my-arsenal-of-aws-security-tools

by toniblyx

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

5.1K Stars 844 Forks Last release: Not found Apache License 2.0 207 Commits 0 Releases

Available items

No Items, yet!

The developer of this repository has not created any items for sale yet. Need a bug fixed? Help with integration? A different license? Create a request here:

Table of Contents

Contribute

Do you want to contribute to this list? Feel free to send a PR and make sure your tool is Open Source.

| Name | URL | Description | Popularity | Metadata | | ---------- | :---------- | :---------- | :----------: | :----------: | | My Arsenal of AWS Security Tools | https://github.com/toniblyx/my-arsenal-of-aws-security-tools | This list of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.|stars| contributors watchers last-commit open-issues closed-issues |

Defensive: Hardening, Security Assessment and Inventory

| Name | URL | Description | Popularity | Metadata | | ---------- | :---------- | :---------- | :----------: | :----------: | | ScoutSuite | https://github.com/nccgroup/ScoutSuite | Multi-Cloud Security auditing tool for AWS Google Cloud and Azure environments (python) |stars| contributorswatcherslast-commit open-issues closed-issues | | Prowler | https://github.com/toniblyx/prowler | CIS benchmarks and additional checks for security best practices in AWS (bash and python components) |stars| contributorswatcherslast-commit open-issues closed-issues | | CloudSploit Scans | https://github.com/cloudsploit/scans | AWS security scanning checks (NodeJS) |stars| contributorswatcherslast-commit open-issues closed-issues | | CloudMapper | https://github.com/duo-labs/cloudmapper | helps you analyze your AWS environments (Python) |stars| contributorswatcherslast-commit open-issues closed-issues | | CloudTracker | https://github.com/duo-labs/cloudtracker | helps you find over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies (Python) |stars| contributorswatcherslast-commit open-issues closed-issues | | AWS Security Benchmarks | https://github.com/awslabs/aws-security-benchmark | scripts and templates guidance related to the AWS CIS Foundation framework (Python) |stars| contributorswatcherslast-commit open-issues closed-issues | | AWS Public IPs | https://github.com/arkadiyt/awspublicips | Fetch all public IP addresses tied to your AWS account. Works with IPv4/IPv6 Classic/VPC networking and across all AWS services (Ruby) |stars| contributorswatcherslast-commit open-issues closed-issues | | PMapper | https://github.com/nccgroup/PMapper | Advanced and Automated AWS IAM Evaluation (Python) |stars| contributorswatcherslast-commit open-issues closed-issues | | nccgroup AWS-Inventory | https://github.com/nccgroup/aws-inventory | Make a inventory of all your resources across regions (Python) |stars| contributorswatcherslast-commit open-issues closed-issues | | Resource Counter | https://github.com/disruptops/resource-counter | Counts number of resources in categories across regions |stars| contributorswatcherslast-commit open-issues closed-issues | | ICE | https://github.com/Teevity/ice | Ice provides insights from a usage and cost perspective with high detail dashboards. |stars| contributorswatcherslast-commit open-issues closed-issues | | SkyArk | https://github.com/cyberark/SkyArk | SkyArk provides advanced discovery and security assessment for the most privileged entities in the tested AWS. |stars| contributorswatcherslast-commit open-issues closed-issues | | Trailblazer AWS | https://github.com/willbengtson/trailblazer-aws | Trailblazer AWS determine what AWS API calls are logged by CloudTrail and what they are logged as. You can also use TrailBlazer as an attack simulation framework. |stars| contributorswatcherslast-commit open-issues closed-issues | | Lunar | https://github.com/lateralblast/lunar | Security auditing tool based on several security frameworks (it does some AWS checks) |stars| contributorswatcherslast-commit open-issues closed-issues | | Cloud-reports | https://github.com/tensult/cloud-reports | Scans your AWS cloud resources and generates reports |stars| contributorswatcherslast-commit open-issues closed-issues | | Pacbot | https://github.com/tmobile/pacbot | Platform for continuous compliance monitoring compliance reporting and security automation for the cloud |stars| contributorswatcherslast-commit open-issues closed-issues | | cs-suite | https://github.com/SecurityFTW/cs-suite | Integrates tools like Scout2 and Prowler among others |stars| contributorswatcherslast-commit open-issues closed-issues | | aws-key-disabler | https://github.com/te-papa/aws-key-disabler | A small lambda script that will disable access keys older than a given amount of days |stars| contributorswatcherslast-commit open-issues closed-issues | | Antiope | https://github.com/turnerlabs/antiope | AWS Inventory and Compliance Framework |stars| contributorswatcherslast-commit open-issues closed-issues | | Cloud Reports | https://github.com/tensult/cloud-reports | Scans your AWS cloud resources and generates reports and includes security best practices. |stars| contributorswatcherslast-commit open-issues closed-issues | | Terraform AWS Secure Baseline | https://github.com/nozaq/terraform-aws-secure-baseline | Terraform module to set up your AWS account with the secure |stars| contributorswatcherslast-commit open-issues closed-issues | | Cartography | https://github.com/lyft/cartography | Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database. |stars| contributorswatcherslast-commit open-issues closed-issues | | TrailScraper | https://github.com/flosell/trailscraper | A command-line tool to get valuable information out of AWS CloudTrail |stars| contributorswatcherslast-commit open-issues closed-issues | | LambdaGuard | https://github.com/Skyscanner/LambdaGuard | An AWS Lambda auditing tool designed to create asset visibility and provide actionable results. |stars| contributorswatcherslast-commit open-issues closed-issues | | Komiser | https://github.com/mlabouardy/komiser | Cloud Environment Inspector analyze and manage cloud cost usage security and governance in one place. |stars| contributorswatcherslast-commit open-issues closed-issues | | Perimeterator | https://github.com/darkarnium/perimeterator | AWS perimeter monitoring. Periodically scan internet facing AWS resources to detect misconfigured services |stars| contributorswatcherslast-commit open-issues closed-issues | | PolicySentry | https://github.com/salesforce/policy_sentry | IAM Least Privilege Policy Generator auditor and analysis database |stars| contributorswatcherslast-commit open-issues closed-issues | | Zeus | https://github.com/DenizParlak/Zeus | AWS Auditing & Hardening Tool |stars| contributorswatcherslast-commit open-issues closed-issues | | janiko71 AWS-inventory | https://github.com/janiko71/aws-inventory | Python script for AWS resources inventory |stars| contributorswatcherslast-commit open-issues closed-issues | | awspx | https://github.com/fsecurelabs/awspx | A graph-based tool for visualizing effective access and resource relationships in AWS environments |stars| contributorswatcherslast-commit open-issues closed-issues | | clinv | https://github.com/lyz-code/clinv | DevSecOps command line asset inventory tool |stars| contributorswatcherslast-commit open-issues closed-issues | | aws-gate | https://github.com/xen0l/aws-gate | Enhanced AWS SSM Session manager CLI client |stars| contributors watchers last-commit open-issues closed-issues | | Detecting Credential Compromise | https://github.com/Netflix-Skunkworks/aws-credential-compromise-detection | Detecting of your compromised credential in AWS |stars| contributorswatcherslast-commit open-issues closed-issues| | AWS-Security-Toolbox (AST) | https://github.com/z0ph/aws-security-toolbox | AWS Security Toolbox (Docker Image) for Security Assessments |stars| contributors watchers last-commit open-issues closed-issues | | iam-lint | https://github.com/xen0l/iam-lint | Github action for linting AWS IAM policy documents for correctness and possible security issues |stars| contributors watchers last-commit open-issues closed-issues | | aws-security-viz | https://github.com/anaynayak/aws-security-viz | A tool to visualize aws security groups. |stars| contributors watchers last-commit open-issues closed-issues | | AirIAM | https://github.com/bridgecrewio/AirIAM | Least privilege AWS IAM using Terraform |stars| contributors watchers last-commit open-issues closed-issues | | Cloudsplaining | https://github.com/salesforce/cloudsplaining | AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized HTML report. |stars| contributors watchers last-commit open-issues closed-issues | | iam-policy-generator | https://github.com/aletheia/iam-policy-generator | A simple library to generate IAM policy statements with no need to remember all the actions APIs | stars | contributors watchers last-commit open-issues closed-issues | | SkyWrapper | https://github.com/cyberark/SkyWrapper | SkyWrapper helps to discover suspicious creation forms and uses of temporary tokens in AWS | stars | contributors watchers last-commit open-issues closed-issues | | aws-recon | https://github.com/darkbitio/aws-recon | Multi-threaded AWS inventory collection tool | stars | contributors watchers last-commit open-issues closed-issues | | iam-policies-cli | https://github.com/mhlabs/iam-policies-cli | A CLI tool for building simple to complex IAM policies | stars | contributors watchers last-commit open-issues closed-issues | | Aaia | https://github.com/rams3sh/Aaia | AWS Identity and Access Management Visualizer and Anomaly Finder | stars | contributors watchers last-commit open-issues closed-issues |

