├── .gitignore ├── ANFSamplesOverview.png ├── Abuse.ch ├── cfn-templates │ ├── ANFAbuseHostfile.yaml │ ├── AbuseCH.yaml │ └── AbuseCHJA3.yaml └── src │ ├── ANFAbuseHostfile.js │ ├── AbuseCH.js │ └── AbuseCHJA3.js ├── AllowListGenerator ├── README.md ├── cloudwatch-logs │ ├── README.md │ ├── cfn-template │ │ └── template.yaml │ ├── images │ │ ├── arch-diagram.png │ │ ├── cloudwatch-metrics-example.png │ │ ├── dynamodb-table-example.png │ │ └── nfw-rule-group-example.png │ └── src │ │ └── lambda.py └── s3-logs │ ├── README.md │ ├── cfn-templates │ ├── template-without-nfw-rule-group.yaml │ └── template.yaml │ ├── images │ ├── arch-diagram.png │ ├── dynamodb-table-example.png │ └── nfw-rule-group-example.png │ └── src │ └── s3lambda.py ├── Alphasoc ├── cfn-templates │ └── AlphasocEncryptedDNS.yaml └── src │ └── EncryptedDNS.js ├── CODE_OF_CONDUCT.md ├── CONTRIBUTING.md ├── EmergingThreats ├── cfn-templates │ ├── EmergingThreatsBotCC.yaml │ └── EmergingThreatsIPFiltering.yaml └── src │ ├── EmergingBotCC.js │ └── EmergingThreats.js ├── LICENSE ├── LinodeAddresses ├── cfn-templates │ └── LinodeAddresses.yaml └── src │ └── LinodeAddresses.js ├── NfwSlackIntegration ├── README.md ├── docs │ └── NfwAlerts_Slack_Integration.docx ├── src │ ├── base.yml │ ├── decentralized-deployment.yml │ ├── igw-ingress-route.yml │ ├── protected-subnet-route.yml │ ├── slack-lambda.py │ ├── slack-lambda.py.zip │ └── slackLambda.yml └── test │ └── TestSteps.txt ├── README.md ├── SFTP-FQDN ├── src │ └── SFTP-FQDN.js └── templates │ └── SFTP-FQDN.yaml ├── SpamHaus ├── cfn-templates │ ├── SpamHausDropIPFiltering.yaml │ └── SpamHausEDropIPFiltering-Deprecated.yaml └── src │ ├── SpamHausDropIPFiltering.py │ ├── SpamHauseDropIPFiltering-Deprecated.js │ └── SpamHauseEDropIPFiltering-Deprecated.js ├── TLSFingerprint ├── cnf-templates │ └── TLSFingerprint.yaml └── src │ ├── TLSFingerprint-Deprecated.js │ └── TLSFingerprint.py └── TorProject ├── cfn-templates └── TorProjectIPFiltering.yaml └── src ├── TorProjectIPFiltering-Deprecated.js └── TorProjectIPFiltering.py /.gitignore: -------------------------------------------------------------------------------- 1 | .DS_Store 2 | -------------------------------------------------------------------------------- /ANFSamplesOverview.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/ANFSamplesOverview.png -------------------------------------------------------------------------------- /Abuse.ch/cfn-templates/ANFAbuseHostfile.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/Abuse.ch/cfn-templates/ANFAbuseHostfile.yaml -------------------------------------------------------------------------------- /Abuse.ch/cfn-templates/AbuseCH.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/Abuse.ch/cfn-templates/AbuseCH.yaml -------------------------------------------------------------------------------- /Abuse.ch/cfn-templates/AbuseCHJA3.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/Abuse.ch/cfn-templates/AbuseCHJA3.yaml -------------------------------------------------------------------------------- /Abuse.ch/src/ANFAbuseHostfile.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/Abuse.ch/src/ANFAbuseHostfile.js -------------------------------------------------------------------------------- /Abuse.ch/src/AbuseCH.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/Abuse.ch/src/AbuseCH.js -------------------------------------------------------------------------------- /Abuse.ch/src/AbuseCHJA3.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/Abuse.ch/src/AbuseCHJA3.js -------------------------------------------------------------------------------- /AllowListGenerator/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/AllowListGenerator/README.md -------------------------------------------------------------------------------- /AllowListGenerator/cloudwatch-logs/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/AllowListGenerator/cloudwatch-logs/README.md -------------------------------------------------------------------------------- /AllowListGenerator/cloudwatch-logs/cfn-template/template.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/AllowListGenerator/cloudwatch-logs/cfn-template/template.yaml -------------------------------------------------------------------------------- /AllowListGenerator/cloudwatch-logs/images/arch-diagram.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/AllowListGenerator/cloudwatch-logs/images/arch-diagram.png -------------------------------------------------------------------------------- /AllowListGenerator/cloudwatch-logs/images/cloudwatch-metrics-example.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/AllowListGenerator/cloudwatch-logs/images/cloudwatch-metrics-example.png -------------------------------------------------------------------------------- /AllowListGenerator/cloudwatch-logs/images/dynamodb-table-example.