├── .github └── workflows │ └── fetch-build-deploy.yml ├── .gitignore ├── LICENSE ├── README.md ├── eslint.config.js ├── index.html ├── package-lock.json ├── package.json ├── postcss.config.cjs ├── src ├── App.css ├── App.tsx ├── assets │ └── react.svg ├── components │ ├── CategoryBadges.tsx │ ├── FilterBar.tsx │ ├── InactiveProjectsButton.tsx │ ├── MainLayout.tsx │ ├── SearchBar.tsx │ ├── SortControl.tsx │ ├── StatsModal.tsx │ ├── ToolCard.tsx │ └── ToolList.tsx ├── data │ └── tools.json ├── index.css ├── main.tsx └── vite-env.d.ts ├── tailwind.config.cjs ├── tsconfig.app.json ├── tsconfig.json ├── tsconfig.node.json ├── utils ├── cloudformation │ └── cf-template.yml └── fetchData │ ├── data.cjs │ └── fetchRepoData.cjs └── vite.config.ts /.github/workflows/fetch-build-deploy.yml: -------------------------------------------------------------------------------- 1 | name: Fetch, Build, and Deploy to S3 2 | 3 | on: 4 | workflow_dispatch: # Allow manual triggering 5 | schedule: 6 | - cron: "0 0 * * *" # Runs daily at midnight UTC 7 | 8 | jobs: 9 | fetch-and-deploy: 10 | runs-on: ubuntu-latest 11 | permissions: 12 | id-token: write 13 | contents: read 14 | 15 | steps: 16 | # Step 1: Checkout the repository 17 | - name: Checkout repository 18 | uses: actions/checkout@v4 19 | 20 | # Step 2: Setup Node.js 21 | - name: Setup Node.js 22 | uses: actions/setup-node@v4 23 | with: 24 | node-version: 20 25 | 26 | # Step 3: Install dependencies 27 | - name: Install dependencies 28 | run: npm install 29 | 30 | # Step 4: Run the fetchRepoData script 31 | - name: Fetch repository data 32 | run: node utils/fetchData/fetchRepoData.cjs 33 | env: 34 | GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} 35 | 36 | # Step 5: Build the project 37 | - name: Build the project 38 | run: npm run build 39 | 40 | # Step 6: Configure AWS Credentials 41 | - name: Configure AWS Credentials 42 | uses: aws-actions/configure-aws-credentials@v4 43 | with: 44 | role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_NUMBER }}:role/gh-action-fetch-build-deploy 45 | role-session-name: GitHub_to_AWS_via_FederatedOIDC 46 | aws-region: us-east-1 47 | 48 | # Step 7: Sync to S3 49 | - name: Sync to S3 50 | uses: nojanath/s3-sync-action@master 51 | with: 52 | args: --delete 53 | env: 54 | AWS_S3_BUCKET: ${{ secrets.S3_BUCKET_NAME }} 55 | AWS_REGION: us-east-1 56 | SOURCE_DIR: ./dist 57 | 58 | # Step 8: Invalidate CloudFront Cache 59 | - name: Invalidate CloudFront Cache 60 | run: | 61 | aws cloudfront create-invalidation \ 62 | --distribution-id ${{ secrets.CLOUDFRONT_DISTRIBUTION_ID }} \ 63 | --paths "/*" 64 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Logs 2 | logs 3 | *.log 4 | npm-debug.log* 5 | yarn-debug.log* 6 | yarn-error.log* 7 | pnpm-debug.log* 8 | lerna-debug.log* 9 | 10 | node_modules 11 | dist 12 | dist-ssr 13 | *.local 14 | 15 | # Editor directories and files 16 | .vscode/* 17 | !.vscode/extensions.json 18 | .idea 19 | .DS_Store 20 | *.suo 21 | *.ntvs* 22 | *.njsproj 23 | *.sln 24 | *.sw? 25 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2025 Jonathan Thompson 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # CloudSec Tools 2 | 3 | CloudSec Tools is a curated collection of open-source cloud security tools, helping security professionals, researchers, and engineers find the best resources for securing cloud environments. 4 | 5 | ## 🚀 Features 6 | - 🔍 **Curated List** – Hand-picked, high-quality cloud security tools. 7 | - ☁️ **Multi-Cloud Support** – Tools for AWS, Azure, GCP, and Kubernetes. 8 | - 📖 **Up-to-Date** – Regularly updated with new tools and insights. 9 | - 🎯 **Categories** – Organized for easy navigation: IAM, auditing, logging, networking, and more. 10 | 11 | ## 📖 Usage 12 | Visit **[CloudSecTools.com](https://cloudsectools.com)** to explore the tools. 13 | 14 | ## 📚 Contributing 15 | Contributions are welcome! To suggest a new tool: 16 | 1. Fork the repo 17 | 2. Add the tool to the utils/fetchData/data.cjs file. Keep it in alphabetical order, you monsters. 18 | 3. Submit a pull request 19 | 20 | ## 📜 License 21 | This project is licensed under the **MIT License**. 22 | 23 | ## 🤝 Connect 24 | Follow updates on [LinkedIn](https://linkedin.com/in/thompsoninfosec) or reach out via [GitHub Issues](https://github.com/nojanath/cloudsectools/issues). 25 | -------------------------------------------------------------------------------- /eslint.config.js: -------------------------------------------------------------------------------- 1 | import js from '@eslint/js' 2 | import globals from 'globals' 3 | import reactHooks from 'eslint-plugin-react-hooks' 4 | import reactRefresh from 'eslint-plugin-react-refresh' 5 | import tseslint from 'typescript-eslint' 6 | 7 | export default tseslint.config( 8 | { ignores: ['dist'] }, 9 | { 10 | extends: [js.configs.recommended, ...tseslint.configs.recommended], 11 | files: ['**/*.{ts,tsx}'], 12 | languageOptions: { 13 | ecmaVersion: 2020, 14 | globals: globals.browser, 15 | }, 16 | plugins: { 17 | 'react-hooks': reactHooks, 18 | 'react-refresh': reactRefresh, 19 | }, 20 | rules: { 21 | ...reactHooks.configs.recommended.rules, 22 | 'react-refresh/only-export-components': [ 23 | 'warn', 24 | { allowConstantExport: true }, 25 | ], 26 | }, 27 | }, 28 | ) 29 | -------------------------------------------------------------------------------- /index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | CloudSecTools - Open Source Cloud Security Tools 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 |
16 | 17 | 18 | 19 | -------------------------------------------------------------------------------- /package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "cloud-security-tools", 3 | "private": true, 4 | "version": "0.0.0", 5 | "type": "module", 6 | "scripts": { 7 | "dev": "vite", 8 | "build": "tsc -b && vite build", 9 | "lint": "eslint .", 10 | "preview": "vite preview" 11 | }, 12 | "dependencies": { 13 | "@fontsource/montserrat": "^5.1.0", 14 | "@headlessui/react": "^2.2.0", 15 | "@heroicons/react": "^2.1.5", 16 | "@tailwindcss/forms": "^0.5.9", 17 | "@tailwindcss/typography": "^0.5.15", 18 | "axios": "^1.7.7", 19 | "chart.js": "^4.4.6", 20 | "react": "^18.3.1", 21 | "react-chartjs-2": "^5.2.0", 22 | "react-dom": "^18.3.1", 23 | "react-icons": "^5.3.0", 24 | "react-modal": "^3.16.1", 25 | "react-tooltip": "^5.28.0" 26 | }, 27 | "devDependencies": { 28 | "@eslint/js": "^9.13.0", 29 | "@types/react": "^18.3.12", 30 | "@types/react-dom": "^18.3.1", 31 | "@types/react-modal": "^3.16.3", 32 | "@types/react-tooltip": "^3.11.0", 33 | "@vitejs/plugin-react": "^4.3.3", 34 | "autoprefixer": "^10.4.20", 35 | "eslint": "^9.13.0", 36 | "eslint-plugin-react-hooks": "^5.0.0", 37 | "eslint-plugin-react-refresh": "^0.4.14", 38 | "globals": "^15.11.0", 39 | "postcss": "^8.4.49", 40 | "tailwindcss": "^3.4.15", 41 | "typescript": "~5.6.2", 42 | "typescript-eslint": "^8.11.0", 43 | "vite": "^5.4.14" 44 | } 45 | } 46 | -------------------------------------------------------------------------------- /postcss.config.cjs: -------------------------------------------------------------------------------- 1 | module.exports = { 2 | plugins: { 3 | tailwindcss: {}, 4 | autoprefixer: {}, 5 | }, 6 | }; -------------------------------------------------------------------------------- /src/App.css: -------------------------------------------------------------------------------- 1 | #root { 2 | max-width: 1280px; 3 | margin: 0 auto; 4 | padding: 2rem; 5 | text-align: center; 6 | } 7 | 8 | .logo { 9 | height: 6em; 10 | padding: 1.5em; 11 | will-change: filter; 12 | transition: filter 300ms; 13 | } 14 | .logo:hover { 15 | filter: drop-shadow(0 0 2em #646cffaa); 16 | } 17 | .logo.react:hover { 18 | filter: drop-shadow(0 0 2em #61dafbaa); 19 | } 20 | 21 | @keyframes logo-spin { 22 | from { 23 | transform: rotate(0deg); 24 | } 25 | to { 26 | transform: rotate(360deg); 27 | } 28 | } 29 | 30 | @media (prefers-reduced-motion: no-preference) { 31 | a:nth-of-type(2) .logo { 32 | animation: logo-spin infinite 20s linear; 33 | } 34 | } 35 | 36 | .card { 37 | padding: 2em; 38 | } 39 | 40 | .read-the-docs { 41 | color: #888; 42 | } 43 | -------------------------------------------------------------------------------- /src/App.tsx: -------------------------------------------------------------------------------- 1 | import { useEffect, useState } from "react"; 2 | import ToolList from "./components/ToolList"; 3 | import FilterBar from "./components/FilterBar"; 4 | import SortControl from "./components/SortControl"; 5 | import InactiveProjectsButton from "./components/InactiveProjectsButton"; 6 | import StatsModal from "./components/StatsModal"; 7 | import toolsData from "./data/tools.json"; 8 | 9 | export type Tool = { 10 | name: string; 11 | repo: string; 12 | stars: number; 13 | last_commit: string; 14 | language: string; 15 | install_options: string[]; 16 | description: string; 17 | tags: string[]; 18 | categories: string[]; 19 | }; 20 | 21 | export default function App() { 22 | const [searchQuery, setSearchQuery] = useState(""); 23 | const [filterLanguage, setFilterLanguage] = useState(""); 24 | const [sortKey, setSortKey] = useState<"" | keyof Tool>(""); 25 | const [showOldTools, setShowOldTools] = useState(false); 26 | const [isModalOpen, setIsModalOpen] = useState(false); 27 | 28 | useEffect(() => { 29 | document.title = "Open Source CloudSec Tools"; 30 | }, []); 31 | 32 | const threeYearsAgo = new Date(); 33 | threeYearsAgo.setFullYear(threeYearsAgo.getFullYear() - 3); 34 | 35 | const filteredTools = toolsData 36 | .filter((tool) => { 37 | // Filter for search query 38 | if (searchQuery) { 39 | return ( 40 | tool.name.toLowerCase().includes(searchQuery.toLowerCase()) || 41 | tool.description.toLowerCase().includes(searchQuery.toLowerCase()) || 42 | tool.tags.some((tag) => 43 | tag.toLowerCase().includes(searchQuery.toLowerCase()) 44 | ) 45 | ); 46 | } 47 | return true; 48 | }) 49 | .filter((tool) => { 50 | // Filter for language 51 | if (filterLanguage) { 52 | return tool.language === filterLanguage; 53 | } 54 | return true; 55 | }) 56 | .filter((tool) => { 57 | // Filter for last updated more than 3 years ago 58 | if (!showOldTools) { 59 | return new Date(tool.last_commit) >= threeYearsAgo; 60 | } 61 | return true; 62 | }) 63 | .sort((a, b) => { 64 | if (sortKey === "stars") { 65 | return b.stars - a.stars; 66 | } 67 | if (sortKey === "last_commit") { 68 | return ( 69 | new Date(b.last_commit).getTime() - new Date(a.last_commit).getTime() 70 | ); 71 | } 72 | return 0; 73 | }); 74 | 75 | return ( 76 |
77 |
78 |
79 |

CloudSec Tools

80 | 86 | 92 | 97 | 98 | 99 |
100 | setSearchQuery(e.target.value)} 105 | className="w-3/4 mx-auto mb-4 px-4 py-2 border border-gray-300 rounded-md shadow-sm focus:outline-none focus:ring-2 focus:ring-blue-400" 106 | /> 107 | 108 |
109 | 110 | tool.language).filter(Boolean)) 115 | )} 116 | /> 117 | {/* Stats Link */} 118 | 124 |
125 | 129 |
130 |
131 | 132 |
133 | {filteredTools.length > 0 ? ( 134 | 135 | ) : ( 136 |
137 |

138 | No results found. Try adjusting your search. 139 |

140 |
141 | )} 142 |
143 |
144 | 145 | {/* Modal Component */} 146 | setIsModalOpen(false)} 149 | tools={toolsData} 150 | /> 151 |
152 | ); 153 | } 154 | -------------------------------------------------------------------------------- /src/assets/react.svg: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /src/components/CategoryBadges.tsx: -------------------------------------------------------------------------------- 1 | import React from "react"; 2 | 3 | type CategoryBadgesProps = { 4 | tools: { categories: string[] }[]; 5 | selectedCategory: string | null; 6 | setSelectedCategory: (category: string | null) => void; 7 | }; 8 | 9 | const CategoryBadges: React.FC = ({ 10 | tools, 11 | selectedCategory, 12 | setSelectedCategory, 13 | }) => { 14 | const allCategories = Array.from( 15 | new Set(tools.flatMap((tool) => tool.categories)) 16 | ).sort(); 17 | 18 | return ( 19 |
20 | {/* Scrollable container */} 21 |
25 | {allCategories.map((category) => ( 26 | 39 | ))} 40 |
41 |
42 | ); 43 | }; 44 | 45 | export default CategoryBadges; -------------------------------------------------------------------------------- /src/components/FilterBar.tsx: -------------------------------------------------------------------------------- 1 | type FilterBarProps = { 2 | filterLanguage: string; 3 | setFilterLanguage: (language: string) => void; 4 | availableLanguages: string[]; 5 | }; 6 | 7 | export default function FilterBar({ 8 | filterLanguage, 9 | setFilterLanguage, 10 | availableLanguages, 11 | }: FilterBarProps) { 12 | const sortedLanguages = [...availableLanguages].sort((a, b) => a.localeCompare(b)); 13 | 14 | return ( 15 |
16 | 19 | 32 |
33 | ); 34 | } -------------------------------------------------------------------------------- /src/components/InactiveProjectsButton.tsx: -------------------------------------------------------------------------------- 1 | import { Tooltip } from "react-tooltip"; 2 | 3 | type InactiveProjectsButtonProps = { 4 | showOldTools: boolean; 5 | setShowOldTools: React.Dispatch>; 6 | }; 7 | 8 | export default function InactiveProjectsButton({ 9 | showOldTools, 10 | setShowOldTools, 11 | }: InactiveProjectsButtonProps) { 12 | const tooltipText = showOldTools 13 | ? "Hide projects older than 3 years old." 14 | : "Show projects older than 3 years old."; 15 | 16 | return ( 17 |
18 | 25 | 26 |
27 | ); 28 | } -------------------------------------------------------------------------------- /src/components/MainLayout.tsx: -------------------------------------------------------------------------------- 1 | export default function MainLayout({ children }: { children: React.ReactNode }) { 2 | return ( 3 |
4 |
5 |