Offensive

| Name | URL | Description | Popularity | Metadata | | ---------- | :---------- | :---------- | :----------: | :----------: | | weirdALL | https://github.com/carnal0wnage/weirdAAL | AWS Attack Library |stars| contributorswatcherslast-commit open-issues closed-issues | | Pacu | https://github.com/RhinoSecurityLabs/pacu | AWS penetration testing toolkit |stars| contributorswatcherslast-commit open-issues closed-issues | | Cred Scanner | https://github.com/disruptops/cred_scanner | A simple file-based scanner to look for potential AWS access and secret keys in files |stars| contributorswatcherslast-commit open-issues closed-issues | | AWS PWN | https://github.com/dagrz/aws_pwn | A collection of AWS penetration testing junk |stars| contributorswatcherslast-commit open-issues closed-issues | | Cloudfrunt | https://github.com/MindPointGroup/cloudfrunt | A tool for identifying misconfigured CloudFront domains |stars| contributorswatcherslast-commit open-issues closed-issues | | Cloudjack | https://github.com/prevade/cloudjack | Route53/CloudFront Vulnerability Assessment Utility |stars| contributorswatcherslast-commit open-issues closed-issues | | Nimbostratus | https://github.com/andresriancho/nimbostratus | Tools for fingerprinting and exploiting Amazon cloud infrastructures |stars| contributorswatcherslast-commit open-issues closed-issues | | GitLeaks | https://github.com/zricethezav/gitleaks | Audit git repos for secrets |stars| contributorswatcherslast-commit open-issues closed-issues | | TruffleHog | https://github.com/dxa4481/truffleHog | Searches through git repositories for high entropy strings and secrets digging deep into commit history |stars| contributorswatcherslast-commit open-issues closed-issues | | DumpsterDiver | https://github.com/securing/DumpsterDiver | "Tool to search secrets in various filetypes like keys (e.g. AWS Access Key Azure Share Key or SSH keys) or passwords." |stars| contributorswatcherslast-commit open-issues closed-issues | | Mad-King | https://github.com/ThreatResponse/mad-king | Proof of Concept Zappa Based AWS Persistence and Attack Platform |stars| contributorswatcherslast-commit open-issues closed-issues | | Cloud-Nuke | https://github.com/gruntwork-io/cloud-nuke | A tool for cleaning up your cloud accounts by nuking (deleting) all resources within it |stars| contributorswatcherslast-commit open-issues closed-issues | | MozDef - The Mozilla Defense Platform | https://github.com/mozilla/MozDef | The Mozilla Defense Platform (MozDef) seeks to automate the security incident handling process and facilitate the real-time activities of incident handlers. |stars| contributorswatcherslast-commit open-issues closed-issues | | Lambda-Proxy | https://github.com/puresec/lambda-proxy | A bridge between SQLMap and AWS Lambda which lets you use SQLMap to natively test AWS Lambda functions for SQL Injection vulnerabilities. |stars| contributorswatcherslast-commit open-issues closed-issues | | CloudCopy | https://github.com/Static-Flow/CloudCopy | Cloud version of the Shadow Copy attack against domain controllers running in AWS using only the EC2:CreateSnapshot permission |stars| contributorswatcherslast-commit open-issues closed-issues | | enumerate-iam | https://github.com/andresriancho/enumerate-iam | Enumerate the permissions associated with AWS credential set |stars| contributorswatcherslast-commit open-issues closed-issues | | Barq | https://github.com/Voulnet/barq | A post-exploitation framework that allows you to easily perform attacks on a running AWS infrastructure |stars| contributorswatcherslast-commit open-issues closed-issues | | CCAT | https://github.com/RhinoSecurityLabs/ccat | Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments |stars| contributorswatcherslast-commit open-issues closed-issues | | Dufflebag | https://github.com/bishopfox/dufflebag | Search exposed EBS volumes for secrets | stars | contributors watchers last-commit open-issues closed-issues | | attack_range | https://github.com/splunk/attack_range | A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data into Splunk | stars | contributors watchers last-commit open-issues closed-issues | | whispers | https://github.com/Skyscanner/whispers | Identify hardcoded secrets and dangerous behaviours | stars | contributors watchers last-commit open-issues closed-issues | | Redboto | https://github.com/elitest/Redboto | Red Team AWS Scripts | stars | contributors watchers last-commit open-issues closed-issues | | CloudBrute | https://github.com/0xsha/cloudbrute | A tool to find a company (target) infrastructure, files, and apps on the top cloud providers | stars | contributors watchers last-commit open-issues closed-issues |

