Topic: cloud-security Goto Github

👇 Here are 196 public repositories matching this topic...

0xsha / cloudbrute
cloud-security,Awesome cloud enumerator
User: 0xsha
bugbounty cloud cloud-security s3-bucket amazon vultr google linode cloud-storage pentesting

4ndersonlin / awesome-cloud-security
cloud-security,🛡️ Awesome Cloud Security Resources ⚔️
User: 4ndersonlin
security cloud-computing cloud-security cybersecurity aws aws-security azure azure-security gcp gcp-security

aabyss-team / awskeytools
cloud-security,AWS云平台 AccessKey 泄漏利用工具
Organization: aabyss-team
aws security security-tools accesskeysecret accesskey cloud-native-security cloud-security cloud-security-tools

appsecco / attacking-cloudgoat2
cloud-security,A step-by-step walkthrough of CloudGoat 2.0 scenarios.
Organization: appsecco
cloud-security cloudgoat aws-security walkthrough pentesting pentesting-resources aws documentation

aquasecurity / cloud-security-remediation-guides
cloud-security,Security Remediation Guides
Organization: aquasecurity
cloud cloud-security aws azure

aquasecurity / cloudsec-icons
cloud-security,A collection of cloud security icons :cloud::lock:
Organization: aquasecurity
icons iconset svg security cloud cloud-security hacktoberfest

bishopfox / cloudfox
cloud-security,Automating situational awareness for cloud penetration tests.
Organization: bishopfox
Home Page: https://bishopfox.com/blog/introducing-cloudfox
aws cloud cloud-security golang penetration-testing-tools security

bishopfox / smogcloud
cloud-security,Find cloud assets that no one wants exposed 🔎 ☁️
Organization: bishopfox
security-tools amazonaws cloud-security api-documentation aws attack-surface penetration-testing cloud infosec blueteam

bridgecrewio / terragoat
cloud-security,TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
Organization: bridgecrewio
Home Page: https://www.bridgecrew.io/
terraform aws-security cloud-security goat azure-security gcp-security devsecops

cado-security / cloudgrep
cloud-security,cloudgrep is grep for cloud storage
Organization: cado-security
aws aws-s3 grep search cloud cloud-security aws-security azure azure-security gcp

cado-security / varc
cloud-security,Volatile Artifact Collector collects a snapshot of volatile data from a system. It tells you what is happening on a system, and is of particular use when investigating a security incident.
Organization: cado-security
aws aws-fargate aws-forensics aws-lambda cloud-security dfir dfir-automation docker-forensics eks-forensics fargate-forensics forensics hacktoberfest memory-forensics security

chaitin / veinmind-tools
cloud-security,veinmind-tools 是由长亭科技自研，基于 veinmind-sdk 打造的容器安全工具集
Organization: chaitin
Home Page: https://veinmind.chaitin.com/docs/
docker security image-security containerd container-security cloud-native cloud-security

cloud-sniper / cloud-sniper
cloud-security,Cloud Security Operations Orchestrator
Organization: cloud-sniper
security-analytics cloud-security security-automation terraform-security python-automation security-analyst response-orchestration cloud

cloudmarker / cloudmarker
cloud-security,Cloud security monitoring tool and framework
Organization: cloudmarker
Home Page: https://cloudmarker.readthedocs.io
azure google-cloud-platform elasticsearch mongodb splunk email slack security security-tools security-audit

common-fate / granted
cloud-security,The easiest way to access your cloud.
Organization: common-fate
Home Page: https://granted.dev
iam aws cloud sso credentials keychain cloud-security hacktoberfest

common-fate / iamzero
cloud-security,Identity & Access Management simplified and secure.
Organization: common-fate
Home Page: https://iamzero.dev/
aws security-tools cloud-security iam security cloud

cyberark / skyark
cloud-security,SkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS
Organization: cyberark
cloud-security powershell security-tools privileges cloud aws admins attacker threat azure

datadog / stratus-red-team
cloud-security,:cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud
Organization: datadog
Home Page: https://stratus-red-team.cloud
aws adversary-emulation purple-team mitre-attack cloud-security cloud-native-security detection-engineering threat-detection security aws-security

edgelesssys / constellation
cloud-security,Constellation is the first Confidential Kubernetes. Constellation shields entire Kubernetes clusters from the (cloud) infrastructure using confidential computing.
Organization: edgelesssys
cloud-security confidential-computing data-encryption kubernetes kubernetes-security