Cloud Security Tools

6 |
7 |
{children}
8 |
9 | ); 10 | } 11 | -------------------------------------------------------------------------------- /src/components/SearchBar.tsx: -------------------------------------------------------------------------------- 1 | export default function SearchBar({ 2 | searchQuery, 3 | setSearchQuery, 4 | }: { 5 | searchQuery: string; 6 | setSearchQuery: (query: string) => void; 7 | }) { 8 | return ( 9 | setSearchQuery(e.target.value)} 14 | className="w-full borde border-gray-300 rounded-md p-2 bg-white text-black mt-4" 15 | /> 16 | ); 17 | } -------------------------------------------------------------------------------- /src/components/SortControl.tsx: -------------------------------------------------------------------------------- 1 | import { Tool } from "../App"; 2 | 3 | type SortControlProps = { 4 | sortKey: keyof Tool | ""; 5 | setSortKey: (key: keyof Tool | "") => void; 6 | }; 7 | 8 | export default function SortControl({ sortKey, setSortKey }: SortControlProps) { 9 | return ( 10 |
11 | 14 |
15 | 33 |
34 |
35 | ); 36 | } -------------------------------------------------------------------------------- /src/components/StatsModal.tsx: -------------------------------------------------------------------------------- 1 | import { Pie } from "react-chartjs-2"; 2 | import { Chart as ChartJS, ArcElement, Tooltip, Legend } from "chart.js"; 3 | import { Tool } from "../App"; 4 | import { AiOutlineClose } from "react-icons/ai"; 5 | 6 | // Register required elements for Chart.js 7 | ChartJS.register(ArcElement, Tooltip, Legend); 8 | 9 | type StatsModalProps = { 10 | isOpen: boolean; 11 | onRequestClose: () => void; 12 | tools: Tool[]; 13 | }; 14 | 15 | const LANGUAGE_COLORS: Record = { 16 | JavaScript: "#F7DF1E", 17 | Python: "#3776AB", 18 | Go: "#00ADD8", 19 | "C++": "#00599C", 20 | Rust: "#DEA584", 21 | Java: "#F89820", 22 | TypeScript: "#3178C6", 23 | PHP: "#8892BF", 24 | HTML: "#E34F26", 25 | CSS: "#264DE4", 26 | Shell: "#89E051", 27 | Ruby: "#701516", 28 | Unknown: "#BDC3C7", 29 | }; 30 | 31 | const StatsModal = ({ isOpen, onRequestClose, tools }: StatsModalProps) => { 32 | if (!isOpen) return null; 33 | 34 | const languageCounts = tools.reduce((acc: Record, tool) => { 35 | if (tool.language) { 36 | acc[tool.language] = (acc[tool.language] || 0) + 1; 37 | } else { 38 | acc["Unknown"] = (acc["Unknown"] || 0) + 1; 39 | } 40 | return acc; 41 | }, {}); 42 | 43 | const sortedLanguages = Object.entries(languageCounts) 44 | .sort(([, a], [, b]) => b - a) 45 | .slice(0, 10); 46 | 47 | const othersCount = Object.entries(languageCounts) 48 | .sort(([, a], [, b]) => b - a) 49 | .slice(10) 50 | .reduce((acc, [, count]) => acc + count, 0); 51 | 52 | const languageLabels = [...sortedLanguages.map(([lang]) => lang), "Others"]; 53 | const languageData = [ 54 | ...sortedLanguages.map(([, count]) => count), 55 | othersCount, 56 | ]; 57 | 58 | const languageBackgroundColor = languageLabels.map( 59 | (lang, index) => LANGUAGE_COLORS[lang] || `hsl(${index * 36}, 70%, 50%)` 60 | ); 61 | 62 | const languageChartData = { 63 | labels: languageLabels.map( 64 | (lang, index) => 65 | `${lang} - ${ 66 | index === languageLabels.length - 1 67 | ? othersCount 68 | : sortedLanguages[index][1] 69 | }` 70 | ), 71 | datasets: [ 72 | { 73 | data: languageData, 74 | backgroundColor: languageBackgroundColor, 75 | hoverBackgroundColor: languageBackgroundColor, 76 | }, 77 | ], 78 | }; 79 | 80 | const totalTools = tools.length; 81 | 82 | return ( 83 |
87 |
e.stopPropagation()} 90 | > 91 | 98 |

Tool Statistics

99 | 100 |
101 |

Total Tool Count: {totalTools}

102 |
103 | 104 |
105 |

Languages

106 |
107 | 108 |
109 |
110 | 111 |
112 |
113 | ); 114 | }; 115 | 116 | export default StatsModal; -------------------------------------------------------------------------------- /src/components/ToolCard.tsx: -------------------------------------------------------------------------------- 1 | import { Tool } from "../App"; 2 | import { 3 | SiCplusplus, 4 | SiCsharp, 5 | SiCss3, 6 | SiGo, 7 | SiHtml5, 8 | SiJavascript, 9 | SiPhp, 10 | SiPowershell, 11 | SiPython, 12 | SiRuby, 13 | SiRust, 14 | SiShell, 15 | SiTerraform, 16 | SiTypescript, 17 | } from "react-icons/si"; 18 | import { FaCoffee, FaStar } from "react-icons/fa"; 19 | import { Tooltip } from "react-tooltip"; 20 | 21 | type ToolCardProps = { 22 | tool: Tool; 23 | }; 24 | 25 | const languageIcons: { [key: string]: JSX.Element } = { 26 | "C#": , 27 | "C++": , 28 | CSS: , 29 | Go: , 30 | HCL: , 31 | HTML: , 32 | Java: , 33 | JavaScript: , 34 | PHP: , 35 | PowerShell: , 36 | Python: , 37 | Ruby: , 38 | Rust: , 39 | Shell: , 40 | TypeScript: , 41 | }; 42 | 43 | // Helper function to calculate the text and color class for the update badge 44 | function getUpdateBadge(date: string): { text: string; color: string } { 45 | const today = new Date(); 46 | const updatedDate = new Date(date); 47 | const differenceInDays = Math.floor( 48 | (today.getTime() - updatedDate.getTime()) / (1000 * 60 * 60 * 24) 49 | ); 50 | 51 | if (differenceInDays <= 7) 52 | return { text: "Updated this week", color: "bg-green-500 text-white" }; 53 | if (differenceInDays <= 30) 54 | return { text: "Updated last month", color: "bg-green-300 text-gray-800" }; 55 | if (differenceInDays <= 365) 56 | return { text: "Updated this year", color: "bg-yellow-300 text-gray-800" }; 57 | if (differenceInDays <= 730) 58 | return { text: "Updated last year", color: "bg-yellow-500 text-gray-800" }; 59 | if (differenceInDays <= 1095) 60 | return { 61 | text: "Updated 2 years ago", 62 | color: "bg-orange-500 text-gray-800", 63 | }; 64 | if (differenceInDays <= 1460) 65 | return { text: "Updated 3 years ago", color: "bg-red-400 text-white" }; 66 | if (differenceInDays <= 1825) 67 | return { text: "Updated 4 years ago", color: "bg-red-500 text-white" }; 68 | return { text: "Updated 5+ years ago", color: "bg-red-600 text-white" }; 69 | } 70 | 71 | // Helper function to format the date 72 | function formatDate(dateString: string): string { 73 | const date = new Date(dateString); 74 | return date.toISOString().replace("T", " ").slice(0, 19) + " UTC"; 75 | } 76 | 77 | export default function ToolCard({ tool }: ToolCardProps) { 78 | const { text: badgeText, color: badgeColor } = getUpdateBadge( 79 | tool.last_commit 80 | ); 81 | 82 | return ( 83 | 89 |

{tool.name}

90 |
91 |
92 | 93 | {tool.stars} 94 |
95 |
96 | {tool.language} 97 | {languageIcons[tool.language] && ( 98 | {languageIcons[tool.language]} 99 | )} 100 |
101 |
102 | {/* Badge for last updated with ReactTooltip */} 103 |
104 | 109 | {badgeText} 110 | 111 | 112 |
113 |

{tool.description}

114 |
115 | {/* Tags Section */} 116 |
117 | {tool.tags.map((tag) => ( 118 | 122 | {tag} 123 | 124 | ))} 125 |
126 | 127 | ); 128 | } 129 | -------------------------------------------------------------------------------- /src/components/ToolList.tsx: -------------------------------------------------------------------------------- 1 | import { Tool } from "../App"; 2 | import ToolCard from "./ToolCard"; 3 | 4 | type ToolListProps = { 5 | tools: Tool[]; 6 | }; 7 | 8 | export default function ToolList({ tools }: ToolListProps) { 9 | return ( 10 |
11 | {tools.length > 0 ? ( 12 | tools.map((tool) => ( 13 | 14 | )) 15 | ) : ( 16 |
17 |

No results found. Try adjusting your search.