Continuous Security Auditing

| Name | URL | Description | Popularity | Metadata | | ---------- | :---------- | :---------- | :----------: | :----------: | | Security Monkey | https://github.com/Netflix/security_monkey | |stars| contributorswatcherslast-commit open-issues closed-issues | | Krampus | https://github.com/sendgrid/krampus | |stars| contributorswatcherslast-commit open-issues closed-issues | | Cloud Inquisitor | https://github.com/RiotGames/cloud-inquisitor | |stars| contributorswatcherslast-commit open-issues closed-issues | | CloudCustodian | https://github.com/cloud-custodian/cloud-custodian/ | Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources |stars| contributorswatcherslast-commit open-issues closed-issues | | Disable keys after X days | https://github.com/te-papa/aws-key-disabler | |stars| contributorswatcherslast-commit open-issues closed-issues | | Repokid Least Privilege | https://github.com/Netflix/repokid | |stars| contributorswatcherslast-commit open-issues closed-issues | | Wazuh CloudTrail module | https://github.com/wazuh/wazuh | |stars| contributorswatcherslast-commit open-issues closed-issues | | Hammer | https://github.com/dowjones/hammer | |stars| contributorswatcherslast-commit open-issues closed-issues | | Streamalert | https://github.com/airbnb/streamalert | |stars| contributorswatcherslast-commit open-issues closed-issues | | Billing Alerts CFN templates | https://github.com/btkrausen/AWS | |stars| contributorswatcherslast-commit open-issues closed-issues | | Watchmen | https://github.com/iagcl/watchmen | AWS account compliance using centrally managed Config Rules |stars| contributorswatcherslast-commit open-issues closed-issues | | ElectricEye | https://github.com/jonrau1/ElectricEye | Continuously monitor your AWS services for configurations that can lead to degradation of confidentiality, integrity or availability | stars | contributors watchers last-commit open-issues closed-issues | | SyntheticSun | https://github.com/jonrau1/SyntheticSun | a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, managed AWS security services and, serverless technologies to continuously prevent, detect and respond to threats | stars | contributors watchers last-commit open-issues closed-issues |

