⛈️ Cloud Security
Helpful IAM References for AWS Encryption Management and Data Perimeters
GitHub Actions Pipeline Enumeration and Attack Tool
Independently deploy customized honeyservices in AWS to trigger alerts on unauthorized access. It utilizes a dedicated CloudTrail for precise detection and notification specifically for honeyservic…
☁️ ⚡ Granular, Actionable Adversary Emulation for the Cloud
Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.
Putting a leash on naughty AWS permissions
Cloud Offensive Breach and Risk Assessment (COBRA) Tool
A powerful scanner to scan your Filesystem, S3, MySQL, Redis, Google Cloud Storage and Firebase storage for PII and sensitive data.
Fully transparent SSH, HTTPS, MySQL and Postgres bastion/PAM that doesn't need additional client-side software
Halberd : Multi-Cloud Agentic Attack Tool
When Your Vision Reaches Beyond IAM Boundary Scope in AWS Cloud
yams is a Go library, server, and CLI providing foundational capabilities to simulate access for AWS IAM policies
A flexible framework for security teams to build and deploy AI-powered workflows that complement their existing security operations.
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the …
Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources
An open project to list all publicly known cloud vulnerabilities and CSP security issues
A list of hand-picked dangerous AWS IAM actions that will help us evaluate AWS-related security risks and conduct IAM security audits.
A tool to help pentesters quickly identify privileged principals and second-order privilege escalation opportunities in unfamiliar AWS accounts.
👋 Ever performed an action in the Microsoft admin portals like Entra or Intune and wished you knew how to script it? Graph X-Ray gives you 'X-ray vision'!
Kingfisher is a blazingly fast and highly accurate tool for secret detection and live validation across files, Git repos, GitHub, GitLab, Azure Repos, BitBucket, Gitea, AWS S3, Docker images, Jira,…
AI agent for autonomous cyber operations