18 |
19 | )} 20 |
21 | ); 22 | } -------------------------------------------------------------------------------- /src/data/tools.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "0xsha/CloudBrute", 4 | "repo": "https://github.com/0xsha/CloudBrute", 5 | "stars": 957, 6 | "last_commit": "2024-08-07T17:21:11Z", 7 | "language": "Go", 8 | "description": "Awesome cloud enumerator ", 9 | "tags": [ 10 | "bugbounty", 11 | "cloud", 12 | "cloud-security", 13 | "s3-bucket", 14 | "amazon", 15 | "vultr", 16 | "google", 17 | "linode", 18 | "cloud-storage", 19 | "pentesting", 20 | "pentest-tool", 21 | "hacking", 22 | "redteam", 23 | "infosec", 24 | "digitalocean" 25 | ], 26 | "categories": [ 27 | "Uncategorized" 28 | ], 29 | "install_options": [] 30 | }, 31 | { 32 | "name": "99designs/aws-vault", 33 | "repo": "https://github.com/99designs/aws-vault", 34 | "stars": 8623, 35 | "last_commit": "2024-05-07T01:00:25Z", 36 | "language": "Go", 37 | "description": "A vault for securely storing and accessing AWS credentials in development environments", 38 | "tags": [ 39 | "aws", 40 | "iam", 41 | "temporary-credentials", 42 | "keychain", 43 | "credentials", 44 | "cli", 45 | "mfa", 46 | "aws-vault" 47 | ], 48 | "categories": [ 49 | "S3 Auditing", 50 | "IAM Tools", 51 | "Secrets Management" 52 | ], 53 | "install_options": [] 54 | }, 55 | { 56 | "name": "aaparmeggiani/s3find", 57 | "repo": "https://github.com/aaparmeggiani/s3find", 58 | "stars": 11, 59 | "last_commit": "2017-03-15T22:13:40Z", 60 | "language": "Ruby", 61 | "description": "A 'find' for S3 public buckets", 62 | "tags": [ 63 | "s3", 64 | "s3-bucket", 65 | "public-data" 66 | ], 67 | "categories": [ 68 | "S3 Auditing" 69 | ], 70 | "install_options": [] 71 | }, 72 | { 73 | "name": "abhn/S3Scan", 74 | "repo": "https://github.com/abhn/S3Scan", 75 | "stars": 23, 76 | "last_commit": "2017-06-20T16:32:31Z", 77 | "language": "Python", 78 | "description": "Script to spider a website and find publicly open S3 buckets", 79 | "tags": [ 80 | "aws-s3", 81 | "s3-bucket", 82 | "penetration-testing", 83 | "infosec", 84 | "python" 85 | ], 86 | "categories": [ 87 | "S3 Auditing" 88 | ], 89 | "install_options": [] 90 | }, 91 | { 92 | "name": "adanalvarez/HoneyTrail", 93 | "repo": "https://github.com/adanalvarez/HoneyTrail", 94 | "stars": 48, 95 | "last_commit": "2024-11-16T16:05:55Z", 96 | "language": "Python", 97 | "description": "Independently deploy customized honeyservices in AWS to trigger alerts on unauthorized access. It utilizes a dedicated CloudTrail for precise detection and notification specifically for honeyservices activity. ", 98 | "tags": [ 99 | "aws", 100 | "aws-security", 101 | "cloud-security", 102 | "security", 103 | "honeypot", 104 | "deception" 105 | ], 106 | "categories": [ 107 | "S3 Auditing", 108 | "Compliance", 109 | "IAM Tools", 110 | "Cloud Monitoring", 111 | "Threat Detection", 112 | "Data Security", 113 | "Serverless Security" 114 | ], 115 | "install_options": [] 116 | }, 117 | { 118 | "name": "adanalvarez/TrailDiscover", 119 | "repo": "https://github.com/adanalvarez/TrailDiscover", 120 | "stars": 140, 121 | "last_commit": "2025-02-15T15:57:31Z", 122 | "language": "Python", 123 | "description": "An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and security implications", 124 | "tags": [ 125 | "aws", 126 | "aws-security", 127 | "cloud-security", 128 | "mitre-attack", 129 | "security" 130 | ], 131 | "categories": [ 132 | "Incident Response", 133 | "Compliance", 134 | "Data Security" 135 | ], 136 | "install_options": [] 137 | }, 138 | { 139 | "name": "airbnb/streamalert", 140 | "repo": "https://github.com/airbnb/streamalert", 141 | "stars": 2860, 142 | "last_commit": "2022-07-20T20:54:36Z", 143 | "language": "Python", 144 | "description": "StreamAlert is a serverless, realtime data analysis framework which empowers you to ingest, analyze, and alert on data from any environment, using datasources and alerting logic you define.", 145 | "tags": [ 146 | "security", 147 | "kinesis", 148 | "serverless", 149 | "terraform", 150 | "lambda", 151 | "aws", 152 | "rules", 153 | "analysis" 154 | ], 155 | "categories": [ 156 | "Incident Response", 157 | "Compliance", 158 | "Static Analysis", 159 | "Cloud Infrastructure", 160 | "Data Security", 161 | "Serverless Security", 162 | "Policy Management" 163 | ], 164 | "install_options": [] 165 | }, 166 | { 167 | "name": "aletheia/iam-policy-generator", 168 | "repo": "https://github.com/aletheia/iam-policy-generator", 169 | "stars": 151, 170 | "last_commit": "2023-05-20T13:26:22Z", 171 | "language": "TypeScript", 172 | "description": "A simple library to generate IAM policy statements with no need to remember all the actions APIs", 173 | "tags": [], 174 | "categories": [ 175 | "Compliance", 176 | "IAM Tools", 177 | "Policy Management", 178 | "API Security" 179 | ], 180 | "install_options": [] 181 | }, 182 | { 183 | "name": "anaynayak/aws-security-viz", 184 | "repo": "https://github.com/anaynayak/aws-security-viz", 185 | "stars": 707, 186 | "last_commit": "2024-12-30T11:21:10Z", 187 | "language": "Ruby", 188 | "description": "Visualize your aws security groups.", 189 | "tags": [ 190 | "graphviz", 191 | "ec2", 192 | "ruby", 193 | "aws-cli", 194 | "visualization", 195 | "security", 196 | "aws", 197 | "json", 198 | "graph", 199 | "viz", 200 | "security-groups" 201 | ], 202 | "categories": [ 203 | "Compliance", 204 | "IAM Tools", 205 | "Data Security", 206 | "Policy Management" 207 | ], 208 | "install_options": [] 209 | }, 210 | { 211 | "name": "andresriancho/enumerate-iam", 212 | "repo": "https://github.com/andresriancho/enumerate-iam", 213 | "stars": 1130, 214 | "last_commit": "2019-11-27T13:24:30Z", 215 | "language": "Python", 216 | "description": "Enumerate the permissions associated with AWS credential set", 217 | "tags": [], 218 | "categories": [ 219 | "S3 Auditing", 220 | "IAM Tools", 221 | "Secrets Management", 222 | "Policy Management" 223 | ], 224 | "install_options": [] 225 | }, 226 | { 227 | "name": "andresriancho/nimbostratus", 228 | "repo": "https://github.com/andresriancho/nimbostratus", 229 | "stars": 456, 230 | "last_commit": "2014-02-04T21:27:55Z", 231 | "language": "Python", 232 | "description": "Tools for fingerprinting and exploiting Amazon cloud infrastructures", 233 | "tags": [], 234 | "categories": [ 235 | "Cloud Infrastructure" 236 | ], 237 | "install_options": [] 238 | }, 239 | { 240 | "name": "anirudhbiyani/findmytakeover", 241 | "repo": "https://github.com/anirudhbiyani/findmytakeover", 242 | "stars": 141, 243 | "last_commit": "2025-02-13T20:16:56Z", 244 | "language": "Python", 245 | "description": "find dangling domains in a multi cloud environment", 246 | "tags": [ 247 | "aws", 248 | "azure", 249 | "cloud", 250 | "dns", 251 | "gcp", 252 | "security", 253 | "security-tools", 254 | "subdomain", 255 | "subdomain-takeover" 256 | ], 257 | "categories": [ 258 | "Compliance", 259 | "Data Security" 260 | ], 261 | "install_options": [] 262 | }, 263 | { 264 | "name": "Aqua-Nautilus/TrailShark", 265 | "repo": "https://github.com/Aqua-Nautilus/TrailShark", 266 | "stars": 47, 267 | "last_commit": "2024-10-27T14:47:29Z", 268 | "language": "Lua", 269 | "description": "", 270 | "tags": [], 271 | "categories": [ 272 | "Uncategorized" 273 | ], 274 | "install_options": [] 275 | }, 276 | { 277 | "name": "aquasecurity/trivy", 278 | "repo": "https://github.com/aquasecurity/trivy", 279 | "stars": 24744, 280 | "last_commit": "2025-02-19T09:31:44Z", 281 | "language": "Go", 282 | "description": "Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more", 283 | "tags": [ 284 | "security", 285 | "security-tools", 286 | "docker", 287 | "containers", 288 | "vulnerability-scanners", 289 | "vulnerability-detection", 290 | "vulnerability", 291 | "golang", 292 | "go", 293 | "kubernetes", 294 | "hacktoberfest", 295 | "devsecops", 296 | "misconfiguration", 297 | "infrastructure-as-code", 298 | "iac" 299 | ], 300 | "categories": [ 301 | "Compliance", 302 | "Static Analysis", 303 | "Secrets Management", 304 | "Cloud Infrastructure", 305 | "Data Security", 306 | "Penetration Testing", 307 | "Container Security", 308 | "Policy Management" 309 | ], 310 | "install_options": [] 311 | }, 312 | { 313 | "name": "aquia-inc/scpkit", 314 | "repo": "https://github.com/aquia-inc/scpkit", 315 | "stars": 130, 316 | "last_commit": "2023-10-23T19:15:11Z", 317 | "language": "Python", 318 | "description": "SCP management tool", 319 | "tags": [], 320 | "categories": [ 321 | "Uncategorized" 322 | ], 323 | "install_options": [] 324 | }, 325 | { 326 | "name": "arkadiyt/aws_public_ips", 327 | "repo": "https://github.com/arkadiyt/aws_public_ips", 328 | "stars": 638, 329 | "last_commit": "2019-11-07T20:02:42Z", 330 | "language": "Ruby", 331 | "description": "Fetch all public IP addresses tied to your AWS account. Works with IPv4/IPv6, Classic/VPC networking, and across all AWS services", 332 | "tags": [], 333 | "categories": [ 334 | "Uncategorized" 335 | ], 336 | "install_options": [] 337 | }, 338 | { 339 | "name": "Atticuss/bucketcat", 340 | "repo": "https://github.com/Atticuss/bucketcat", 341 | "stars": 8, 342 | "last_commit": "2018-09-07T13:22:47Z", 343 | "language": "Python", 344 | "description": "Brute-forces objects within a given bucket using Hashcat mask-like syntax", 345 | "tags": [], 346 | "categories": [ 347 | "S3 Auditing" 348 | ], 349 | "install_options": [] 350 | }, 351 | { 352 | "name": "aws-cloudformation/cloudformation-guard", 353 | "repo": "https://github.com/aws-cloudformation/cloudformation-guard", 354 | "stars": 1320, 355 | "last_commit": "2025-02-19T16:09:52Z", 356 | "language": "Rust", 357 | "description": "Guard offers a policy-as-code domain-specific language (DSL) to write rules and validate JSON- and YAML-formatted data such as CloudFormation Templates, K8s configurations, and Terraform JSON plans/configurations against those rules. Take this survey to provide feedback about cfn-guard: https://amazonmr.au1.qualtrics.com/jfe/form/SV_bpyzpfoYGGuuUl0", 358 | "tags": [ 359 | "policy-as-code", 360 | "cloudformation", 361 | "terraform", 362 | "k8s", 363 | "policy-rule-evaluation", 364 | "governance", 365 | "security", 366 | "compliance", 367 | "cfn-guard" 368 | ], 369 | "categories": [ 370 | "Compliance", 371 | "IAM Tools", 372 | "Static Analysis", 373 | "Cloud Infrastructure", 374 | "Data Security", 375 | "Policy Management" 376 | ], 377 | "install_options": [] 378 | }, 379 | { 380 | "name": "awslabs/automated-security-helper", 381 | "repo": "https://github.com/awslabs/automated-security-helper", 382 | "stars": 400, 383 | "last_commit": "2025-01-08T20:07:29Z", 384 | "language": "Shell", 385 | "description": "", 386 | "tags": [], 387 | "categories": [ 388 | "Uncategorized" 389 | ], 390 | "install_options": [] 391 | }, 392 | { 393 | "name": "aws/aws-imds-packet-analyzer", 394 | "repo": "https://github.com/aws/aws-imds-packet-analyzer", 395 | "stars": 125, 396 | "last_commit": "2024-12-09T16:20:35Z", 397 | "language": "Python", 398 | "description": "", 399 | "tags": [], 400 | "categories": [ 401 | "Uncategorized" 402 | ], 403 | "install_options": [] 404 | }, 405 | { 406 | "name": "aws/aws-secretsmanager-agent", 407 | "repo": "https://github.com/aws/aws-secretsmanager-agent", 408 | "stars": 620, 409 | "last_commit": "2025-02-10T21:41:36Z", 410 | "language": "Rust", 411 | "description": "The AWS Secrets Manager Agent is a local HTTP service that you can install and use in your compute environments to read secrets from Secrets Manager and cache them in memory.", 412 | "tags": [ 413 | "agent", 414 | "aws", 415 | "aws-secrets-manager", 416 | "secretsmanager", 417 | "caching" 418 | ], 419 | "categories": [ 420 | "Secrets Management" 421 | ], 422 | "install_options": [] 423 | }, 424 | { 425 | "name": "awslabs/amazon-guardduty-tester", 426 | "repo": "https://github.com/awslabs/amazon-guardduty-tester", 427 | "stars": 379, 428 | "last_commit": "2024-12-02T21:31:47Z", 429 | "language": "TypeScript", 430 | "description": "This repository can be used to generate and evaluate findings detected by Amazon GuardDuty", 431 | "tags": [], 432 | "categories": [ 433 | "Uncategorized" 434 | ], 435 | "install_options": [] 436 | }, 437 | { 438 | "name": "awslabs/coldsnap", 439 | "repo": "https://github.com/awslabs/coldsnap", 440 | "stars": 216, 441 | "last_commit": "2024-12-31T19:54:50Z", 442 | "language": "Rust", 443 | "description": "A command line interface for Amazon EBS snapshots", 444 | "tags": [ 445 | "aws", 446 | "amazon", 447 | "ebs", 448 | "snapshots" 449 | ], 450 | "categories": [ 451 | "Uncategorized" 452 | ], 453 | "install_options": [] 454 | }, 455 | { 456 | "name": "awslabs/sustainability-scanner", 457 | "repo": "https://github.com/awslabs/sustainability-scanner", 458 | "stars": 113, 459 | "last_commit": "2024-08-29T08:47:58Z", 460 | "language": "Python", 461 | "description": "", 462 | "tags": [], 463 | "categories": [ 464 | "Uncategorized" 465 | ], 466 | "install_options": [] 467 | }, 468 | { 469 | "name": "awslabs/threat-composer", 470 | "repo": "https://github.com/awslabs/threat-composer", 471 | "stars": 514, 472 | "last_commit": "2025-02-09T21:49:13Z", 473 | "language": "TypeScript", 474 | "description": "A simple threat modeling tool to help humans to reduce time-to-value when threat modeling", 475 | "tags": [ 476 | "threat-modeling", 477 | "threatmodeling", 478 | "threatmodelling", 479 | "threat-modeling-tool", 480 | "threat-modelling-tool", 481 | "vscode-extension" 482 | ], 483 | "categories": [ 484 | "Incident Response", 485 | "Threat Detection" 486 | ], 487 | "install_options": [] 488 | }, 489 | { 490 | "name": "Azure/dalec", 491 | "repo": "https://github.com/Azure/dalec", 492 | "stars": 144, 493 | "last_commit": "2025-02-18T21:24:41Z", 494 | "language": "Go", 495 | "description": "📦 Produce secure packages and containers with declarative configurations", 496 | "tags": [ 497 | "azure", 498 | "containers", 499 | "declarative", 500 | "linux", 501 | "packages", 502 | "security", 503 | "security-tools", 504 | "azure-linux" 505 | ], 506 | "categories": [ 507 | "Compliance", 508 | "Static Analysis", 509 | "Data Security", 510 | "Container Security", 511 | "Policy Management" 512 | ], 513 | "install_options": [] 514 | }, 515 | { 516 | "name": "Azure/Stormspotter", 517 | "repo": "https://github.com/Azure/Stormspotter", 518 | "stars": 1577, 519 | "last_commit": "2022-07-20T21:38:29Z", 520 | "language": "Python", 521 | "description": "Azure Red Team tool for graphing Azure and Azure Active Directory objects", 522 | "tags": [], 523 | "categories": [ 524 | "S3 Auditing", 525 | "Threat Detection", 526 | "Penetration Testing" 527 | ], 528 | "install_options": [] 529 | }, 530 | { 531 | "name": "bear/s3scan", 532 | "repo": "https://github.com/bear/s3scan", 533 | "stars": 84, 534 | "last_commit": "2024-08-07T23:38:15Z", 535 | "language": "Python", 536 | "description": "scan s3 buckets for security issues", 537 | "tags": [], 538 | "categories": [ 539 | "S3 Auditing", 540 | "Compliance", 541 | "Static Analysis", 542 | "Data Security" 543 | ], 544 | "install_options": [] 545 | }, 546 | { 547 | "name": "benkehoe/aws-whoami-golang", 548 | "repo": "https://github.com/benkehoe/aws-whoami-golang", 549 | "stars": 57, 550 | "last_commit": "2023-02-23T18:45:09Z", 551 | "language": "Go", 552 | "description": "A tool to show what AWS account and identity you're using.", 553 | "tags": [], 554 | "categories": [ 555 | "IAM Tools" 556 | ], 557 | "install_options": [] 558 | }, 559 | { 560 | "name": "BishopFox/cloudfox", 561 | "repo": "https://github.com/BishopFox/cloudfox", 562 | "stars": 2034, 563 | "last_commit": "2024-10-17T08:47:11Z", 564 | "language": "Go", 565 | "description": "Automating situational awareness for cloud penetration tests.", 566 | "tags": [ 567 | "aws", 568 | "cloud", 569 | "cloud-security", 570 | "golang", 571 | "penetration-testing-tools", 572 | "security" 573 | ], 574 | "categories": [ 575 | "Compliance", 576 | "Data Security" 577 | ], 578 | "install_options": [] 579 | }, 580 | { 581 | "name": "BishopFox/dufflebag", 582 | "repo": "https://github.com/BishopFox/dufflebag", 583 | "stars": 297, 584 | "last_commit": "2020-02-05T22:31:52Z", 585 | "language": "Go", 586 | "description": "Search exposed EBS volumes for secrets", 587 | "tags": [ 588 | "aws-ebs", 589 | "aws-ebs-volumes", 590 | "aws-ebs-snapshot", 591 | "aws-eb", 592 | "elasticbeanstalk", 593 | "security-tools" 594 | ], 595 | "categories": [ 596 | "Secrets Management" 597 | ], 598 | "install_options": [] 599 | }, 600 | { 601 | "name": "boostsecurityio/poutine", 602 | "repo": "https://github.com/boostsecurityio/poutine", 603 | "stars": 254, 604 | "last_commit": "2025-02-13T19:59:14Z", 605 | "language": "Go", 606 | "description": "boostsecurityio/poutine", 607 | "tags": [ 608 | "ci", 609 | "cli", 610 | "devops", 611 | "devsecops", 612 | "github", 613 | "github-actions", 614 | "golang", 615 | "security", 616 | "security-scanner", 617 | "supply-chain", 618 | "supply-chain-security", 619 | "gh-extension" 620 | ], 621 | "categories": [ 622 | "Compliance", 623 | "Data Security" 624 | ], 625 | "install_options": [] 626 | }, 627 | { 628 | "name": "brianwarehime/inSp3ctor", 629 | "repo": "https://github.com/brianwarehime/inSp3ctor", 630 | "stars": 118, 631 | "last_commit": "2018-02-05T01:44:00Z", 632 | "language": "Python", 633 | "description": "AWS S3 Bucket/Object Finder", 634 | "tags": [], 635 | "categories": [ 636 | "S3 Auditing" 637 | ], 638 | "install_options": [] 639 | }, 640 | { 641 | "name": "bridgecrewio/AirIAM", 642 | "repo": "https://github.com/bridgecrewio/AirIAM", 643 | "stars": 788, 644 | "last_commit": "2022-08-02T05:28:53Z", 645 | "language": "Python", 646 | "description": "Least privilege AWS IAM Terraformer", 647 | "tags": [ 648 | "bridgecrew", 649 | "iam", 650 | "privileges-model", 651 | "aws", 652 | "terraform", 653 | "aws-iam", 654 | "aws-security", 655 | "aws-security-automation", 656 | "hacktoberfest" 657 | ], 658 | "categories": [ 659 | "IAM Tools", 660 | "Static Analysis", 661 | "Cloud Infrastructure" 662 | ], 663 | "install_options": [] 664 | }, 665 | { 666 | "name": "bridgecrewio/checkov", 667 | "repo": "https://github.com/bridgecrewio/checkov", 668 | "stars": 7375, 669 | "last_commit": "2025-02-18T23:01:33Z", 670 | "language": "Python", 671 | "description": "Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.", 672 | "tags": [ 673 | "terraform", 674 | "static-analysis", 675 | "aws", 676 | "gcp", 677 | "azure", 678 | "aws-security", 679 | "cloudformation", 680 | "scans", 681 | "compliance", 682 | "kubernetes", 683 | "infrastructure-as-code", 684 | "devops", 685 | "hacktoberfest" 686 | ], 687 | "categories": [ 688 | "Compliance", 689 | "Static Analysis", 690 | "Cloud Infrastructure", 691 | "Penetration Testing", 692 | "Container Security", 693 | "Policy Management" 694 | ], 695 | "install_options": [] 696 | }, 697 | { 698 | "name": "bridgecrewio/yor", 699 | "repo": "https://github.com/bridgecrewio/yor", 700 | "stars": 862, 701 | "last_commit": "2024-08-04T09:01:31Z", 702 | "language": "Go", 703 | "description": "Extensible auto-tagger for your IaC files. The ultimate way to link entities in the cloud back to the codified resource which created it.", 704 | "tags": [ 705 | "iac", 706 | "terraform", 707 | "devops", 708 | "cloud", 709 | "cloudsecurity", 710 | "cloudformation", 711 | "serverless", 712 | "tagging", 713 | "infrastructure-as-code", 714 | "hacktoberfest" 715 | ], 716 | "categories": [ 717 | "Static Analysis", 718 | "Cloud Infrastructure", 719 | "Serverless Security" 720 | ], 721 | "install_options": [] 722 | }, 723 | { 724 | "name": "btkrausen/aws", 725 | "repo": "https://github.com/btkrausen/aws", 726 | "stars": 68, 727 | "last_commit": "2023-08-06T17:30:58Z", 728 | "language": "", 729 | "description": "", 730 | "tags": [], 731 | "categories": [ 732 | "Uncategorized" 733 | ], 734 | "install_options": [] 735 | }, 736 | { 737 | "name": "c6fc/npk", 738 | "repo": "https://github.com/c6fc/npk", 739 | "stars": 555, 740 | "last_commit": "2024-04-06T16:22:18Z", 741 | "language": "JavaScript", 742 | "description": "A mostly-serverless distributed hash cracking platform", 743 | "tags": [], 744 | "categories": [ 745 | "Serverless Security" 746 | ], 747 | "install_options": [] 748 | }, 749 | { 750 | "name": "canonical/cloud-init", 751 | "repo": "https://github.com/canonical/cloud-init", 752 | "stars": 3122, 753 | "last_commit": "2025-02-20T02:55:05Z", 754 | "language": "Python", 755 | "description": "Official upstream for the cloud-init: cloud instance initialization", 756 | "tags": [ 757 | "cloud-init", 758 | "python", 759 | "hacktoberfest" 760 | ], 761 | "categories": [ 762 | "Uncategorized" 763 | ], 764 | "install_options": [] 765 | }, 766 | { 767 | "name": "carnal0wnage/weirdAAL", 768 | "repo": "https://github.com/carnal0wnage/weirdAAL", 769 | "stars": 794, 770 | "last_commit": "2020-09-09T01:27:16Z", 771 | "language": "Python", 772 | "description": "WeirdAAL (AWS Attack Library) ", 773 | "tags": [ 774 | "python3", 775 | "aws", 776 | "pentest-tool" 777 | ], 778 | "categories": [ 779 | "Threat Detection", 780 | "Penetration Testing" 781 | ], 782 | "install_options": [] 783 | }, 784 | { 785 | "name": "CCob/okta-terrify", 786 | "repo": "https://github.com/CCob/okta-terrify", 787 | "stars": 301, 788 | "last_commit": "2024-09-04T17:11:07Z", 789 | "language": "C#", 790 | "description": "Okta Verify and Okta FastPass Abuse Tool", 791 | "tags": [], 792 | "categories": [ 793 | "Threat Detection" 794 | ], 795 | "install_options": [] 796 | }, 797 | { 798 | "name": "tenable/terrascan", 799 | "repo": "https://github.com/tenable/terrascan", 800 | "stars": 4838, 801 | "last_commit": "2024-09-18T07:31:55Z", 802 | "language": "Go", 803 | "description": "Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.", 804 | "tags": [ 805 | "security-tools", 806 | "infrastructure-as-code", 807 | "devsecops", 808 | "devops", 809 | "security", 810 | "terraform", 811 | "aws", 812 | "cloudsecurity", 813 | "cloud-security", 814 | "terrascan", 815 | "infrastructure", 816 | "security-violations", 817 | "architecture", 818 | "kubernetes", 819 | "iac", 820 | "sast", 821 | "azure-security", 822 | "aws-security", 823 | "gcp-security", 824 | "scans" 825 | ], 826 | "categories": [ 827 | "Compliance", 828 | "Static Analysis", 829 | "Cloud Infrastructure", 830 | "Data Security", 831 | "Container Security", 832 | "Policy Management" 833 | ], 834 | "install_options": [] 835 | }, 836 | { 837 | "name": "Checkmarx/kics", 838 | "repo": "https://github.com/Checkmarx/kics", 839 | "stars": 2199, 840 | "last_commit": "2025-02-05T12:23:34Z", 841 | "language": "Open Policy Agent", 842 | "description": "Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.", 843 | "tags": [ 844 | "iac", 845 | "infrastructure-as-code", 846 | "security", 847 | "appsec", 848 | "cloudnative", 849 | "hacktoberfest", 850 | "devsecops", 851 | "golang", 852 | "security-tools", 853 | "vulnerability-detection", 854 | "vulnerability-scanners", 855 | "open-policy-agent" 856 | ], 857 | "categories": [ 858 | "Compliance", 859 | "IAM Tools", 860 | "Static Analysis", 861 | "Cloud Infrastructure", 862 | "Data Security", 863 | "Penetration Testing", 864 | "Policy Management" 865 | ], 866 | "install_options": [] 867 | }, 868 | { 869 | "name": "cjsrkd3321/aws-security-architectures", 870 | "repo": "https://github.com/cjsrkd3321/aws-security-architectures", 871 | "stars": 13, 872 | "last_commit": "2023-10-17T10:50:30Z", 873 | "language": "Python", 874 | "description": "aws-security-architecture", 875 | "tags": [ 876 | "aws", 877 | "arsenal", 878 | "security" 879 | ], 880 | "categories": [ 881 | "Compliance", 882 | "Data Security" 883 | ], 884 | "install_options": [] 885 | }, 886 | { 887 | "name": "cloud-copilot/iam-expand", 888 | "repo": "https://github.com/cloud-copilot/iam-expand", 889 | "stars": 29, 890 | "last_commit": "2025-02-15T17:55:24Z", 891 | "language": "TypeScript", 892 | "description": "Expand IAM Actions with Wildcards", 893 | "tags": [ 894 | "aws", 895 | "iam", 896 | "iam-policy" 897 | ], 898 | "categories": [ 899 | "IAM Tools" 900 | ], 901 | "install_options": [] 902 | }, 903 | { 904 | "name": "cloud-copilot/iam-simulate", 905 | "repo": "https://github.com/cloud-copilot/iam-simulate", 906 | "stars": 69, 907 | "last_commit": "2025-02-16T01:15:28Z", 908 | "language": "TypeScript", 909 | "description": "An IAM Simulator that outputs detailed explains of how a request was evaluated.", 910 | "tags": [ 911 | "aws", 912 | "iam" 913 | ], 914 | "categories": [ 915 | "IAM Tools" 916 | ], 917 | "install_options": [] 918 | }, 919 | { 920 | "name": "cloud-custodian/cloud-custodian", 921 | "repo": "https://github.com/cloud-custodian/cloud-custodian", 922 | "stars": 5562, 923 | "last_commit": "2025-02-18T18:02:05Z", 924 | "language": "Python", 925 | "description": "Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources", 926 | "tags": [ 927 | "aws", 928 | "compliance", 929 | "cloud", 930 | "rules-engine", 931 | "cloud-computing", 932 | "management", 933 | "serverless", 934 | "lambda", 935 | "gcp", 936 | "azure" 937 | ], 938 | "categories": [ 939 | "Compliance", 940 | "Data Security", 941 | "Serverless Security", 942 | "Cloud Cost Management", 943 | "Policy Management" 944 | ], 945 | "install_options": [] 946 | }, 947 | { 948 | "name": "cloudquery/cloudquery", 949 | "repo": "https://github.com/cloudquery/cloudquery", 950 | "stars": 6009, 951 | "last_commit": "2025-02-19T11:22:59Z", 952 | "language": "Go", 953 | "description": "The developer first cloud governance platform", 954 | "tags": [ 955 | "aws", 956 | "gcp", 957 | "azure", 958 | "sql", 959 | "data-integration", 960 | "elt", 961 | "etl", 962 | "etl-framework", 963 | "bigquery", 964 | "data-collection", 965 | "data-engineering", 966 | "kubernetes", 967 | "data", 968 | "airbyte", 969 | "github-api", 970 | "data-analysis", 971 | "google", 972 | "go", 973 | "cspm", 974 | "attack-surface-management" 975 | ], 976 | "categories": [ 977 | "Compliance", 978 | "Data Security", 979 | "Container Security" 980 | ], 981 | "install_options": [] 982 | }, 983 | { 984 | "name": "aquasecurity/cloudsploit", 985 | "repo": "https://github.com/aquasecurity/cloudsploit", 986 | "stars": 3428, 987 | "last_commit": "2025-02-12T08:47:13Z", 988 | "language": "JavaScript", 989 | "description": "Cloud Security Posture Management (CSPM)", 990 | "tags": [ 991 | "aws", 992 | "security", 993 | "security-audit", 994 | "cloud", 995 | "azure", 996 | "cspm", 997 | "aqua", 998 | "gcp", 999 | "oci", 1000 | "oracle", 1001 | "alibaba" 1002 | ], 1003 | "categories": [ 1004 | "Compliance", 1005 | "Data Security" 1006 | ], 1007 | "install_options": [] 1008 | }, 1009 | { 1010 | "name": "clutchsecurity/federator", 1011 | "repo": "https://github.com/clutchsecurity/federator", 1012 | "stars": 62, 1013 | "last_commit": "2024-11-07T07:06:24Z", 1014 | "language": "HCL", 1015 | "description": "Terraform templates for CI/CD to Cloud federation and Cloud2Cloud IAM federations", 1016 | "tags": [ 1017 | "aws", 1018 | "azure", 1019 | "ci-cd", 1020 | "cloud", 1021 | "cognito", 1022 | "federation", 1023 | "federator", 1024 | "gcp", 1025 | "iam", 1026 | "iam-federations", 1027 | "oidc", 1028 | "security", 1029 | "terraform" 1030 | ], 1031 | "categories": [ 1032 | "Compliance", 1033 | "IAM Tools", 1034 | "Static Analysis", 1035 | "Cloud Infrastructure", 1036 | "Data Security" 1037 | ], 1038 | "install_options": [] 1039 | }, 1040 | { 1041 | "name": "controlplaneio/simulator", 1042 | "repo": "https://github.com/controlplaneio/simulator", 1043 | "stars": 941, 1044 | "last_commit": "2024-06-03T10:54:35Z", 1045 | "language": "Python", 1046 | "description": "Kubernetes Security Training Platform - focusing on security mitigation", 1047 | "tags": [], 1048 | "categories": [ 1049 | "Compliance", 1050 | "Data Security", 1051 | "Container Security" 1052 | ], 1053 | "install_options": [] 1054 | }, 1055 | { 1056 | "name": "cr0hn/festin", 1057 | "repo": "https://github.com/cr0hn/festin", 1058 | "stars": 231, 1059 | "last_commit": "2020-12-04T09:31:28Z", 1060 | "language": "Python", 1061 | "description": "FestIn - Open S3 Bucket Scanner", 1062 | "tags": [ 1063 | "s3", 1064 | "s3-bucket", 1065 | "s3-security", 1066 | "aws-security" 1067 | ], 1068 | "categories": [ 1069 | "S3 Auditing", 1070 | "Static Analysis" 1071 | ], 1072 | "install_options": [] 1073 | }, 1074 | { 1075 | "name": "cyberark/SkyArk", 1076 | "repo": "https://github.com/cyberark/SkyArk", 1077 | "stars": 883, 1078 | "last_commit": "2024-12-17T15:34:58Z", 1079 | "language": "PowerShell", 1080 | "description": "SkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS", 1081 | "tags": [ 1082 | "cloud-security", 1083 | "powershell", 1084 | "security-tools", 1085 | "privileges", 1086 | "cloud", 1087 | "aws", 1088 | "admins", 1089 | "attacker", 1090 | "threat", 1091 | "azure" 1092 | ], 1093 | "categories": [ 1094 | "Incident Response", 1095 | "Threat Detection" 1096 | ], 1097 | "install_options": [] 1098 | }, 1099 | { 1100 | "name": "cyberark/SkyWrapper", 1101 | "repo": "https://github.com/cyberark/SkyWrapper", 1102 | "stars": 105, 1103 | "last_commit": "2020-04-17T15:34:10Z", 1104 | "language": "Python", 1105 | "description": "SkyWrapper helps to discover suspicious creation forms and uses of temporary tokens in AWS", 1106 | "tags": [], 1107 | "categories": [ 1108 | "Secrets Management" 1109 | ], 1110 | "install_options": [] 1111 | }, 1112 | { 1113 | "name": "cycloidio/terracognita", 1114 | "repo": "https://github.com/cycloidio/terracognita", 1115 | "stars": 2245, 1116 | "last_commit": "2024-01-24T14:59:19Z", 1117 | "language": "Go", 1118 | "description": "Reads from existing public and private cloud providers (reverse Terraform) and generates your infrastructure as code on Terraform configuration", 1119 | "tags": [ 1120 | "devops-tools", 1121 | "terraform", 1122 | "infrastructure-as-code", 1123 | "tfstate", 1124 | "devops", 1125 | "golang", 1126 | "cloud", 1127 | "aws", 1128 | "go", 1129 | "google-cloud-platform", 1130 | "azure", 1131 | "reverse-engineering", 1132 | "cycloid", 1133 | "gcp", 1134 | "azure-devops", 1135 | "hybrid-cloud", 1136 | "iac", 1137 | "iac-terraform", 1138 | "vmware" 1139 | ], 1140 | "categories": [ 1141 | "Static Analysis", 1142 | "Cloud Infrastructure", 1143 | "Policy Management" 1144 | ], 1145 | "install_options": [] 1146 | }, 1147 | { 1148 | "name": "dagrz/aws_pwn", 1149 | "repo": "https://github.com/dagrz/aws_pwn", 1150 | "stars": 1186, 1151 | "last_commit": "2017-10-14T07:57:04Z", 1152 | "language": "Python", 1153 | "description": "A collection of AWS penetration testing junk", 1154 | "tags": [], 1155 | "categories": [ 1156 | "Penetration Testing" 1157 | ], 1158 | "install_options": [] 1159 | }, 1160 | { 1161 | "name": "damienjburks/DataCop", 1162 | "repo": "https://github.com/damienjburks/DataCop", 1163 | "stars": 14, 1164 | "last_commit": "2024-04-23T01:38:43Z", 1165 | "language": "Python", 1166 | "description": "Protect your data in AWS S3 with DataCop!", 1167 | "tags": [ 1168 | "aws", 1169 | "cloud", 1170 | "data", 1171 | "security" 1172 | ], 1173 | "categories": [ 1174 | "S3 Auditing", 1175 | "Compliance", 1176 | "Data Security" 1177 | ], 1178 | "install_options": [] 1179 | }, 1180 | { 1181 | "name": "DataDog/grimoire", 1182 | "repo": "https://github.com/DataDog/grimoire", 1183 | "stars": 199, 1184 | "last_commit": "2024-08-09T16:36:59Z", 1185 | "language": "Go", 1186 | "description": "Generate datasets of cloud audit logs for common attacks", 1187 | "tags": [ 1188 | "cloud-security", 1189 | "detection-engineering", 1190 | "purpleteaming" 1191 | ], 1192 | "categories": [ 1193 | "Compliance", 1194 | "Cloud Monitoring", 1195 | "Threat Detection", 1196 | "Data Security", 1197 | "Penetration Testing" 1198 | ], 1199 | "install_options": [] 1200 | }, 1201 | { 1202 | "name": "DataDog/guarddog", 1203 | "repo": "https://github.com/DataDog/guarddog", 1204 | "stars": 675, 1205 | "last_commit": "2025-02-06T08:51:18Z", 1206 | "language": "Python", 