Digital Forensics and Incident Response

| Name | URL | Description | Popularity | Metadata | | ---------- | :---------- | :---------- | :----------: | :----------: | | AWS IR | https://github.com/ThreatResponse/aws_ir | AWS specific Incident Response and Forensics Tool |stars| contributorswatcherslast-commit open-issues closed-issues | | Margaritashotgun | https://github.com/ThreatResponse/margaritashotgun | Linux memory remote acquisition tool |stars| contributorswatcherslast-commit open-issues closed-issues | | Diffy | https://github.com/Netflix-Skunkworks/diffy | Triage tool used during cloud-centric security incidents |stars| contributorswatcherslast-commit open-issues closed-issues | | AWS Security Automation | https://github.com/awslabs/aws-security-automation | AWS scripts and resources for DevSecOps and automated incident response |stars| contributorswatcherslast-commit open-issues closed-issues | | GDPatrol | https://github.com/ansorren/GDPatrol | Automated Incident Response based off AWS GuardDuty findings |stars| contributorswatcherslast-commit open-issues closed-issues | | AWSlog | https://github.com/jaksi/awslog | Show the history and changes between configuration versions of AWS resources using AWS Config |stars| contributorswatcherslast-commit open-issues closed-issues | | AWS_Responder | https://github.com/prolsen/aws_responder | AWS Digital Forensic and Incident Response (DFIR) Response Python Scripts |stars| contributorswatcherslast-commit open-issues closed-issues | | SSM-Acquire | https://github.com/mozilla/ssm-acquire | A python module for orchestrating content acquisitions and analysis via Amazon SSM |stars| contributorswatcherslast-commit open-issues closed-issues | | cloudtrail-partitioner | https://github.com/duo-labs/cloudtrail-partitioner | This project sets up partitioned Athena tables for your CloudTrail logs and updates the partitions nightly. Makes CloudTrail logs queries easier. | stars| contributorswatcherslast-commit open-issues closed-issues | | fargate-ir | https://github.com/andrewkrug/fargate-ir | Proof of concept incident response demo using SSM and AWS Fargate. |stars| contributors watchers last-commit open-issues closed-issues | | aws-logsearch | https://github.com/endgameinc/aws-logsearch | Search AWS CloudWatch logs all at once on the command line. | stars | contributors watchers last-commit open-issues closed-issues | | Varna | https://github.com/endgameinc/varna | Quick & Cheap AWS CloudTrail Monitoring with Event Query Language (EQL) | stars | contributors watchers last-commit open-issues closed-issues | | aws-auto-remediate | https://github.com/servian/aws-auto-remediate | Open source application to instantly remediate common security issues through the use of AWS Config | stars | contributors watchers last-commit open-issues closed-issues | | panther-labs | https://github.com/panther-labs/panther | Detect threats with log data and improve cloud security posture | stars | contributors watchers last-commit open-issues closed-issues | | aws-incident-response | https://github.com/easttimor/aws-incident-response | This page is a collection of useful things to look for in CloudTrail using Athena for AWS incident response | stars | contributors watchers last-commit open-issues closed-issues | | cloud-forensics-utils | https://github.com/google/cloud-forensics-utils | Python library to carry out DFIR analysis on the Cloud | stars | contributors watchers last-commit open-issues closed-issues | | aws-fast-fixes | https://github.com/WarnerMedia/aws-fast-fixes | Scripts to quickly fix security and compliance issues | stars | contributors watchers last-commit open-issues closed-issues |