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/AllowListGenerator/cloudwatch-logs/images/dynamodb-table-example.png -------------------------------------------------------------------------------- /AllowListGenerator/cloudwatch-logs/images/nfw-rule-group-example.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/AllowListGenerator/cloudwatch-logs/images/nfw-rule-group-example.png -------------------------------------------------------------------------------- /AllowListGenerator/cloudwatch-logs/src/lambda.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/AllowListGenerator/cloudwatch-logs/src/lambda.py -------------------------------------------------------------------------------- /AllowListGenerator/s3-logs/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/AllowListGenerator/s3-logs/README.md -------------------------------------------------------------------------------- /AllowListGenerator/s3-logs/cfn-templates/template-without-nfw-rule-group.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/AllowListGenerator/s3-logs/cfn-templates/template-without-nfw-rule-group.yaml -------------------------------------------------------------------------------- /AllowListGenerator/s3-logs/cfn-templates/template.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/AllowListGenerator/s3-logs/cfn-templates/template.yaml -------------------------------------------------------------------------------- /AllowListGenerator/s3-logs/images/arch-diagram.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/AllowListGenerator/s3-logs/images/arch-diagram.png -------------------------------------------------------------------------------- /AllowListGenerator/s3-logs/images/dynamodb-table-example.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/AllowListGenerator/s3-logs/images/dynamodb-table-example.png -------------------------------------------------------------------------------- /AllowListGenerator/s3-logs/images/nfw-rule-group-example.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/AllowListGenerator/s3-logs/images/nfw-rule-group-example.png -------------------------------------------------------------------------------- /AllowListGenerator/s3-logs/src/s3lambda.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/AllowListGenerator/s3-logs/src/s3lambda.py -------------------------------------------------------------------------------- /Alphasoc/cfn-templates/AlphasocEncryptedDNS.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/Alphasoc/cfn-templates/AlphasocEncryptedDNS.yaml -------------------------------------------------------------------------------- /Alphasoc/src/EncryptedDNS.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/Alphasoc/src/EncryptedDNS.js -------------------------------------------------------------------------------- /CODE_OF_CONDUCT.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/CODE_OF_CONDUCT.md -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/CONTRIBUTING.md -------------------------------------------------------------------------------- /EmergingThreats/cfn-templates/EmergingThreatsBotCC.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/EmergingThreats/cfn-templates/EmergingThreatsBotCC.yaml -------------------------------------------------------------------------------- /EmergingThreats/cfn-templates/EmergingThreatsIPFiltering.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/EmergingThreats/cfn-templates/EmergingThreatsIPFiltering.yaml -------------------------------------------------------------------------------- /EmergingThreats/src/EmergingBotCC.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/EmergingThreats/src/EmergingBotCC.js -------------------------------------------------------------------------------- /EmergingThreats/src/EmergingThreats.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/EmergingThreats/src/EmergingThreats.js -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/LICENSE -------------------------------------------------------------------------------- /LinodeAddresses/cfn-templates/LinodeAddresses.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/LinodeAddresses/cfn-templates/LinodeAddresses.yaml -------------------------------------------------------------------------------- /LinodeAddresses/src/LinodeAddresses.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/LinodeAddresses/src/LinodeAddresses.js -------------------------------------------------------------------------------- /NfwSlackIntegration/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/NfwSlackIntegration/README.md -------------------------------------------------------------------------------- /NfwSlackIntegration/docs/NfwAlerts_Slack_Integration.docx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/NfwSlackIntegration/docs/NfwAlerts_Slack_Integration.docx -------------------------------------------------------------------------------- /NfwSlackIntegration/src/base.