1207 | "description": ":snake: :mag: GuardDog is a CLI tool to Identify malicious PyPI and npm packages", 1208 | "tags": [ 1209 | "malicious-packages", 1210 | "pypi-packages", 1211 | "python", 1212 | "python-security", 1213 | "software-supply-chain-security", 1214 | "npm", 1215 | "npm-packages" 1216 | ], 1217 | "categories": [ 1218 | "Uncategorized" 1219 | ], 1220 | "install_options": [] 1221 | }, 1222 | { 1223 | "name": "DataDog/stratus-red-team", 1224 | "repo": "https://github.com/DataDog/stratus-red-team", 1225 | "stars": 1918, 1226 | "last_commit": "2025-02-19T16:14:48Z", 1227 | "language": "Go", 1228 | "description": ":cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud", 1229 | "tags": [ 1230 | "aws", 1231 | "adversary-emulation", 1232 | "purple-team", 1233 | "mitre-attack", 1234 | "cloud-security", 1235 | "cloud-native-security", 1236 | "detection-engineering", 1237 | "threat-detection", 1238 | "security", 1239 | "aws-security", 1240 | "azure-security", 1241 | "kubernetes-security", 1242 | "gcp-security" 1243 | ], 1244 | "categories": [ 1245 | "Compliance", 1246 | "Data Security" 1247 | ], 1248 | "install_options": [] 1249 | }, 1250 | { 1251 | "name": "deepfence/ThreatMapper", 1252 | "repo": "https://github.com/deepfence/ThreatMapper", 1253 | "stars": 4914, 1254 | "last_commit": "2025-01-30T07:09:14Z", 1255 | "language": "TypeScript", 1256 | "description": "Open Source Cloud Native Application Protection Platform (CNAPP)", 1257 | "tags": [ 1258 | "cloud-native", 1259 | "vulnerability-management", 1260 | "threat-analysis", 1261 | "devsecops", 1262 | "secops", 1263 | "registry-scanning", 1264 | "security-tools", 1265 | "cwpp", 1266 | "observability", 1267 | "cloudsecurity", 1268 | "vulnerability-scanners", 1269 | "vulnerability-detection", 1270 | "scanning-tool", 1271 | "cnapp", 1272 | "compliance", 1273 | "containers", 1274 | "cspm", 1275 | "devops", 1276 | "kubernetes", 1277 | "hacktoberfest" 1278 | ], 1279 | "categories": [ 1280 | "Compliance", 1281 | "Data Security", 1282 | "Container Security", 1283 | "Policy Management" 1284 | ], 1285 | "install_options": [] 1286 | }, 1287 | { 1288 | "name": "DenizParlak/Zeus", 1289 | "repo": "https://github.com/DenizParlak/Zeus", 1290 | "stars": 711, 1291 | "last_commit": "2019-10-03T14:42:36Z", 1292 | "language": "Shell", 1293 | "description": "AWS Auditing & Hardening Tool", 1294 | "tags": [ 1295 | "cloudtrail", 1296 | "aws-auditing", 1297 | "hardening", 1298 | "aws-hardening", 1299 | "aws" 1300 | ], 1301 | "categories": [ 1302 | "S3 Auditing", 1303 | "Compliance", 1304 | "Penetration Testing" 1305 | ], 1306 | "install_options": [] 1307 | }, 1308 | { 1309 | "name": "disruptops/cred_scanner", 1310 | "repo": "https://github.com/disruptops/cred_scanner", 1311 | "stars": 90, 1312 | "last_commit": "2018-05-16T05:15:09Z", 1313 | "language": "Python", 1314 | "description": "A simple file-based scanner to look for potential AWS access and secret keys in files", 1315 | "tags": [], 1316 | "categories": [ 1317 | "S3 Auditing", 1318 | "IAM Tools", 1319 | "Static Analysis", 1320 | "Secrets Management" 1321 | ], 1322 | "install_options": [] 1323 | }, 1324 | { 1325 | "name": "disruptops/resource-counter", 1326 | "repo": "https://github.com/disruptops/resource-counter", 1327 | "stars": 57, 1328 | "last_commit": "2018-05-24T23:44:39Z", 1329 | "language": "Python", 1330 | "description": "This command line tool counts the number of resources in different categories across Amazon regions.", 1331 | "tags": [], 1332 | "categories": [ 1333 | "Cloud Cost Management" 1334 | ], 1335 | "install_options": [] 1336 | }, 1337 | { 1338 | "name": "domain-protect/domain-protect-gcp", 1339 | "repo": "https://github.com/domain-protect/domain-protect-gcp", 1340 | "stars": 92, 1341 | "last_commit": "2024-05-23T18:52:02Z", 1342 | "language": "Python", 1343 | "description": "Protect against subdomain takeover", 1344 | "tags": [], 1345 | "categories": [ 1346 | "Uncategorized" 1347 | ], 1348 | "install_options": [] 1349 | }, 1350 | { 1351 | "name": "dowjones/hammer", 1352 | "repo": "https://github.com/dowjones/hammer", 1353 | "stars": 436, 1354 | "last_commit": "2019-06-26T16:23:13Z", 1355 | "language": "Python", 1356 | "description": "Dow Jones Hammer : Protect the cloud with the power of the cloud(AWS)", 1357 | "tags": [ 1358 | "devsecops", 1359 | "cloudsecurity", 1360 | "aws", 1361 | "aws-security" 1362 | ], 1363 | "categories": [ 1364 | "Uncategorized" 1365 | ], 1366 | "install_options": [] 1367 | }, 1368 | { 1369 | "name": "duo-labs/cloudmapper", 1370 | "repo": "https://github.com/duo-labs/cloudmapper", 1371 | "stars": 6066, 1372 | "last_commit": "2023-11-30T22:26:56Z", 1373 | "language": "JavaScript", 1374 | "description": " CloudMapper helps you analyze your Amazon Web Services (AWS) environments.", 1375 | "tags": [ 1376 | "aws", 1377 | "cytoscape", 1378 | "diagram", 1379 | "security" 1380 | ], 1381 | "categories": [ 1382 | "Compliance", 1383 | "Data Security", 1384 | "API Security" 1385 | ], 1386 | "install_options": [] 1387 | }, 1388 | { 1389 | "name": "duo-labs/cloudtracker", 1390 | "repo": "https://github.com/duo-labs/cloudtracker", 1391 | "stars": 892, 1392 | "last_commit": "2021-03-26T19:22:07Z", 1393 | "language": "Python", 1394 | "description": "CloudTracker helps you find over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies.", 1395 | "tags": [], 1396 | "categories": [ 1397 | "IAM Tools", 1398 | "Cloud Monitoring" 1399 | ], 1400 | "install_options": [] 1401 | }, 1402 | { 1403 | "name": "duo-labs/cloudtrail-partitioner", 1404 | "repo": "https://github.com/duo-labs/cloudtrail-partitioner", 1405 | "stars": 154, 1406 | "last_commit": "2021-05-11T12:26:55Z", 1407 | "language": "Python", 1408 | "description": "", 1409 | "tags": [], 1410 | "categories": [ 1411 | "Uncategorized" 1412 | ], 1413 | "install_options": [] 1414 | }, 1415 | { 1416 | "name": "duo-labs/parliament", 1417 | "repo": "https://github.com/duo-labs/parliament", 1418 | "stars": 1063, 1419 | "last_commit": "2024-07-26T14:23:44Z", 1420 | "language": "Python", 1421 | "description": "AWS IAM linting library", 1422 | "tags": [], 1423 | "categories": [ 1424 | "IAM Tools", 1425 | "Static Analysis" 1426 | ], 1427 | "install_options": [] 1428 | }, 1429 | { 1430 | "name": "trufflesecurity/trufflehog", 1431 | "repo": "https://github.com/trufflesecurity/trufflehog", 1432 | "stars": 18144, 1433 | "last_commit": "2025-02-19T21:35:36Z", 1434 | "language": "Go", 1435 | "description": "Find, verify, and analyze leaked credentials", 1436 | "tags": [ 1437 | "secret", 1438 | "trufflehog", 1439 | "credentials", 1440 | "security", 1441 | "devsecops", 1442 | "dynamic-analysis", 1443 | "security-tools", 1444 | "secrets", 1445 | "verification", 1446 | "hacktoberfest", 1447 | "secret-management", 1448 | "precommit", 1449 | "scanning" 1450 | ], 1451 | "categories": [ 1452 | "Compliance", 1453 | "Secrets Management", 1454 | "Data Security" 1455 | ], 1456 | "install_options": [] 1457 | }, 1458 | { 1459 | "name": "edera-dev/am-i-isolated", 1460 | "repo": "https://github.com/edera-dev/am-i-isolated", 1461 | "stars": 245, 1462 | "last_commit": "2025-02-19T18:28:16Z", 1463 | "language": "Rust", 1464 | "description": "Validate the isolation posture of your container environment.", 1465 | "tags": [], 1466 | "categories": [ 1467 | "Container Security" 1468 | ], 1469 | "install_options": [] 1470 | }, 1471 | { 1472 | "name": "terraform-compliance/cli", 1473 | "repo": "https://github.com/terraform-compliance/cli", 1474 | "stars": 1374, 1475 | "last_commit": "2024-11-29T16:21:50Z", 1476 | "language": "Python", 1477 | "description": "a lightweight, security focused, BDD test framework against terraform.", 1478 | "tags": [ 1479 | "terraform", 1480 | "hashicorp", 1481 | "bdd-style", 1482 | "compliance", 1483 | "bdd", 1484 | "infrastructure", 1485 | "testing", 1486 | "testing-framework" 1487 | ], 1488 | "categories": [ 1489 | "Compliance", 1490 | "Static Analysis", 1491 | "Cloud Infrastructure", 1492 | "Data Security", 1493 | "Penetration Testing", 1494 | "Policy Management" 1495 | ], 1496 | "install_options": [] 1497 | }, 1498 | { 1499 | "name": "ekristen/aws-nuke", 1500 | "repo": "https://github.com/ekristen/aws-nuke", 1501 | "stars": 459, 1502 | "last_commit": "2025-02-19T17:15:44Z", 1503 | "language": "Go", 1504 | "description": "Remove all the resources from an AWS account", 1505 | "tags": [ 1506 | "aws", 1507 | "cli", 1508 | "goreleaser", 1509 | "github-actions", 1510 | "cosign", 1511 | "mkdocs", 1512 | "mkdocs-material", 1513 | "libnuke" 1514 | ], 1515 | "categories": [ 1516 | "Cloud Cost Management" 1517 | ], 1518 | "install_options": [] 1519 | }, 1520 | { 1521 | "name": "elastic/dorothy", 1522 | "repo": "https://github.com/elastic/dorothy", 1523 | "stars": 178, 1524 | "last_commit": "2021-12-10T23:39:09Z", 1525 | "language": "Python", 1526 | "description": "Dorothy is a tool to test security monitoring and detection for Okta environments", 1527 | "tags": [ 1528 | "security", 1529 | "cybersecurity", 1530 | "blue-team", 1531 | "security-tools", 1532 | "red-team", 1533 | "infosec" 1534 | ], 1535 | "categories": [ 1536 | "Compliance", 1537 | "Cloud Monitoring", 1538 | "Threat Detection", 1539 | "Data Security" 1540 | ], 1541 | "install_options": [] 1542 | }, 1543 | { 1544 | "name": "ihamburglar/Redboto", 1545 | "repo": "https://github.com/ihamburglar/Redboto", 1546 | "stars": 167, 1547 | "last_commit": "2020-07-28T00:15:28Z", 1548 | "language": "Python", 1549 | "description": "Red Team Scripts for AWS.", 1550 | "tags": [], 1551 | "categories": [ 1552 | "Threat Detection", 1553 | "Penetration Testing" 1554 | ], 1555 | "install_options": [] 1556 | }, 1557 | { 1558 | "name": "endgameinc/aws-logsearch", 1559 | "repo": "https://github.com/endgameinc/aws-logsearch", 1560 | "stars": 25, 1561 | "last_commit": "2018-12-10T15:48:14Z", 1562 | "language": "Go", 1563 | "description": "", 1564 | "tags": [], 1565 | "categories": [ 1566 | "Uncategorized" 1567 | ], 1568 | "install_options": [] 1569 | }, 1570 | { 1571 | "name": "endgameinc/varna", 1572 | "repo": "https://github.com/endgameinc/varna", 1573 | "stars": 51, 1574 | "last_commit": "2020-02-10T15:40:11Z", 1575 | "language": "CSS", 1576 | "description": "Varna: Quick & Cheap AWS CloudTrail Monitoring with Event Query Language (EQL)", 1577 | "tags": [], 1578 | "categories": [ 1579 | "Cloud Monitoring" 1580 | ], 1581 | "install_options": [] 1582 | }, 1583 | { 1584 | "name": "tenable/access-undenied-aws", 1585 | "repo": "https://github.com/tenable/access-undenied-aws", 1586 | "stars": 261, 1587 | "last_commit": "2023-01-26T11:04:06Z", 1588 | "language": "Python", 1589 | "description": "Access Undenied parses AWS AccessDenied CloudTrail events, explains the reasons for them, and offers actionable remediation steps. Open-sourced by Ermetic.", 1590 | "tags": [], 1591 | "categories": [ 1592 | "S3 Auditing", 1593 | "IAM Tools" 1594 | ], 1595 | "install_options": [] 1596 | }, 1597 | { 1598 | "name": "eth0izzle/bucket-stream", 1599 | "repo": "https://github.com/eth0izzle/bucket-stream", 1600 | "stars": 1760, 1601 | "last_commit": "2020-02-03T22:59:08Z", 1602 | "language": "Python", 1603 | "description": "Find interesting Amazon S3 Buckets by watching certificate transparency logs.", 1604 | "tags": [ 1605 | "cyber", 1606 | "cyint", 1607 | "amazon-s3", 1608 | "certificate-transparency", 1609 | "certstream" 1610 | ], 1611 | "categories": [ 1612 | "S3 Auditing", 1613 | "Cloud Monitoring", 1614 | "API Security" 1615 | ], 1616 | "install_options": [] 1617 | }, 1618 | { 1619 | "name": "LETHAL-FORENSICS/Microsoft-Analyzer-Suite", 1620 | "repo": "https://github.com/LETHAL-FORENSICS/Microsoft-Analyzer-Suite", 1621 | "stars": 416, 1622 | "last_commit": "2025-02-18T08:02:20Z", 1623 | "language": "PowerShell", 1624 | "description": "A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID", 1625 | "tags": [ 1626 | "azure-active-directory", 1627 | "incident-response", 1628 | "microsoft-365", 1629 | "microsoft-entra", 1630 | "microsoft-graph", 1631 | "powershell" 1632 | ], 1633 | "categories": [ 1634 | "Data Security" 1635 | ], 1636 | "install_options": [] 1637 | }, 1638 | { 1639 | "name": "facebookincubator/TTPForge", 1640 | "repo": "https://github.com/facebookincubator/TTPForge", 1641 | "stars": 356, 1642 | "last_commit": "2025-02-19T19:24:37Z", 1643 | "language": "Go", 1644 | "description": "The TTPForge is a Cybersecurity Framework for developing, automating, and executing attacker Tactics, Techniques, and Procedures (TTPs).", 1645 | "tags": [], 1646 | "categories": [ 1647 | "Compliance", 1648 | "Threat Detection", 1649 | "Data Security", 1650 | "Penetration Testing" 1651 | ], 1652 | "install_options": [] 1653 | }, 1654 | { 1655 | "name": "falcosecurity/falco", 1656 | "repo": "https://github.com/falcosecurity/falco", 1657 | "stars": 7623, 1658 | "last_commit": "2025-02-19T14:20:44Z", 1659 | "language": "C++", 1660 | "description": "Cloud Native Runtime Security", 1661 | "tags": [ 1662 | "cncf", 1663 | "containers", 1664 | "security", 1665 | "falco", 1666 | "ebpf", 1667 | "kubernetes", 1668 | "hacktoberfest", 1669 | "cloud-native", 1670 | "cncf-project", 1671 | "runtime-security" 1672 | ], 1673 | "categories": [ 1674 | "Compliance", 1675 | "Data Security", 1676 | "Container Security", 1677 | "Serverless Security" 1678 | ], 1679 | "install_options": [] 1680 | }, 1681 | { 1682 | "name": "FishermansEnemy/bucket_finder", 1683 | "repo": "https://github.com/FishermansEnemy/bucket_finder", 1684 | "stars": 96, 1685 | "last_commit": "2013-06-24T12:12:02Z", 1686 | "language": "Ruby", 1687 | "description": "Amazon bucket brute force tool", 1688 | "tags": [], 1689 | "categories": [ 1690 | "S3 Auditing" 1691 | ], 1692 | "install_options": [] 1693 | }, 1694 | { 1695 | "name": "flosell/trailscraper", 1696 | "repo": "https://github.com/flosell/trailscraper", 1697 | "stars": 806, 1698 | "last_commit": "2025-02-17T01:20:04Z", 1699 | "language": "Python", 1700 | "description": "A command-line tool to get valuable information out of AWS CloudTrail", 1701 | "tags": [ 1702 | "aws-cloudtrail", 1703 | "aws", 1704 | "aws-cloudformation", 1705 | "iam", 1706 | "heuristic", 1707 | "iam-actions", 1708 | "security", 1709 | "security-automation", 1710 | "cloud", 1711 | "cloudtrail", 1712 | "cloudtrail-log-analytics", 1713 | "cloudtrail-consumer", 1714 | "hacktoberfest" 1715 | ], 1716 | "categories": [ 1717 | "Compliance", 1718 | "IAM Tools", 1719 | "Data Security" 1720 | ], 1721 | "install_options": [] 1722 | }, 1723 | { 1724 | "name": "WithSecureLabs/awspx", 1725 | "repo": "https://github.com/WithSecureLabs/awspx", 1726 | "stars": 935, 1727 | "last_commit": "2021-08-25T07:33:38Z", 1728 | "language": "Python", 1729 | "description": "A graph-based tool for visualizing effective access and resource relationships in AWS environments.", 1730 | "tags": [ 1731 | "aws", 1732 | "aws-security", 1733 | "graph-theory", 1734 | "pentesting" 1735 | ], 1736 | "categories": [ 1737 | "S3 Auditing", 1738 | "IAM Tools" 1739 | ], 1740 | "install_options": [] 1741 | }, 1742 | { 1743 | "name": "WithSecureLabs/leonidas", 1744 | "repo": "https://github.com/WithSecureLabs/leonidas", 1745 | "stars": 556, 1746 | "last_commit": "2024-11-28T23:10:33Z", 1747 | "language": "Python", 1748 | "description": "Automated Attack Simulation in the Cloud, complete with detection use cases.", 1749 | "tags": [], 1750 | "categories": [ 1751 | "Threat Detection", 1752 | "Data Security", 1753 | "Penetration Testing" 1754 | ], 1755 | "install_options": [] 1756 | }, 1757 | { 1758 | "name": "fugue/regula", 1759 | "repo": "https://github.com/fugue/regula", 1760 | "stars": 963, 1761 | "last_commit": "2024-09-03T08:59:55Z", 1762 | "language": "Open Policy Agent", 1763 | "description": "Regula checks infrastructure as code templates (Terraform, CloudFormation, k8s manifests) for AWS, Azure, Google Cloud, and Kubernetes security and compliance using Open Policy Agent/Rego", 1764 | "tags": [], 1765 | "categories": [ 1766 | "Compliance", 