Development Security

| Name | URL | Description | Popularity | Metadata | | ---------- | :---------- | :---------- | :----------: | :----------: | | CFN NAG | https://github.com/stelligent/cfn_nag | CloudFormation security test (Ruby) |stars| contributorswatcherslast-commit open-issues closed-issues | | Git-secrets | https://github.com/awslabs/git-secrets | |stars| contributorswatcherslast-commit open-issues closed-issues | | Repository of sample Custom Rules for AWS Config | https://github.com/awslabs/aws-config-rules | |stars| contributorswatcherslast-commit open-issues closed-issues | | CFripper | https://github.com/Skyscanner/cfripper | "Lambda function to ""rip apart"" a CloudFormation template and check it for security compliance." |stars| contributorswatcherslast-commit open-issues closed-issues | | Assume | https://github.com/SanderKnape/assume | A simple CLI utility that makes it easier to switch between different AWS roles |stars| contributorswatcherslast-commit open-issues closed-issues | | Terrascan | https://github.com/cesar-rodriguez/terrascan | A collection of security and best practice tests for static code analysis of terraform templates using terraformvalidate |stars| contributorswatcherslast-commit open-issues closed-issues | | tfsec | https://github.com/liamg/tfsec | Provides static analysis of your terraform templates to spot potential security issues |stars| contributorswatcherslast-commit open-issues closed-issues | | Checkov | https://github.com/bridgecrewio/checkov | Terraform, Cloudformation and Kubernetes static analysis written in python |stars| contributorswatcherslast-commit open-issues closed-issues | | pytest-services | https://github.com/mozilla-services/pytest-services | Unit testing framework for test driven security of AWS configurations and more |stars| contributorswatcherslast-commit open-issues closed-issues | | IAM Least-Privileged Role Generator | https://github.com/puresec/serverless-puresec-cli | A Serverless framework plugin that statically analyzes AWS Lambda function code and automagically generates least-privileged IAM roles. |stars| contributorswatcherslast-commit open-issues closed-issues | | AWS Vault | https://github.com/99designs/aws-vault | A vault for securely storing and accessing AWS credentials in development environments |stars| contributorswatcherslast-commit open-issues closed-issues | | AWS Service Control Policies | https://github.com/jchrisfarris/aws-service-control-policies | Collection of semi-useful Service Control Policies and scripts to manage them |stars| contributorswatcherslast-commit open-issues closed-issues | | LambdaGuard | https://github.com/Skyscanner/LambdaGuard | AWS Lambda auditing tool that provides a meaningful overview in terms of statistical analysis AWS service dependencies and configuration checks from the security perspective |stars| contributorswatcherslast-commit open-issues closed-issues | | Terraform-compliance | https://github.com/eerkunt/terraform-compliance | A lightweight security focused BDD test framework against terraform (with helpful code for AWS) |stars| contributorswatcherslast-commit open-issues closed-issues | | Get a List of AWS Managed Policies | https://github.com/RyPeck/awsmanagedpolicies | a way to get a list of all AWS managed policies |[stars](https://badgen.net/github/stars/RyPeck/awsmanagedpolicies)| [contributors](https://badgen.net/github/contributors/RyPeck/awsmanagedpolicies)[watchers](https://badgen.net/github/watchers/RyPeck/awsmanagedpolicies)[last-commit](https://badgen.net/github/last-commit/RyPeck/awsmanagedpolicies) [open-issues](https://badgen.net/github/open-issues/RyPeck/awsmanagedpolicies) [closed-issues](https://badgen.net/github/closed-issues/RyPeck/awsmanaged_policies) | | Parliament | https://github.com/duo-labs/parliament | AWS IAM linting library |stars| contributorswatcherslast-commit open-issues closed-issues | | AWS-ComplianceMachineDontStop | https://github.com/jonrau1/AWS-ComplianceMachineDontStop | Proof of Value Terraform Scripts to utilize Amazon Web Services (AWS) Security Identity & Compliance Services to Support your AWS Account Security Posture |stars| contributorswatcherslast-commit open-issues closed-issues | | detect-secrets | https://github.com/Yelp/detect-secrets | An enterprise friendly way of detecting and preventing secrets in code. |stars| contributorswatcherslast-commit open-issues closed-issues | | tf-parliament | https://github.com/rdkls/tf-parliament | Run Parliament AWS IAM Checker on Terraform Files |stars| contributors watchers last-commit open-issues closed-issues | | aws-gate | https://github.com/xen0l/aws-gate | Better AWS SSM Session manager CLI client | stars| contributors watchers last-commit open-issues closed-issues | | iam-lint | https://github.com/xen0l/iam-lint | Github action for linting AWS IAM policy documents for correctness and possible security issues |stars | contributors watchers last-commit open-issues closed-issues | | Regula | https://github.com/fugue/regula | Regula checks Terraform for AWS security and compliance using Open Policy Agent/Rego | stars | contributors watchers last-commit open-issues closed-issues | | whispers | https://github.com/Skyscanner/whispers | Identify hardcoded secrets and dangerous behaviours | stars | contributors watchers last-commit open-issues closed-issues | | cloudformation-guard | https://github.com/aws-cloudformation/cloudformation-guard | A set of tools to check AWS CloudFormation templates for policy compliance using a simple, policy-as-code, declarative syntax. | stars | contributors watchers last-commit open-issues closed-issues |