elastic / harp
cloud-security,Secret management by contract toolchain
Organization: elastic
kubernetes yaml cloud encryption pipeline vault secret-management cloud-storage cloud-security unix-command

esonhugh / attack_code
cloud-security,文章 Attack Code 的详细全文。安全和开发总是具有伴生属性，尤其是云的安全方向，本篇文章是希望能帮助到读者的云安全入门材料。Full text of the article Attack Code. Security and development always have concomitant attributes, and this is especially true with the security direction of the cloud. This article is an introduction to cloud security that I hope will help readers.
User: esonhugh
Home Page: https://esonhugh.gitbook.io/attackcode/
article cloud cloud-security cloudsecurity introduction security

funkmyster / awesome-cloud-security
cloud-security,A curated list of awesome cloud security blogs, podcasts, standards, projects, and examples.
User: funkmyster
cloud-security aws security information-security waf dlp logging cloud elasticsearch awesome

hack-with-github / free-security-ebooks
cloud-security,Free Security and Hacking eBooks
Organization: hack-with-github
security hacking penetration-testing hacking-ebooks forensics hackers-handbook cloud-security kali-linux cyber-security ebooks

hacking-the-cloud / hackingthe.cloud
cloud-security,An encyclopedia for offensive and defensive security knowledge in cloud native technologies.
Organization: hacking-the-cloud
Home Page: https://hackingthe.cloud
hacking aws hacking-cloud azure gcp penetration-testing cloud cloud-security aws-hacking

hxsecurity / terraformgoat
cloud-security,TerraformGoat is HXSecurity research lab's "Vulnerable by Design" multi cloud deployment tool.
Organization: hxsecurity
security terraform gcp cloudsecurity aws-security azure-security gcp-security kubernetes-security cloud-security

iknowjason / ariacloud
cloud-security,A Docker container for remote penetration testing.
User: iknowjason
docker-container kali-linux penetration-testing cloud-security

jassics / awesome-aws-security
cloud-security,Curated list of links, references, books videos, tutorials (Free or Paid), Exploit, CTFs, Hacking Practices etc. which are related to AWS Security
User: jassics
cloud-security aws-security awesome-list aws security security-tools aws-auditing awesome-lists aws-security-resources awesome

jassics / cybersecurity-roadmap
cloud-security,Skills and career roadmap for various security roles like application security, cloud security, DevSecOps, security engineer, security researchers, pentesting, api security, network security, mobile security and so on with helpful resources, guidelines
User: jassics
Home Page: https://cybercloud.guru/
security-tools security-automation aws-security cloud-security network-security devsecops interview-questions application-security cybersecurity-career-path cybersecurity-awareness

jassics / security-interview-questions
cloud-security,Security interview questions with possible explanation for roles in AppSec, Pentesting, Cloud Security, DevSecOps, Network Security and so on
User: jassics
Home Page: https://cybercloud.guru/
application-security cybersecurity devsecops interview-questions security-questions web-security-interview cloud-security devsecops-interview-quesitons security-interview-questions interview-preparation

jonrau1 / electriceye
cloud-security,ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring supporting 100s of services and evaluations to harden your CSP & SaaS environments with controls mapped to over 20 industry, regulatory, and best practice controls frameworks
User: jonrau1
security-tools security-audit cloud-security security-monitoring aws-security security-hub cloud-compliance-reporting cloud-auditing security-engineering devsecops

madhuakula / kubernetes-goat
cloud-security,Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀
User: madhuakula
Home Page: https://madhuakula.com/kubernetes-goat
kubernetes vulnerable-app security hacking pentesting infrastructure cloud-security docker container kubernetes-goat

matanolabs / matano
cloud-security,Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS
Organization: matanolabs
Home Page: https://matano.dev
aws cloud security big-data serverless apache-iceberg log-analytics log-management threat-hunting rust

mazen160 / tfquery
cloud-security,tfquery: Run SQL queries on your Terraform infrastructure. Query resources and analyze its configuration using a SQL-powered framework.
User: mazen160
Home Page: https://mazinahmed.net
aws azure cloud-security devsecops gcp terraform

metarget / awesome-cloud-native-security
cloud-security,awesome resources about cloud native security 🐿
Organization: metarget
cloud-native container-security cloud-native-security kubernetes-security container-escape k8s kubernetes container docker docker-security