1767 | "IAM Tools", 1768 | "Static Analysis", 1769 | "Cloud Infrastructure", 1770 | "Data Security", 1771 | "Container Security", 1772 | "Policy Management" 1773 | ], 1774 | "install_options": [] 1775 | }, 1776 | { 1777 | "name": "gabrielsoltz/metahub", 1778 | "repo": "https://github.com/gabrielsoltz/metahub", 1779 | "stars": 167, 1780 | "last_commit": "2024-12-17T23:09:24Z", 1781 | "language": "Python", 1782 | "description": "MetaHub is an automated contextual security findings enrichment and impact evaluation tool for vulnerability management.", 1783 | "tags": [ 1784 | "aws", 1785 | "security", 1786 | "securityhub", 1787 | "asff" 1788 | ], 1789 | "categories": [ 1790 | "Compliance", 1791 | "Static Analysis", 1792 | "Data Security" 1793 | ], 1794 | "install_options": [] 1795 | }, 1796 | { 1797 | "name": "gladstomych/AHHHZURE", 1798 | "repo": "https://github.com/gladstomych/AHHHZURE", 1799 | "stars": 102, 1800 | "last_commit": "2024-04-22T12:19:40Z", 1801 | "language": "PowerShell", 1802 | "description": "AHHHZURE is an automated deployment script that creates a vulnerable Azure cloud lab for offensive security practitioners and enthusiasts to brush up their cloud sec skills.", 1803 | "tags": [], 1804 | "categories": [ 1805 | "Compliance", 1806 | "Cloud Infrastructure", 1807 | "Data Security" 1808 | ], 1809 | "install_options": [] 1810 | }, 1811 | { 1812 | "name": "goldfiglabs/rpCheckup", 1813 | "repo": "https://github.com/goldfiglabs/rpCheckup", 1814 | "stars": 160, 1815 | "last_commit": "2021-04-22T21:31:49Z", 1816 | "language": "Go", 1817 | "description": "rpCheckup is an AWS resource policy security checkup tool that identifies public, external account access, intra-org account access, and private resources.", 1818 | "tags": [ 1819 | "aws", 1820 | "infosec", 1821 | "ec2", 1822 | "s3", 1823 | "resourcepolicy", 1824 | "cloudsecurity", 1825 | "aws-security", 1826 | "cspm" 1827 | ], 1828 | "categories": [ 1829 | "S3 Auditing", 1830 | "Compliance", 1831 | "IAM Tools", 1832 | "Data Security", 1833 | "Cloud Cost Management", 1834 | "Policy Management" 1835 | ], 1836 | "install_options": [] 1837 | }, 1838 | { 1839 | "name": "google/trillian", 1840 | "repo": "https://github.com/google/trillian", 1841 | "stars": 3591, 1842 | "last_commit": "2025-02-18T15:55:18Z", 1843 | "language": "Go", 1844 | "description": "A transparent, highly scalable and cryptographically verifiable data store.", 1845 | "tags": [ 1846 | "certificate-transparency", 1847 | "merkle-tree" 1848 | ], 1849 | "categories": [ 1850 | "Data Security" 1851 | ], 1852 | "install_options": [] 1853 | }, 1854 | { 1855 | "name": "GoogleCloudPlatform/assured-workloads-terraform", 1856 | "repo": "https://github.com/GoogleCloudPlatform/assured-workloads-terraform", 1857 | "stars": 14, 1858 | "last_commit": "2024-07-30T13:20:49Z", 1859 | "language": "HCL", 1860 | "description": "", 1861 | "tags": [], 1862 | "categories": [ 1863 | "Uncategorized" 1864 | ], 1865 | "install_options": [] 1866 | }, 1867 | { 1868 | "name": "gruntwork-io/cloud-nuke", 1869 | "repo": "https://github.com/gruntwork-io/cloud-nuke", 1870 | "stars": 2880, 1871 | "last_commit": "2025-02-18T03:22:50Z", 1872 | "language": "Go", 1873 | "description": "A tool for cleaning up your cloud accounts by nuking (deleting) all resources within it", 1874 | "tags": [], 1875 | "categories": [ 1876 | "Cloud Cost Management" 1877 | ], 1878 | "install_options": [] 1879 | }, 1880 | { 1881 | "name": "gwen001/s3-buckets-finder", 1882 | "repo": "https://github.com/gwen001/s3-buckets-finder", 1883 | "stars": 376, 1884 | "last_commit": "2023-03-28T15:47:31Z", 1885 | "language": "PHP", 1886 | "description": "Find AWS S3 buckets and test their permissions.", 1887 | "tags": [ 1888 | "aws", 1889 | "aws-s3", 1890 | "bucket", 1891 | "cloud", 1892 | "php", 1893 | "s3", 1894 | "s3-bucket", 1895 | "bugbounty", 1896 | "pentesting", 1897 | "security-tools" 1898 | ], 1899 | "categories": [ 1900 | "S3 Auditing", 1901 | "IAM Tools", 1902 | "Policy Management" 1903 | ], 1904 | "install_options": [] 1905 | }, 1906 | { 1907 | "name": "hac01/gcp-iam-brute", 1908 | "repo": "https://github.com/hac01/gcp-iam-brute", 1909 | "stars": 42, 1910 | "last_commit": "2024-06-13T10:17:09Z", 1911 | "language": "Python", 1912 | "description": "", 1913 | "tags": [], 1914 | "categories": [ 1915 | "Uncategorized" 1916 | ], 1917 | "install_options": [] 1918 | }, 1919 | { 1920 | "name": "HarshVaragiya/aws-redteam-kit", 1921 | "repo": "https://github.com/HarshVaragiya/aws-redteam-kit", 1922 | "stars": 30, 1923 | "last_commit": "2024-10-14T17:27:06Z", 1924 | "language": "Go", 1925 | "description": "A PoC to Simulate Ransomware Attack on AWS Environment ", 1926 | "tags": [], 1927 | "categories": [ 1928 | "Threat Detection", 1929 | "Penetration Testing" 1930 | ], 1931 | "install_options": [] 1932 | }, 1933 | { 1934 | "name": "hazardsec/cx-scan", 1935 | "repo": "https://github.com/hazardsec/cx-scan", 1936 | "stars": 10, 1937 | "last_commit": "2023-01-05T23:02:20Z", 1938 | "language": "Python", 1939 | "description": "Automate Checkmarx Scanning and Onboarding Plus AWS Access", 1940 | "tags": [], 1941 | "categories": [ 1942 | "S3 Auditing", 1943 | "IAM Tools", 1944 | "Static Analysis" 1945 | ], 1946 | "install_options": [] 1947 | }, 1948 | { 1949 | "name": "hotnops/apeman", 1950 | "repo": "https://github.com/hotnops/apeman", 1951 | "stars": 235, 1952 | "last_commit": "2024-10-29T15:32:39Z", 1953 | "language": "Go", 1954 | "description": "AWS Attack Path Management Tool - Walking on the Moon", 1955 | "tags": [], 1956 | "categories": [ 1957 | "Threat Detection", 1958 | "Penetration Testing" 1959 | ], 1960 | "install_options": [] 1961 | }, 1962 | { 1963 | "name": "iann0036/iamlive", 1964 | "repo": "https://github.com/iann0036/iamlive", 1965 | "stars": 3194, 1966 | "last_commit": "2025-02-12T12:06:42Z", 1967 | "language": "Go", 1968 | "description": "Generate an IAM policy from AWS, Azure, or Google Cloud (GCP) calls using client-side monitoring (CSM) or embedded proxy", 1969 | "tags": [ 1970 | "aws", 1971 | "aws-iam", 1972 | "aws-iam-policies", 1973 | "azure", 1974 | "azure-rbac", 1975 | "gcp", 1976 | "gcp-iam", 1977 | "iam", 1978 | "least-privilege" 1979 | ], 1980 | "categories": [ 1981 | "Compliance", 1982 | "IAM Tools", 1983 | "Cloud Monitoring", 1984 | "Policy Management" 1985 | ], 1986 | "install_options": [] 1987 | }, 1988 | { 1989 | "name": "iknowjason/PurpleCloud", 1990 | "repo": "https://github.com/iknowjason/PurpleCloud", 1991 | "stars": 551, 1992 | "last_commit": "2024-11-30T13:26:11Z", 1993 | "language": "Python", 1994 | "description": "A little tool to play with Azure Identity - Azure and Entra ID lab creation tool. Blog: https://medium.com/@iknowjason/sentinel-for-purple-teaming-183b7df7a2f4", 1995 | "tags": [ 1996 | "azure", 1997 | "pentest", 1998 | "purpleteam", 1999 | "siem", 2000 | "dfir", 2001 | "dfir-automation", 2002 | "azure-lab" 2003 | ], 2004 | "categories": [ 2005 | "Incident Response", 2006 | "IAM Tools", 2007 | "Penetration Testing" 2008 | ], 2009 | "install_options": [] 2010 | }, 2011 | { 2012 | "name": "infrahouse/terraform-aws-secret", 2013 | "repo": "https://github.com/infrahouse/terraform-aws-secret", 2014 | "stars": 11, 2015 | "last_commit": "2025-01-27T19:28:10Z", 2016 | "language": "Python", 2017 | "description": "Terraform module for a secret with owner/writer/reader roles.", 2018 | "tags": [], 2019 | "categories": [ 2020 | "IAM Tools", 2021 | "Static Analysis", 2022 | "Secrets Management", 2023 | "Cloud Infrastructure" 2024 | ], 2025 | "install_options": [] 2026 | }, 2027 | { 2028 | "name": "janiko71/aws-inventory", 2029 | "repo": "https://github.com/janiko71/aws-inventory", 2030 | "stars": 166, 2031 | "last_commit": "2024-11-25T09:02:33Z", 2032 | "language": "Python", 2033 | "description": "Python script for AWS resources inventory (cheaper than AWS Config)", 2034 | "tags": [ 2035 | "aws", 2036 | "python", 2037 | "inventory", 2038 | "awsconfig", 2039 | "ec2", 2040 | "s3", 2041 | "vpc", 2042 | "boto3" 2043 | ], 2044 | "categories": [ 2045 | "S3 Auditing", 2046 | "Cloud Cost Management" 2047 | ], 2048 | "install_options": [] 2049 | }, 2050 | { 2051 | "name": "jonrau1/AWS-ComplianceMachineDontStop", 2052 | "repo": "https://github.com/jonrau1/AWS-ComplianceMachineDontStop", 2053 | "stars": 16, 2054 | "last_commit": "2020-04-26T21:30:41Z", 2055 | "language": "HCL", 2056 | "description": "Proof of Value Terraform Scripts to utilize Amazon Web Services (AWS) Security, Identity & Compliance Services to Support your AWS Account Security Posture.", 2057 | "tags": [ 2058 | "terraform", 2059 | "aws", 2060 | "guardduty", 2061 | "modules", 2062 | "lambda", 2063 | "python", 2064 | "remediation", 2065 | "automation", 2066 | "kinesis-firehose", 2067 | "waf", 2068 | "security-hub", 2069 | "aws-glue", 2070 | "aws-config", 2071 | "devops", 2072 | "cloud-security", 2073 | "compliance", 2074 | "aws-cognito", 2075 | "aws-xray", 2076 | "devsecops", 2077 | "secops" 2078 | ], 2079 | "categories": [ 2080 | "Compliance", 2081 | "IAM Tools", 2082 | "Static Analysis", 2083 | "Cloud Infrastructure", 2084 | "Data Security", 2085 | "Serverless Security", 2086 | "Policy Management", 2087 | "API Security" 2088 | ], 2089 | "install_options": [] 2090 | }, 2091 | { 2092 | "name": "jonrau1/ElectricEye", 2093 | "repo": "https://github.com/jonrau1/ElectricEye", 2094 | "stars": 976, 2095 | "last_commit": "2025-02-16T02:07:09Z", 2096 | "language": "Python", 2097 | "description": "ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring supporting 100s of services and evaluations to harden your CSP & SaaS environments with controls mapped to over 20 industry, regulatory, and best practice controls frameworks", 2098 | "tags": [ 2099 | "security-tools", 2100 | "security-audit", 2101 | "cloud-security", 2102 | "security-monitoring", 2103 | "aws-security", 2104 | "security-hub", 2105 | "cloud-compliance-reporting", 2106 | "cloud-auditing", 2107 | "security-engineering", 2108 | "devsecops", 2109 | "aws-audit", 2110 | "aws-compliance", 2111 | "compliance", 2112 | "attack-surface-management", 2113 | "aws", 2114 | "gcp-security", 2115 | "multicloud", 2116 | "saas-security", 2117 | "google-cloud-security", 2118 | "asset-management" 2119 | ], 2120 | "categories": [ 2121 | "Compliance", 2122 | "Cloud Monitoring", 2123 | "Threat Detection", 2124 | "Data Security", 2125 | "Penetration Testing", 2126 | "Policy Management" 2127 | ], 2128 | "install_options": [] 2129 | }, 2130 | { 2131 | "name": "jonrau1/SyntheticSun", 2132 | "repo": "https://github.com/jonrau1/SyntheticSun", 2133 | "stars": 77, 2134 | "last_commit": "2021-07-08T02:10:11Z", 2135 | "language": "Python", 2136 | "description": "SyntheticSun is a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, managed AWS security services and, serverless technologies to continuously prevent, detect and respond to threats.", 2137 | "tags": [ 2138 | "threat-intelligence", 2139 | "machine-learning", 2140 | "anomaly-detection", 2141 | "aws-security", 2142 | "aws-serverless", 2143 | "serverless", 2144 | "automation", 2145 | "geolocation", 2146 | "threat-detection", 2147 | "guardduty", 2148 | "security-automation", 2149 | "security-tools", 2150 | "aws", 2151 | "sagemaker", 2152 | "incident-response", 2153 | "kibana", 2154 | "elasticsearch", 2155 | "data-science", 2156 | "data-visualization", 2157 | "misp" 2158 | ], 2159 | "categories": [ 2160 | "Incident Response", 2161 | "Compliance", 2162 | "Cloud Monitoring", 2163 | "Cloud Infrastructure", 2164 | "Threat Detection", 2165 | "Data Security", 2166 | "Serverless Security" 2167 | ], 2168 | "install_options": [] 2169 | }, 2170 | { 2171 | "name": "jordanpotti/AWSBucketDump", 2172 | "repo": "https://github.com/jordanpotti/AWSBucketDump", 2173 | "stars": 1387, 2174 | "last_commit": "2022-03-07T21:07:58Z", 2175 | "language": "Python", 2176 | "description": "Security Tool to Look For Interesting Files in S3 Buckets", 2177 | "tags": [ 2178 | "s3-bucket", 2179 | "penetration-testing", 2180 | "bugbounty", 2181 | "enumeration" 2182 | ], 2183 | "categories": [ 2184 | "S3 Auditing", 2185 | "Compliance", 2186 | "Data Security", 2187 | "API Security" 2188 | ], 2189 | "install_options": [] 2190 | }, 2191 | { 2192 | "name": "KatTraxler/gcpdocs", 2193 | "repo": "https://github.com/KatTraxler/gcpdocs", 2194 | "stars": 15, 2195 | "last_commit": "2025-02-11T22:51:01Z", 2196 | "language": "Go", 2197 | "description": "Repository to archive GCP Documentation for local use", 2198 | "tags": [], 2199 | "categories": [ 2200 | "Uncategorized" 2201 | ], 2202 | "install_options": [] 2203 | }, 2204 | { 2205 | "name": "kurmiashish/S3Insights", 2206 | "repo": "https://github.com/kurmiashish/S3Insights", 2207 | "stars": 12, 2208 | "last_commit": "2020-09-08T06:28:38Z", 2209 | "language": "Python", 2210 | "description": "S3Insights is a platform for efficiently deriving security insights about S3 data through metadata analysis", 2211 | "tags": [ 2212 | "cloud-security", 2213 | "aws-security", 2214 | "s3-security", 2215 | "s3", 2216 | "aws", 2217 | "serverless" 2218 | ], 2219 | "categories": [ 2220 | "Incident Response", 2221 | "S3 Auditing", 2222 | "Compliance", 2223 | "Static Analysis", 2224 | "Data Security", 2225 | "Serverless Security" 2226 | ], 2227 | "install_options": [] 2228 | }, 2229 | { 2230 | "name": "lateralblast/lunar", 2231 | "repo": "https://github.com/lateralblast/lunar", 2232 | "stars": 313, 2233 | "last_commit": "2024-07-22T05:44:22Z", 2234 | "language": "Shell", 2235 | "description": "A UNIX security auditing tool based on several security frameworks", 2236 | "tags": [], 2237 | "categories": [ 2238 | "S3 Auditing", 2239 | "Compliance", 2240 | "Data Security", 2241 | "Penetration Testing" 2242 | ], 2243 | "install_options": [] 2244 | }, 2245 | { 2246 | "name": "lirlia/prel", 2247 | "repo": "https://github.com/lirlia/prel", 2248 | "stars": 38, 2249 | "last_commit": "2025-02-16T23:04:04Z", 2250 | "language": "Go", 2251 | "description": "prel(iminary) is an application that temporarily assigns Google Cloud IAM Roles and includes an approval process.", 2252 | "tags": [ 2253 | "google-cloud", 2254 | "governance-operations", 2255 | "iam-role", 2256 | "oss", 2257 | "security-tools", 2258 | "workflow" 2259 | ], 2260 | "categories": [ 2261 | "IAM Tools" 2262 | ], 2263 | "install_options": [] 2264 | }, 2265 | { 2266 | "name": "luminaut-org/luminaut", 2267 | "repo": "https://github.com/luminaut-org/luminaut", 2268 | "stars": 12, 2269 | "last_commit": "2025-01-11T16:18:51Z", 2270 | "language": "Python", 2271 | "description": "Casting light on shadow cloud deployments. Detect exposure of resources deployed in AWS.", 2272 | "tags": [ 2273 | "aws", 2274 | "cloud", 2275 | "dfir", 2276 | "dfir-tools", 2277 | "forensics", 2278 | "incident-response", 2279 | "security" 2280 | ], 2281 | "categories": [ 2282 | "Incident Response", 2283 | "Compliance", 2284 | "Cloud Infrastructure", 2285 | "Data Security", 2286 | "Cloud Cost Management" 2287 | ], 2288 | "install_options": [] 2289 | }, 2290 | { 2291 | "name": "cartography-cncf/cartography", 2292 | "repo": "https://github.com/cartography-cncf/cartography", 2293 | "stars": 3166, 2294 | "last_commit": "2025-02-11T23:28:31Z", 2295 | "language": "Python", 2296 | "description": "Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database.", 2297 | "tags": [], 2298 | "categories": [ 2299 | "Cloud Infrastructure", 2300 | "Data Security" 2301 | ], 2302 | "install_options": [] 2303 | }, 2304 | { 2305 | "name": "maester365/maester", 2306 | "repo": "https://github.com/maester365/maester", 2307 | "stars": 445, 2308 | "last_commit": "2025-02-19T21:50:54Z", 2309 | "language": "HTML", 2310 | "description": "Maester is a PowerShell based test automation framework to help you stay in control of your Microsoft security configuration.", 2311 | "tags": [ 2312 | "devops", 2313 | "entra", 2314 | "microsoft-365", 2315 | "microsoft-graph" 2316 | ], 2317 | "categories": [ 2318 | "Compliance", 2319 | "Static