S3 Buckets Auditing

| Name | URL | Description | Popularity | Metadata | | ---------- | :---------- | :---------- | :----------: | :----------: | | sandcastle | https://github.com/Parasimpaticki/sandcastle | S3 bucket enumeration | stars| contributorswatcherslast-commit open-issues closed-issues | | mass3 | https://github.com/smiegles/mass3 | enumerate through a pre-compiled list of AWS S3 buckets using DNS instead of HTTP with a list of DNS resolvers and multi-threading |stars| contributorswatcherslast-commit open-issues closed-issues | | s3enum | https://github.com/koenrh/s3enum | S3 bucket enumeration |stars| contributorswatcherslast-commit open-issues closed-issues | | tehs3bucketeers | https://github.com/tomdev/tehs3bucketeers | |stars| contributorswatcherslast-commit open-issues closed-issues | | bucket-stream | https://github.com/eth0izzle/bucket-stream | Find interesting Amazon S3 Buckets by watching certificate transparency logs |stars| contributorswatcherslast-commit open-issues closed-issues | | s3-buckets-finder | https://github.com/gwen001/s3-buckets-finder | brute force Amazon S3 bucket |stars| contributorswatcherslast-commit open-issues closed-issues | | s3find | https://github.com/aaparmeggiani/s3find | find S3 public buckets |stars| contributorswatcherslast-commit open-issues closed-issues | | slurp-robbie | https://github.com/random-robbie/slurp | Enumerate S3 buckets via certstream, domain, or keywords |stars| contributorswatcherslast-commit open-issues closed-issues | | s3-inspector | https://github.com/clario-tech/s3-inspector | check AWS S3 bucket permissions |stars| contributorswatcherslast-commit open-issues closed-issues | | s3-fuzzer | https://github.com/pbnj/s3-fuzzer | |stars| contributorswatcherslast-commit open-issues closed-issues | | AWSBucketDump | https://github.com/jordanpotti/AWSBucketDump | Look For Interesting Files in S3 Buckets |stars| contributorswatcherslast-commit open-issues closed-issues | | s3scan | https://github.com/bear/s3scan | scan s3 buckets for security issues |stars| contributorswatcherslast-commit open-issues closed-issues | | S3Scanner | https://github.com/sa7mon/S3Scanner | Scan for open AWS S3 buckets and dump the contents |stars| contributorswatcherslast-commit open-issues closed-issues | | s3finder | https://github.com/magisterquis/s3finder | open S3 bucket finder |stars| contributorswatcherslast-commit open-issues closed-issues | | S3Scan | https://github.com/abhn/S3Scan | spider a website and find publicly open S3 buckets |stars| contributorswatcherslast-commit open-issues closed-issues | | s3-meta | https://github.com/whitfin/s3-meta | Gather metadata about your S3 buckets |stars| contributorswatcherslast-commit open-issues closed-issues | | s3-utils | https://github.com/whitfin/s3-utils | Utilities and tools based around Amazon S3 to provide convenience APIs in a CLI |stars| contributorswatcherslast-commit open-issues closed-issues | | S3PublicBucketsCheck | https://github.com/vr00n/Amazon-Web-Shenanigans | A lambda function that checks your account for Public buckets and emails you whenever a new public s3 bucket is created |stars| contributorswatcherslast-commit open-issues closed-issues | | bucket_finder | https://github.com/FishermansEnemy/bucket_finder | Amazon bucket brute force tool |stars| contributorswatcherslast-commit open-issues closed-issues | | inSp3ctor | https://github.com/brianwarehime/inSp3ctor | AWS S3 Bucket/Object Finder |stars| contributorswatcherslast-commit open-issues closed-issues | | bucketcat | https://github.com/Atticuss/bucketcat | Brute-forces objects within a given bucket using Hashcat mask-like syntax |stars| contributorswatcherslast-commit open-issues closed-issues | | aws-s3-data-finder | https://github.com/Ucnt/aws-s3-data-finder | AWS S3 Sensitive Data Search |stars| contributorswatcherslast-commit open-issues closed-issues | | lazys3 | https://github.com/nahamsec/lazys3 | bruteforce AWS s3 buckets using different permutations |stars| contributorswatcherslast-commit open-issues closed-issues | | BucketScanner | https://github.com/securing/BucketScanner | Test objects' permissions in AWS buckets |stars| contributorswatcherslast-commit open-issues closed-issues | | aws-externder-cli | https://github.com/VirtueSecurity/aws-extender-cli | Test S3 buckets as well as Google Storage buckets and Azure Storage containers to find interesting files |stars| contributorswatcherslast-commit open-issues closed-issues | | festin | https://github.com/cr0hn/festin | S3 bucket weakness discovery | stars | contributors watchers last-commit open-issues closed-issues | | S3Insights | https://github.com/kurmiashish/S3Insights | a platform for efficiently deriving security insights about S3 data through metadata analysis | stars | contributors watchers last-commit open-issues closed-issues |