netflix / consoleme
cloud-security,A Central Control Plane for AWS Permissions and Access
Organization: netflix
aws aws-iam cloud-security security-tools

paralus / paralus
cloud-security,All-in-one Kubernetes access manager. User-level credentials, RBAC, SSO, audit logs.
Organization: paralus
Home Page: https://www.paralus.io/
access-management cloud-security k8s-access-management kubernetes-security zero-trust-security ztka

redhuntlabs / bucketloot
cloud-security,BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for custom keywords as well as Regular Expressions from publicly-exposed storage buckets by scanning files that store data in plain-text.
Organization: redhuntlabs
automation blackhat bounty bugbounty bughunting cli cloud cloud-security cybersecurity infosec infosectools osint pentesting recon reconnaissance s3 secret-scanning

riskprofiler / cloudfrontier
cloud-security,Monitor the internet attack surface of various public cloud environments. Currently supports AWS, GCP, Azure, DigitalOcean and Oracle Cloud.
Organization: riskprofiler
aws gcp azure digitalocean cybersecurity cloudsecurity shadowrisk shadow-risk cyber-security cloud-security

salesforce / aws-allowlister
cloud-security,Automatically compile an AWS Service Control Policy that ONLY allows AWS services that are compliant with your preferred compliance frameworks.
Organization: salesforce
aws security cloud salesforce iam cloud-security compliance

salesforce / cloudsplaining
cloud-security,Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.
Organization: salesforce
Home Page: https://cloudsplaining.readthedocs.io/
aws aws-iam cloud security salesforce aws-security cloud-security iam hacktoberfest

salesforce / metabadger
cloud-security,Prevent SSRF attacks on AWS EC2 via automated upgrades to the more secure Instance Metadata Service v2 (IMDSv2).
Organization: salesforce
aws metadata security automation hardening cloud-security

securityftw / cs-suite
cloud-security,Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.
Organization: securityftw
aws-security security-audit cloud-security gcp-audit-report gcp aws-audit security azure-security azure azure-audit

stackql / stackql
cloud-security,Query, provision and operate Cloud and SaaS resources and APIs using an extensible SQL based framework
Organization: stackql
Home Page: https://stackql.io/
asset-management cloud cloud-automation cloud-config cloud-operations cloud-security cspm devops devsecops infrastructure-as-code

teamssix / awesome-cloud-security
cloud-security,awesome cloud security 收集一些国内外不错的云安全资源，该项目主要面向国内的安全人员
User: teamssix
Home Page: https://wiki.teamssix.com/CloudSecurityResources/
awesome cloud-native cloud-security awesome-cloud-security cloudnative cloudsecurity cybersecurity docker kubernetes tools

tenable / terrascan
cloud-security,Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
Organization: tenable
Home Page: https://runterrascan.io
security-tools infrastructure-as-code devsecops devops security terraform aws cloudsecurity cloud-security terrascan infrastructure security-violations architecture kubernetes iac sast azure-security aws-security gcp-security scans

tmobile / pacbot
cloud-security,PacBot (Policy as Code Bot)
Organization: tmobile
Home Page: https://tmobile.github.io/pacbot/
cloud-security security aws continous-compliance cloud-auditing policy-as-code cloud security-automation aws-security java

vectra-ai-research / maad-af
cloud-security,MAAD Attack Framework - An attack tool for simple, fast & effective security testing of M365 & Entra ID (Azure AD).
Organization: vectra-ai-research
Home Page: https://maad-af.com
adversary-emulation microsoft microsoft-azure-security powershell security cloud-security mitre red-team security-testing azuread

wazuh / wazuh
cloud-security,Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
Organization: wazuh
Home Page: https://wazuh.com/
security compliance log-analysis vulnerability-detection cybersecurity file-integrity-monitoring infosec malware-detection cloud-security container-security

ydcloudsecurity / cloud-security-guides
cloud-security,
User: ydcloudsecurity
Home Page: https://cloudsec.tencent.com/home/
cloud-native cloud-security cloud-security-guides cloud-security-tools csp-security docker iaas kubernetes paas saas

zeyad-azima / offensive-resources
cloud-security,A Huge Learning Resources with Labs For Offensive Security Players
User: zeyad-azima
api infrastructure learning security mobile web hack hacking owasp cybersecurity