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/NfwSlackIntegration/src/base.yml -------------------------------------------------------------------------------- /NfwSlackIntegration/src/decentralized-deployment.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/NfwSlackIntegration/src/decentralized-deployment.yml -------------------------------------------------------------------------------- /NfwSlackIntegration/src/igw-ingress-route.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/NfwSlackIntegration/src/igw-ingress-route.yml -------------------------------------------------------------------------------- /NfwSlackIntegration/src/protected-subnet-route.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/NfwSlackIntegration/src/protected-subnet-route.yml -------------------------------------------------------------------------------- /NfwSlackIntegration/src/slack-lambda.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/NfwSlackIntegration/src/slack-lambda.py -------------------------------------------------------------------------------- /NfwSlackIntegration/src/slack-lambda.py.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/NfwSlackIntegration/src/slack-lambda.py.zip -------------------------------------------------------------------------------- /NfwSlackIntegration/src/slackLambda.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/NfwSlackIntegration/src/slackLambda.yml -------------------------------------------------------------------------------- /NfwSlackIntegration/test/TestSteps.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/NfwSlackIntegration/test/TestSteps.txt -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/README.md -------------------------------------------------------------------------------- /SFTP-FQDN/src/SFTP-FQDN.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/SFTP-FQDN/src/SFTP-FQDN.js -------------------------------------------------------------------------------- /SFTP-FQDN/templates/SFTP-FQDN.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/SFTP-FQDN/templates/SFTP-FQDN.yaml -------------------------------------------------------------------------------- /SpamHaus/cfn-templates/SpamHausDropIPFiltering.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/SpamHaus/cfn-templates/SpamHausDropIPFiltering.yaml -------------------------------------------------------------------------------- /SpamHaus/cfn-templates/SpamHausEDropIPFiltering-Deprecated.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/SpamHaus/cfn-templates/SpamHausEDropIPFiltering-Deprecated.yaml -------------------------------------------------------------------------------- /SpamHaus/src/SpamHausDropIPFiltering.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/SpamHaus/src/SpamHausDropIPFiltering.py -------------------------------------------------------------------------------- /SpamHaus/src/SpamHauseDropIPFiltering-Deprecated.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/SpamHaus/src/SpamHauseDropIPFiltering-Deprecated.js -------------------------------------------------------------------------------- /SpamHaus/src/SpamHauseEDropIPFiltering-Deprecated.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/SpamHaus/src/SpamHauseEDropIPFiltering-Deprecated.js -------------------------------------------------------------------------------- /TLSFingerprint/cnf-templates/TLSFingerprint.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/TLSFingerprint/cnf-templates/TLSFingerprint.yaml -------------------------------------------------------------------------------- /TLSFingerprint/src/TLSFingerprint-Deprecated.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/TLSFingerprint/src/TLSFingerprint-Deprecated.js -------------------------------------------------------------------------------- /TLSFingerprint/src/TLSFingerprint.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/TLSFingerprint/src/TLSFingerprint.py -------------------------------------------------------------------------------- /TorProject/cfn-templates/TorProjectIPFiltering.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/TorProject/cfn-templates/TorProjectIPFiltering.yaml -------------------------------------------------------------------------------- /TorProject/src/TorProjectIPFiltering-Deprecated.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/TorProject/src/TorProjectIPFiltering-Deprecated.js -------------------------------------------------------------------------------- /TorProject/src/TorProjectIPFiltering.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-network-firewall-automation-examples/HEAD/TorProject/src/TorProjectIPFiltering.py --------------------------------------------------------------------------------