Training

| Name | URL | Description | Popularity | Metadata | | ---------- | :---------- | :---------- | :----------: | :----------: | | Flaws.cloud | http://flaws.cloud/ | flAWS challenge to learn through a series of levels about common mistakes and gotchas when using AWS | | | | | | | Flaws2.cloud | http://flaws2.cloud/ | flAWS 2 has two paths this time Attacker and Defender! In the Attacker path you'll exploit your way through misconfigurations in serverless (Lambda) and containers (ECS Fargate). In the Defender path that target is now viewed as the victim and you'll work as an incident responder for that same app understanding how an attack happened | | | | | | | CloudGoat | https://github.com/RhinoSecurityLabs/cloudgoat | Vulnerable by Design AWS infrastructure setup tool |stars| contributorswatcherslast-commit open-issues closed-issues | | dvca | https://github.com/m6a-UdS/dvca | Damn Vulnerable Cloud Application more info |stars| contributorswatcherslast-commit open-issues closed-issues | | AWSDetonationLab | https://github.com/sonofagl1tch/AWSDetonationLab | Scripts and templates to generate some basic detections of the AWS security services |stars| contributorswatcherslast-commit open-issues closed-issues | | OWASPServerlessGoat | https://github.com/OWASP/Serverless-Goat | OWASP ServerlessGoat is a deliberately insecure realistic AWS Lambda serverless application maintained by OWASP for educational purposes. Single click installation through the AWS Serverless Application Repository. |stars| contributorswatcherslast-commit open-issues closed-issues | | Sadcloud | https://github.com/nccgroup/sadcloud | A tool for spinning up insecure AWS infrastructure with Terraform. It supports approx. 84 misconfigurations across 22 AWS Services.|stars| contributorswatcherslast-commit open-issues closed-issues | | BigOrange Actions | https://bigorange.cloud/actions/ | Paste your IAM Policy and get a list of Actions it can effectively perform | | | | | | | IncidentResponseGenerator | https://github.com/disruptops/IncidentResponseGenerator | Incident response generator for training classes |stars| contributorswatcherslast-commit open-issues closed-issues | | Leonidas | https://github.com/fsecurelabs/leonidas | Automated Attack Simulation in the Cloud complete with detection use cases. | stars | contributors watchers last-commit open-issues closed-issues | | Breaking and Pwning Apps and Servers on AWS and Azure | https://github.com/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training | Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training! |stars| contributorswatcherslast-commit open-issues closed-issues | | terragoat | https://github.com/bridgecrewio/terragoat | "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments. | stars | contributors watchers last-commit open-issues closed-issues | | cfngoat | https://github.com/bridgecrewio/cfngoat | "Vulnerable by Design" cloudformation repository. CfnGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments. | stars | contributors watchers last-commit open-issues closed-issues | | CDKgoat | https://github.com/bridgecrewio/cdkgoat | "Vulnerable by Design" AWS CDK repository. CDKGoat is a learning and training project that demonstrates how common configuration errors can find their way into impartive IAC such as AWS CDK. | stars | contributors watchers last-commit open-issues closed-issues | | awsexposableresources | https://github.com/SummitRoute/awsexposableresources | Resource types that can be publicly exposed on AWS | stars | contributors watchers last-commit open-issues closed-issues |

Other interesting tools/code

Honey-token:

More Resources: * asecure.cloud https://github.com/asecure.cloud A repository of cutomizable AWS security configurations (Cloudformation and CLI templates) * s3-leaks https://github.com/nagwww/s3-leaks - a list of some biggest leaks recorded * Model Risk AWS https://magoo.github.io/model-risk-aws/ - POC about probabilistic risk model for AWS * asecure.cloud https://asecure.cloud/ - a great place for security resources regarding AWS Security. * hoenybuckets https://github.com/honey-buckets/ * thebuckhacker https://github.com/thebuckhacker * buckets.grayhatwarfare https://github.com/buckets.grayhatwarfare

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.