraform
cybersecurity
aws-security
cloudsecurity
cloud-security
cybersecurity-incidents
cybersecurity-education
hazprone
-
Updated
Nov 4, 2021 - HCL
SGX-ready Enclaive Docker Image for Nginx
docker
nginx
kubernetes
cloud
docker-image
container
sgx
cloudsecurity
sgx-enclave
zero-trust
confidential-computing
zero-trust-cloud
-
Updated
Apr 8, 2022 - Dockerfile
A carefully curated list of open source projects aimed at improving your AWS security posture!
-
Updated
Feb 22, 2022
DeepLint is a Security-as-Code framework for securing and optimizing cloud environments.
-
Updated
Apr 29, 2022 - TypeScript
Use cloud cameras to connect all your existing and new IP cameras in one cloud video surveillance system. Watch live and recorded video from anywhere, receive alerts for events and analyze video with AI.
cloud
ai
camera
cctv
video-player
nvr
ios-app
developer
developer-tools
dvr
ipcamera
systems-engineering
security-tools
cloudsecurity
androiddeveloper
videoanalysis
videosurveillance
cloudvideo
videoserver
-
Updated
Dec 10, 2021 - JavaScript
AWS CloudFormation templates and Python code for AWS blog post on how to automate IAM credential reports at scale across AWS.
-
Updated
Apr 19, 2022 - Python
Benchmarks how you are handling your AWS Secrets including encrypted parameters, secretsmanager and access keys
-
Updated
Apr 29, 2021 - Python
The SaaS CTO Security Checklist Redux, The DevOps Security Checklist, and The Personal Infosec & Security Checklist
checklist
security
security-audit
saas
secops
cybersecurity
startup
infosec
security-checklist
cloudsecurity
devsecops
security-checklists
personal-security
cspm
saas-security
-
Updated
Jul 9, 2021
Cloud Native Guide
kubernetes
ansible
devops
awesome
cloud
cloudformation
azure
containers
paas
cloud-computing
awesome-list
cloud-native
cloudsecurity
awesome-resources
cloudservices
awesome-readme
-
Updated
Jan 23, 2022 - Go
Improve this page
Add a description, image, and links to the cloudsecurity topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the cloudsecurity topic, visit your repo's landing page and select "manage topics."
Enhancement Request
Other security scanning tools (e.g.
checkovandtfsec) have a--soft-failflag or equivalent option that allows you to always exit with 0 status.Extremely useful when running the tool without halting a pipeline for example.
I currently use a workaround, but something more concrete would be very desira