Analysis", 2320 | "Cloud Infrastructure", 2321 | "Data Security", 2322 | "Policy Management" 2323 | ], 2324 | "install_options": [] 2325 | }, 2326 | { 2327 | "name": "matthewdfuller/safer-scps", 2328 | "repo": "https://github.com/matthewdfuller/safer-scps", 2329 | "stars": 50, 2330 | "last_commit": "2023-09-30T19:52:37Z", 2331 | "language": "", 2332 | "description": "Safer AWS SCP deployments via real-time monitoring", 2333 | "tags": [ 2334 | "aws", 2335 | "aws-cloudwatch", 2336 | "aws-organizations", 2337 | "aws-scp", 2338 | "security" 2339 | ], 2340 | "categories": [ 2341 | "Compliance", 2342 | "Cloud Monitoring", 2343 | "Cloud Infrastructure", 2344 | "Data Security" 2345 | ], 2346 | "install_options": [] 2347 | }, 2348 | { 2349 | "name": "mchaffe/cloudprefixes", 2350 | "repo": "https://github.com/mchaffe/cloudprefixes", 2351 | "stars": 24, 2352 | "last_commit": "2024-10-02T01:19:53Z", 2353 | "language": "Go", 2354 | "description": "Recon tool to query cloud prefixes for services associated with an IP address", 2355 | "tags": [ 2356 | "cloud", 2357 | "go", 2358 | "network", 2359 | "offensive-security", 2360 | "reconnaissance" 2361 | ], 2362 | "categories": [ 2363 | "Threat Detection", 2364 | "Penetration Testing" 2365 | ], 2366 | "install_options": [] 2367 | }, 2368 | { 2369 | "name": "mchmarny/s3cme", 2370 | "repo": "https://github.com/mchmarny/s3cme", 2371 | "stars": 104, 2372 | "last_commit": "2024-01-28T18:48:38Z", 2373 | "language": "Go", 2374 | "description": "Template Go app repo with local test/lint/build/vulnerability check workflow, and on tag image test/build/release pipelines, with ko generative SBOM, cosign attestation, and SLSA build provenance", 2375 | "tags": [ 2376 | "attestation", 2377 | "oidc", 2378 | "provenance", 2379 | "sbom", 2380 | "slsa", 2381 | "supply-chain-security", 2382 | "vulnerability", 2383 | "cosine" 2384 | ], 2385 | "categories": [ 2386 | "Static Analysis" 2387 | ], 2388 | "install_options": [] 2389 | }, 2390 | { 2391 | "name": "messypoutine/gravy-overflow", 2392 | "repo": "https://github.com/messypoutine/gravy-overflow", 2393 | "stars": 17, 2394 | "last_commit": "2024-12-17T22:16:20Z", 2395 | "language": "JavaScript", 2396 | "description": "A GitHub Actions Supply Chain CTF / Goat", 2397 | "tags": [ 2398 | "ctf", 2399 | "github-actions", 2400 | "goat", 2401 | "supply-chain" 2402 | ], 2403 | "categories": [ 2404 | "Uncategorized" 2405 | ], 2406 | "install_options": [] 2407 | }, 2408 | { 2409 | "name": "MindPointGroup/cloudfrunt", 2410 | "repo": "https://github.com/MindPointGroup/cloudfrunt", 2411 | "stars": 349, 2412 | "last_commit": "2018-04-27T21:07:20Z", 2413 | "language": "Python", 2414 | "description": "A tool for identifying misconfigured CloudFront domains", 2415 | "tags": [ 2416 | "security", 2417 | "security-tools", 2418 | "vulnerability-detection", 2419 | "aws", 2420 | "cloudfront" 2421 | ], 2422 | "categories": [ 2423 | "Compliance", 2424 | "Data Security" 2425 | ], 2426 | "install_options": [] 2427 | }, 2428 | { 2429 | "name": "tailwarden/komiser", 2430 | "repo": "https://github.com/tailwarden/komiser", 2431 | "stars": 4021, 2432 | "last_commit": "2025-01-06T12:38:14Z", 2433 | "language": "Go", 2434 | "description": "Open-source cloud-environment inspector. Supporting AWS, GCP, Azure, and more! Your cloud resources will have nowhere to hide!", 2435 | "tags": [ 2436 | "aws", 2437 | "azure", 2438 | "cost-optimization", 2439 | "digitalocean", 2440 | "gcp", 2441 | "kubernetes", 2442 | "oci", 2443 | "open-source", 2444 | "civo", 2445 | "inventory-management", 2446 | "linode", 2447 | "tencent", 2448 | "hacktoberfest" 2449 | ], 2450 | "categories": [ 2451 | "Container Security", 2452 | "Cloud Cost Management" 2453 | ], 2454 | "install_options": [] 2455 | }, 2456 | { 2457 | "name": "mozilla/frost", 2458 | "repo": "https://github.com/mozilla/frost", 2459 | "stars": 105, 2460 | "last_commit": "2021-01-22T18:35:20Z", 2461 | "language": "Python", 2462 | "description": "Unit testing framework for test driven security of AWS, GCP, Heroku and more.", 2463 | "tags": [ 2464 | "pytest", 2465 | "third-party", 2466 | "security-audit" 2467 | ], 2468 | "categories": [ 2469 | "Compliance", 2470 | "Data Security", 2471 | "Penetration Testing" 2472 | ], 2473 | "install_options": [] 2474 | }, 2475 | { 2476 | "name": "mozilla/MozDef", 2477 | "repo": "https://github.com/mozilla/MozDef", 2478 | "stars": 2166, 2479 | "last_commit": "2021-11-02T16:41:59Z", 2480 | "language": "Python", 2481 | "description": "DEPRECATED - MozDef: Mozilla Enterprise Defense Platform", 2482 | "tags": [ 2483 | "siem", 2484 | "python", 2485 | "elk", 2486 | "elk-stack", 2487 | "elasticsearch", 2488 | "security", 2489 | "abandoned", 2490 | "unmaintained" 2491 | ], 2492 | "categories": [ 2493 | "Compliance", 2494 | "Data Security" 2495 | ], 2496 | "install_options": [] 2497 | }, 2498 | { 2499 | "name": "mozilla/ssm-acquire", 2500 | "repo": "https://github.com/mozilla/ssm-acquire", 2501 | "stars": 59, 2502 | "last_commit": "2019-08-06T15:27:02Z", 2503 | "language": "Python", 2504 | "description": "A python module for orchestrating content acquisitions and analysis via amazon ssm.", 2505 | "tags": [], 2506 | "categories": [ 2507 | "Incident Response", 2508 | "Static Analysis" 2509 | ], 2510 | "install_options": [] 2511 | }, 2512 | { 2513 | "name": "MrSecure/review-security-groups", 2514 | "repo": "https://github.com/MrSecure/review-security-groups", 2515 | "stars": 62, 2516 | "last_commit": "2020-06-05T19:13:09Z", 2517 | "language": "PHP", 2518 | "description": "A small set of scripts to summarize AWS Security Groups, and generate visualizations of the rules.", 2519 | "tags": [ 2520 | "aws", 2521 | "security-groups" 2522 | ], 2523 | "categories": [ 2524 | "Compliance", 2525 | "IAM Tools", 2526 | "Data Security", 2527 | "Policy Management" 2528 | ], 2529 | "install_options": [] 2530 | }, 2531 | { 2532 | "name": "n0jam/gcp-ctf-workshop", 2533 | "repo": "https://github.com/n0jam/gcp-ctf-workshop", 2534 | "stars": 34, 2535 | "last_commit": "2024-11-29T11:42:23Z", 2536 | "language": "HCL", 2537 | "description": "", 2538 | "tags": [], 2539 | "categories": [ 2540 | "Uncategorized" 2541 | ], 2542 | "install_options": [] 2543 | }, 2544 | { 2545 | "name": "nahamsec/lazys3", 2546 | "repo": "https://github.com/nahamsec/lazys3", 2547 | "stars": 545, 2548 | "last_commit": "2017-08-03T18:02:20Z", 2549 | "language": "Ruby", 2550 | "description": "", 2551 | "tags": [], 2552 | "categories": [ 2553 | "Uncategorized" 2554 | ], 2555 | "install_options": [] 2556 | }, 2557 | { 2558 | "name": "nccgroup/aws-inventory", 2559 | "repo": "https://github.com/nccgroup/aws-inventory", 2560 | "stars": 716, 2561 | "last_commit": "2021-02-07T20:47:18Z", 2562 | "language": "Python", 2563 | "description": "Discover resources created in an AWS account.", 2564 | "tags": [ 2565 | "aws", 2566 | "python", 2567 | "react" 2568 | ], 2569 | "categories": [ 2570 | "Cloud Cost Management" 2571 | ], 2572 | "install_options": [] 2573 | }, 2574 | { 2575 | "name": "nccgroup/PMapper", 2576 | "repo": "https://github.com/nccgroup/PMapper", 2577 | "stars": 1454, 2578 | "last_commit": "2022-02-03T23:32:31Z", 2579 | "language": "Python", 2580 | "description": "A tool for quickly evaluating IAM permissions in AWS.", 2581 | "tags": [ 2582 | "aws", 2583 | "iam", 2584 | "python", 2585 | "botocore", 2586 | "cloudsecurity" 2587 | ], 2588 | "categories": [ 2589 | "S3 Auditing", 2590 | "IAM Tools", 2591 | "Policy Management" 2592 | ], 2593 | "install_options": [] 2594 | }, 2595 | { 2596 | "name": "nccgroup/s3_objects_check", 2597 | "repo": "https://github.com/nccgroup/s3_objects_check", 2598 | "stars": 76, 2599 | "last_commit": "2020-11-27T08:51:51Z", 2600 | "language": "Python", 2601 | "description": "Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.", 2602 | "tags": [ 2603 | "s3", 2604 | "aws", 2605 | "security" 2606 | ], 2607 | "categories": [ 2608 | "S3 Auditing", 2609 | "Compliance", 2610 | "IAM Tools", 2611 | "Data Security", 2612 | "Policy Management" 2613 | ], 2614 | "install_options": [] 2615 | }, 2616 | { 2617 | "name": "nccgroup/ScoutSuite", 2618 | "repo": "https://github.com/nccgroup/ScoutSuite", 2619 | "stars": 6948, 2620 | "last_commit": "2024-05-10T09:24:57Z", 2621 | "language": "Python", 2622 | "description": "Multi-Cloud Security Auditing Tool", 2623 | "tags": [ 2624 | "aws", 2625 | "azure", 2626 | "gcp", 2627 | "cloud", 2628 | "security", 2629 | "auditing" 2630 | ], 2631 | "categories": [ 2632 | "S3 Auditing", 2633 | "Compliance", 2634 | "Data Security", 2635 | "Penetration Testing" 2636 | ], 2637 | "install_options": [] 2638 | }, 2639 | { 2640 | "name": "nccgroup/SteppingStones", 2641 | "repo": "https://github.com/nccgroup/SteppingStones", 2642 | "stars": 190, 2643 | "last_commit": "2025-02-19T18:02:46Z", 2644 | "language": "Python", 2645 | "description": "A Red Team Activity Hub", 2646 | "tags": [ 2647 | "bloodhound", 2648 | "cobalt-strike", 2649 | "cracking-hashes", 2650 | "recording", 2651 | "red-team" 2652 | ], 2653 | "categories": [ 2654 | "Cloud Monitoring", 2655 | "Threat Detection", 2656 | "Penetration Testing" 2657 | ], 2658 | "install_options": [] 2659 | }, 2660 | { 2661 | "name": "Netflix-Skunkworks/aws-credential-compromise-detection", 2662 | "repo": "https://github.com/Netflix-Skunkworks/aws-credential-compromise-detection", 2663 | "stars": 120, 2664 | "last_commit": "2018-08-06T03:17:43Z", 2665 | "language": "Python", 2666 | "description": "Example detection of compromise credentials in AWS", 2667 | "tags": [ 2668 | "security" 2669 | ], 2670 | "categories": [ 2671 | "Incident Response", 2672 | "Compliance", 2673 | "Secrets Management", 2674 | "Threat Detection", 2675 | "Data Security" 2676 | ], 2677 | "install_options": [] 2678 | }, 2679 | { 2680 | "name": "Netflix/repokid", 2681 | "repo": "https://github.com/Netflix/repokid", 2682 | "stars": 1128, 2683 | "last_commit": "2021-08-25T20:14:58Z", 2684 | "language": "Python", 2685 | "description": "AWS Least Privilege for Distributed, High-Velocity Deployment", 2686 | "tags": [ 2687 | "security", 2688 | "aws" 2689 | ], 2690 | "categories": [ 2691 | "Compliance", 2692 | "Cloud Infrastructure", 2693 | "Data Security" 2694 | ], 2695 | "install_options": [] 2696 | }, 2697 | { 2698 | "name": "Netflix/security_monkey", 2699 | "repo": "https://github.com/Netflix/security_monkey", 2700 | "stars": 4357, 2701 | "last_commit": "2021-02-11T02:32:12Z", 2702 | "language": "Python", 2703 | "description": "Security Monkey monitors AWS, GCP, OpenStack, and GitHub orgs for assets and their changes over time.", 2704 | "tags": [ 2705 | "aws", 2706 | "python", 2707 | "aws-s3", 2708 | "aws-ec2", 2709 | "aws-sqs", 2710 | "aws-vpc", 2711 | "aws-iam", 2712 | "boto3", 2713 | "boto", 2714 | "botocore", 2715 | "aws-security", 2716 | "aws-policy-tracking", 2717 | "security" 2718 | ], 2719 | "categories": [ 2720 | "Compliance", 2721 | "Data Security" 2722 | ], 2723 | "install_options": [] 2724 | }, 2725 | { 2726 | "name": "NetSPI/gcpwn", 2727 | "repo": "https://github.com/NetSPI/gcpwn", 2728 | "stars": 226, 2729 | "last_commit": "2024-09-09T06:03:56Z", 2730 | "language": "Python", 2731 | "description": "Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @WebbinRoot", 2732 | "tags": [], 2733 | "categories": [ 2734 | "Incident Response", 2735 | "Static Analysis", 2736 | "Penetration Testing" 2737 | ], 2738 | "install_options": [] 2739 | }, 2740 | { 2741 | "name": "nianticlabs/venator", 2742 | "repo": "https://github.com/nianticlabs/venator", 2743 | "stars": 373, 2744 | "last_commit": "2024-10-01T11:08:41Z", 2745 | "language": "Go", 2746 | "description": "A flexible threat detection platform that simplifies rule management and deployment using K8s CronJob and Helm, but can also run standalone or with other job schedulers like Nomad.", 2747 | "tags": [ 2748 | "threat-detection", 2749 | "detection-engineering", 2750 | "golang", 2751 | "kubernetes" 2752 | ], 2753 | "categories": [ 2754 | "Incident Response", 2755 | "Cloud Infrastructure", 2756 | "Threat Detection", 2757 | "Data Security", 2758 | "Container Security" 2759 | ], 2760 | "install_options": [] 2761 | }, 2762 | { 2763 | "name": "nozaq/terraform-aws-secure-baseline", 2764 | "repo": "https://github.com/nozaq/terraform-aws-secure-baseline", 2765 | "stars": 1159, 2766 | "last_commit": "2023-02-22T00:05:35Z", 2767 | "language": "HCL", 2768 | "description": "Terraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.", 2769 | "tags": [ 2770 | "terraform", 2771 | "aws", 2772 | "security", 2773 | "security-hardening", 2774 | "terraform-modules", 2775 | "hardening", 2776 | "cis-benchmark", 2777 | "aws-auditing", 2778 | "security-tools", 2779 | "devops", 2780 | "terraform-module" 2781 | ], 2782 | "categories": [ 2783 | "Compliance", 2784 | "Static Analysis", 2785 | "Cloud Infrastructure", 2786 | "Data Security", 2787 | "Policy Management", 2788 | "API Security" 2789 | ], 2790 | "install_options": [] 2791 | }, 2792 | { 2793 | "name": "nullenc0de/servicelens", 2794 | "repo": "https://github.com/nullenc0de/servicelens", 2795 | "stars": 74, 2796 | "last_commit": "2024-10-21T13:43:51Z", 2797 | "language": "Python", 2798 | "description": "ServiceLens is a Python tool for analyzing services linked to Microsoft 365 domains. It scans DNS records like SPF and DMARC to identify services, categorizing them into Email, Cloud, Security, and more.", 2799 | "tags": [], 2800 | "categories": [ 2801 | "Compliance", 2802 | "Static Analysis", 2803 | "Data Security" 2804 | ], 2805 | "install_options": [] 2806 | }, 2807 | { 2808 | "name": "octo-sts/app", 2809 | "repo": "https://github.com/octo-sts/app", 2810 | "stars": 147, 2811 | "last_commit": "2025-02-19T20:42:44Z", 2812 | "language": "Go", 2813 | "description": "A GitHub App that acts like a Security Token Service (STS) for the Github API", 2814 | "tags": [], 2815 | "categories": [ 2816 | "Compliance", 2817 | "Secrets Management", 2818 | "Data Security", 2819 | "API Security" 2820 | ], 2821 | "install_options": [] 2822 | }, 2823 | { 2824 | "name": "offensive-actions/azure-storage-reverse-shell", 2825 | "repo": "https://github.com/offensive-actions/azure-storage-reverse-shell", 2826 | "stars": 36, 2827 | "last_commit": "2024-09-25T18:07:45Z", 2828 | "language": "Python", 2829 | "description": "This GitHub Action sends a reverse shell from a runner via Azure Storage Account blobs", 2830 | "tags": [], 2831 | "categories": [ 2832 | "S3 Auditing", 2833 | "Data Security" 2834 | ], 2835 | "install_options": [] 2836 | }, 2837 | { 2838 | "name": "okigan/awscurl", 2839 | "repo": "https://github.com/okigan/awscurl", 2840 | "stars": 803, 2841 | "last_commit": "2024-08-26T04:56:29Z", 2842 | "language": "Python", 2843 | "description": "curl-like access to AWS resources with AWS Signature Version 4 request signing.", 2844 | "tags": [ 2845 | "aws-signature", 2846 | "curl", 2847 | "aws" 2848 | ], 2849 | "categories": [ 2850 | "S3 Auditing", 2851 | "IAM Tools", 2852 | "Cloud Cost Management" 2853 | ], 2854 | "install_options": [] 2855 | }, 2856 | { 2857 | "name": "open-policy-agent/gatekeeper-library", 2858 | "repo": "https://github.com/open-policy-agent/gatekeeper-library", 2859 | "stars": 661, 2860 | "last_commit": "2025-02-18T23:20:51Z", 2861 | "language": "Open Policy Agent", 2862 | "description": "📚 The OPA Gatekeeper policy library", 2863 | "tags": [ 2864 | "gatekeeper", 2865 | "opa", 2866 | "policy", 2867 | "cncf", 2868 | "kubernetes", 2869 | "policy-library", 2870 | "hacktoberfest" 2871 | ], 2872 | "categories": [ 2873 | "Compliance", 2874 | "IAM Tools", 2875 | "Container Security", 2876 | "Policy Management" 2877 | ], 2878 | "install_options": [] 2879 | }, 2880 | { 2881 | "name": "openai/openai-security-bots", 2882 | "repo": "https://github.com/openai/openai-security-bots", 2883 | "stars": 359, 2884 | "last_commit": "2024-04-18T09:38:38Z", 2885 | "language": "Python", 2886 | "description": "", 2887 | "tags": [], 2888 | "categories": [ 2889 | "Uncategorized" 2890 | ], 2891 | "install_options": [] 2892 | }, 2893 | { 2894 | "name": "openraven/magpie", 2895 | "repo": "https://github.com/openraven/magpie", 2896 | "stars": 180, 2897 | "last_commit": "2024-08-29T19:32:51Z", 2898 | "language": "Java", 2899 | "description": "A Cloud Security Posture Manager or CSPM with a focus on security analysis for the modern cloud stack and a focus on the emerging threat landscape such as cloud ransomware and supply chain attacks. ", 2900 | "tags": [ 2901 | "security-tools", 2902 | "aws", 2903 | "cloud", 2904 | "cspm", 2905 | "gcp", 2906 | "security-audit", 2907 | "security", 2908 | "security-vulnerability", 2909 | "security-scanner", 2910 | "security-testing", 2911 | "cloudsecurity" 2912 | ], 2913 | "categories": [ 2914 | "Incident Response", 2915 | "Compliance", 2916 | "Static Analysis", 2917 | "Threat Detection", 2918 | "Data Security", 2919 | "Penetration Testing" 2920 | ], 2921 | "install_options": [] 2922 | }, 2923 | { 2924 | "name": "orcasecurity-research/kte", 2925 | "repo": "https://github.com/orcasecurity-research/kte", 2926 | "stars": 38, 2927 | "last_commit": "2024-08-29T13:01:08Z", 2928 | "language": "HCL", 2929 | "description": "Test & Compare different Kubernetes security offerings on EKS, GKE and AKS", 2930 | "tags": [], 2931 | "categories": [ 2932 | "Compliance", 2933 | "Data Security", 2934 | "Container Security" 2935 | ], 2936 | "install_options": [] 2937 | }, 2938 | { 2939 | "name": "ovotech/cloud-key-rotator", 2940 | "repo": "https://github.com/ovotech/cloud-key-rotator", 2941 | "stars": 65, 2942 | "last_commit": "2025-02-17T03:22:56Z", 2943 | "language": "Go", 2944 | "description": "A Golang program to rotate AWS & GCP account keys", 2945 | "tags": [ 2946 | "kaluza-to-migrate" 2947 | ], 2948 | "categories": [ 2949 | "Secrets Management" 2950 | ], 2951 | "install_options": [] 2952 | }, 2953 | { 2954 | "name": "padok-team/cognito-scanner", 2955 | "repo": "https://github.com/padok-team/cognito-scanner", 2956 | "stars": 102, 2957 | "last_commit": "2023-12-06T16:00:48Z", 2958 | "language": "Python", 2959 | "description": "A simple script which implements different Cognito attacks such as Account Oracle or Priviledge Escalation", 2960 | "tags": [ 2961 | "audit", 2962 | "cognito", 2963 | "cybersecurity", 2964 | "scanner", 2965 | "security-tools" 2966 | ], 2967 | "categories": [ 2968 | "Compliance", 2969 | "Threat Detection", 2970 | "Penetration Testing" 2971 | ], 2972 | "install_options": [] 2973 | }, 2974 | { 2975 | "name": "PaperMtn/slack-watchman", 2976 | "repo": "https://github.com/PaperMtn/slack-watchman", 2977 | "stars": 372, 2978 | "last_commit": "2024-12-19T09:38:07Z", 2979 | "language": "Python", 2980 | "description": "Slack enumeration and exposed secrets detection tool", 2981 | "tags": [ 2982 | "blueteam", 2983 | "blue-team", 2984 | "cybersecurity", 2985 | "infosec", 2986 | "slack", 2987 | "tools", 2988 | "redteam", 2989 | "red-team", 2990 | "purpleteam", 2991 | "purple-team", 2992 | "slack-api", 2993 | "slack-workspaces", 2994 | "monitoring" 2995 | ], 2996 | "categories": [ 2997 | "Cloud Monitoring", 2998 | "Secrets Management", 2999 | "Threat Detection", 3000 | "Data Security" 3001 | ], 3002 | "install_options": [] 3003 | }, 3004 | { 3005 | "name": "Permiso-io-tools/azure-activity-log-axe", 3006 | "repo": "https://github.com/Permiso-io-tools/azure-activity-log-axe", 3007 | "stars": 26, 3008 | "last_commit": "2024-09-06T04:21:28Z", 3009 | "language": "Python", 3010 | "description": "Azure Activity Log Axe is a continually developing tool that simplifies the transactional log format provided by Microsoft. The tool leverages the \"Axe Key,\" a method created by Nathan Eades of the Permiso P0 Labs team. The Axe Key provides a more consistent grouping of the transactional events of an operation than the traditional built-in Ids.", 3011 | "tags": [ 3012 | "analysis", 3013 | "azure", 3014 | "azure-activity-logs", 3015 | "detection", 3016 | "logging", 3017 | "python" 3018 | ], 3019 | "categories": [ 3020 | "Incident Response", 3021 | "Cloud Monitoring", 3022 | "Static Analysis", 3023 | "Threat Detection", 3024 | "Data Security" 3025 | ], 3026 | "install_options": [] 3027 | }, 3028 | { 3029 | "name": "Permiso-io-tools/bucket-shield", 3030 | "repo": "https://github.com/Permiso-io-tools/bucket-shield", 3031 | "stars": 12, 3032 | "last_commit": "2024-11-07T10:51:04Z", 3033 | "language": "Python", 3034 | "description": "", 3035 | "tags": [], 3036 | "categories": [ 3037 | "Uncategorized" 3038 | ], 3039 | "install_options": [] 3040 | }, 3041 | { 3042 | "name": "Permiso-io-tools/CloudConsoleCartographer", 3043 | "repo": "https://github.com/Permiso-io-tools/CloudConsoleCartographer", 3044 | "stars": 161, 3045 | "last_commit": "2024-05-16T14:34:39Z", 3046 | "language": "PowerShell", 3047 | "description": "Released at Black Hat Asia on April 18, 2024, Cloud Console Cartographer is a framework for condensing groupings of cloud events (e.g. CloudTrail logs) and mapping them to the original user input actions in the management console UI for simplified analysis and explainability.", 3048 | "tags": [], 3049 | "categories": [ 3050 | "Incident Response", 3051 | "Cloud Monitoring", 3052 | "Static Analysis" 3053 | ], 3054 | "install_options": [] 3055 | }, 3056 | { 3057 | "name": "Permiso-io-tools/CloudGrappler", 3058 | "repo": "https://github.com/Permiso-io-tools/CloudGrappler", 3059 | "stars": 255, 3060 | "last_commit": "2024-11-24T13:25:11Z", 3061 | "language": "Python", 3062 | "description": "", 3063 | "tags": [], 3064 | "categories": [ 3065 | "Uncategorized" 3066 | ], 3067 | "install_options": [] 3068 | }, 3069 | { 3070 | "name": "Permiso-io-tools/cloudtail", 3071 | "repo": "https://github.com/Permiso-io-tools/cloudtail", 3072 | "stars": 26, 3073 | "last_commit": "2024-11-07T10:00:59Z", 3074 | "language": "Python", 3075 | "description": "", 3076 | "tags": [], 3077 | "categories": [ 3078 | "Uncategorized" 3079 | ], 3080 | "install_options": [] 3081 | }, 3082 | { 3083 | "name": "Permiso-io-tools/SkyScalpel", 3084 | "repo": "https://github.com/Permiso-io-tools/SkyScalpel", 3085 | "stars": 31, 3086 | "last_commit": "2024-11-07T12:11:27Z", 3087 | "language": "C#", 3088 | "description": "", 3089 | "tags": [], 3090 | "categories": [ 3091 | "Uncategorized" 3092 | ], 3093 | "install_options": [] 3094 | }, 3095 | { 3096 | "name": "planetscale/cloudranger", 3097 | "repo": "https://github.com/planetscale/cloudranger", 3098 | "stars": 14, 3099 | "last_commit": "2025-02-17T15:38:59Z", 3100 | "language": "Go", 3101 | "description": "Go library for mapping IP address ranges to cloud provider regions (currently: AWS and GCP)", 3102 | "tags": [], 3103 | "categories": [ 3104 | "Uncategorized" 3105 | ], 3106 | "install_options": [] 3107 | }, 3108 | { 3109 | "name": "prevade/cloudjack", 3110 | "repo": "https://github.com/prevade/cloudjack", 3111 | "stars": 85, 3112 | "last_commit": "2023-09-11T17:55:39Z", 3113 | "language": "Python", 3114 | "description": "Route53/CloudFront Vulnerability Assessment Utility", 3115 | "tags": [ 3116 | "aws", 3117 | "cloudfront", 3118 | "route53", 3119 | "vulnerability" 3120 | ], 3121 | "categories": [ 3122 | "Static Analysis" 3123 | ], 3124 | "install_options": [] 3125 | }, 3126 | { 3127 | "name": "primait/nuvola", 3128 | "repo": "https://github.com/primait/nuvola", 3129 | "stars": 139, 3130 | "last_commit": "2025-02-02T10:18:07Z", 3131 | "language": "Go", 3132 | "description": "", 3133 | "tags": [ 3134 | "aws", 3135 | "cloud", 3136 | "golang", 3137 | "neo4j", 3138 | "redteaming", 3139 | "cloudsecurity", 3140 | "devops", 3141 | "devsecops" 3142 | ], 3143 | "categories": [ 3144 | "Uncategorized" 3145 | ], 3146 | "install_options": [] 3147 | }, 3148 | { 3149 | "name": "primeharbor/pht-securityhub-management", 3150 | "repo": "https://github.com/primeharbor/pht-securityhub-management", 3151 | "stars": 4, 3152 | "last_commit": "2023-08-08T13:17:54Z", 3153 | "language": "Shell", 3154 | "description": "Scripts for managing your Security Hub across an organization", 3155 | "tags": [], 3156 | "categories": [ 3157 | "Compliance", 3158 | "Data Security" 3159 | ], 3160 | "install_options": [] 3161 | }, 3162 | { 3163 | "name": "prisma-cloud/IAMFinder", 3164 | "repo": "https://github.com/prisma-cloud/IAMFinder", 3165 | "stars": 110, 3166 | "last_commit": "2020-11-19T20:15:02Z", 3167 | "language": "Python", 3168 | "description": "IAMFinder enumerates and finds users and IAM roles in a target AWS account.", 3169 | "tags": [], 3170 | "categories": [ 3171 | "IAM Tools" 3172 | ], 3173 | "install_options": [] 3174 | }, 3175 | { 3176 | "name": "projectdiscovery/cdncheck", 3177 | "repo": "https://github.com/projectdiscovery/cdncheck", 3178 | "stars": 798, 3179 | "last_commit": "2025-02-18T14:42:34Z", 3180 | "language": "Go", 3181 | "description": "A utility to detect various technology for a given IP address.", 3182 | "tags": [ 3183 | "cdn", 3184 | "cname", 3185 | "detection", 3186 | "technology", 3187 | "cli", 3188 | "api", 3189 | "lib" 3190 | ], 3191 | "categories": [ 3192 | "Threat Detection", 3193 | "Data Security", 3194 | "API Security" 3195 | ], 3196 | "install_options": [] 3197 | }, 3198 | { 3199 | "name": "prowler-cloud/prowler", 3200 | "repo": "https://github.com/prowler-cloud/prowler", 3201 | "stars": 11248, 3202 | "last_commit": "2025-02-20T11:55:36Z", 3203 | "language": "Python", 3204 | "description": "Prowler is an Open Cloud Security tool for AWS, Azure, GCP and Kubernetes. It helps for continuos monitoring, security assessments and audits, incident response, compliance, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more.", 3205 | "tags": [ 3206 | "security", 3207 | "security-tools", 3208 | "security-audit", 3209 | "security-hardening", 3210 | "hardening", 3211 | "aws", 3212 | "cis-benchmark", 3213 | "compliance", 3214 | "gdpr", 3215 | "forensics", 3216 | "cloud", 3217 | "well-architected", 3218 | "devsecops", 3219 | "azure", 3220 | "iam", 3221 | "python", 3222 | "gcp", 3223 | "multi-cloud", 3224 | "saas", 3225 | "cspm" 3226 | ], 3227 | "categories": [ 3228 | "Incident Response", 3229 | "Compliance", 3230 | "IAM Tools", 3231 | "Cloud Monitoring", 3232 | "Data Security", 3233 | "Penetration Testing", 3234 | "Container Security", 3235 | "Policy Management" 3236 | ], 3237 | "install_options": [] 3238 | }, 3239 | { 3240 | "name": "pumasecurity/nymeria", 3241 | "repo": "https://github.com/pumasecurity/nymeria", 3242 | "stars": 35, 3243 | "last_commit": "2024-03-01T19:58:06Z", 3244 | "language": "HCL", 3245 | "description": "Multicloud workload identity workshop", 3246 | "tags": [], 3247 | "categories": [ 3248 | "IAM Tools" 3249 | ], 3250 | "install_options": [] 3251 | }, 3252 | { 3253 | "name": "pumasecurity/serverless-prey", 3254 | "repo": "https://github.com/pumasecurity/serverless-prey", 3255 | "stars": 236, 3256 | "last_commit": "2024-10-16T16:43:36Z", 3257 | "language": "HCL", 3258 | "description": "Serverless Functions for establishing Reverse Shells to Lambda, Azure Functions, and Google Cloud Functions", 3259 | "tags": [], 3260 | "categories": [ 3261 | "Serverless Security" 3262 | ], 3263 | "install_options": [] 3264 | }, 3265 | { 3266 | "name": "puresec/lambda-proxy", 3267 | "repo": "https://github.com/puresec/lambda-proxy", 3268 | "stars": 37, 3269 | "last_commit": "2019-01-11T07:08:45Z", 3270 | "language": "Python", 3271 | "description": "Lambda-Proxy creates an HTTP proxy listening on localhost port 8082. When it receives an HTTP POST request with a very specific structure , it will parse the request, extract the relevant data required for the test, and will invoke your AWS Lambda function using the AWS SDK client.invoke() method. It was created for testing AWS Lambda functions with SQLMap as described here: https://www.puresec.io/blog/automated-sql-injection-testing-of-serverless-functions-on-a-shoestring-budget-and-some-good-music", 3272 | "tags": [], 3273 | "categories": [ 3274 | "Data Security", 3275 | "Penetration Testing", 3276 | "Serverless Security" 3277 | ], 3278 | "install_options": [] 3279 | }, 3280 | { 3281 | "name": "puresec/serverless-puresec-cli", 3282 | "repo": "https://github.com/puresec/serverless-puresec-cli", 3283 | "stars": 250, 3284 | "last_commit": "2019-10-22T13:37:07Z", 3285 | "language": "JavaScript", 3286 | "description": "Serverless plugin for least privileges.", 3287 | "tags": [], 3288 | "categories": [ 3289 | "Serverless Security" 3290 | ], 3291 | "install_options": [] 3292 | }, 3293 | { 3294 | "name": "rdkls/tf-parliament", 3295 | "repo": "https://github.com/rdkls/tf-parliament", 3296 | "stars": 80, 3297 | "last_commit": "2021-04-19T01:24:46Z", 3298 | "language": "Python", 3299 | "description": "", 3300 | "tags": [], 3301 | "categories": [ 3302 | "Uncategorized" 3303 | ], 3304 | "install_options": [] 3305 | }, 3306 | { 3307 | "name": "RhinoSecurityLabs/ccat", 3308 | "repo": "https://github.com/RhinoSecurityLabs/ccat", 3309 | "stars": 615, 3310 | "last_commit": "2019-11-17T19:16:23Z", 3311 | "language": "Python", 3312 | "description": "Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.", 3313 | "tags": [ 3314 | "cloud", 3315 | "docker", 3316 | "kubernetes", 3317 | "k8s", 3318 | "aws", 3319 | "amazon", 3320 | "google", 3321 | "gcp", 3322 | "ecr", 3323 | "eks", 3324 | "rhino", 3325 | "rhinosecuritylabs", 3326 | "cybersecurity", 3327 | "pentesting", 3328 | "pentest", 3329 | "ccat", 3330 | "gke", 3331 | "gce" 3332 | ], 3333 | "categories": [ 3334 | "Compliance", 3335 | "Threat Detection", 3336 | "Data Security", 3337 | "Penetration Testing", 3338 | "Container Security" 3339 | ], 3340 | "install_options": [] 3341 | }, 3342 | { 3343 | "name": "RhinoSecurityLabs/pacu", 3344 | "repo": "https://github.com/RhinoSecurityLabs/pacu", 3345 | "stars": 4546, 3346 | "last_commit": "2025-01-24T00:40:56Z", 3347 | "language": "Python", 3348 | "description": "The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.", 3349 | "tags": [ 3350 | "aws-security", 3351 | "penetration-testing", 3352 | "aws", 3353 | "security", 3354 | "python" 3355 | ], 3356 | "categories": [ 3357 | "Compliance", 3358 | "Threat Detection", 3359 | "Data Security", 3360 | "Penetration Testing", 3361 | "API Security" 3362 | ], 3363 | "install_options": [] 3364 | }, 3365 | { 3366 | "name": "RichardoC/gitlab-secrets", 3367 | "repo": "https://github.com/RichardoC/gitlab-secrets", 3368 | "stars": 45, 3369 | "last_commit": "2024-08-16T10:48:46Z", 3370 | "language": "Python", 3371 | "description": "This tool analyzes a given Gitlab repository and searches for dangling or force-pushed commits containing potential secret or interesting information.", 3372 | "tags": [], 3373 | "categories": [ 3374 | "Secrets Management", 3375 | "API Security" 3376 | ], 3377 | "install_options": [] 3378 | }, 3379 | { 3380 | "name": "RiotGames/cloud-inquisitor", 3381 | "repo": "https://github.com/RiotGames/cloud-inquisitor", 3382 | "stars": 448, 3383 | "last_commit": "2020-04-16T17:01:01Z", 3384 | "language": "Python", 3385 | "description": "Enforce ownership and data security within AWS", 3386 | "tags": [], 3387 | "categories": [ 3388 | "Compliance", 3389 | "Data Security" 3390 | ], 3391 | "install_options": [] 3392 | }, 3393 | { 3394 | "name": "robburger/terraform-pr-commenter", 3395 | "repo": "https://github.com/robburger/terraform-pr-commenter", 3396 | "stars": 138, 3397 | "last_commit": "2021-09-05T13:37:25Z", 3398 | "language": "Shell", 3399 | "description": "A GitHub Action that adds opinionated comments to a PR from Terraform fmt/init/plan output", 3400 | "tags": [], 3401 | "categories": [ 3402 | "Static Analysis", 3403 | "Cloud Infrastructure" 3404 | ], 3405 | "install_options": [] 3406 | }, 3407 | { 3408 | "name": "runfinch/finch", 3409 | "repo": "https://github.com/runfinch/finch", 3410 | "stars": 3639, 3411 | "last_commit": "2025-02-19T17:52:51Z", 3412 | "language": "Go", 3413 | "description": "The Finch CLI is an open source client for container development", 3414 | "tags": [], 3415 | "categories": [ 3416 | "Container Security" 3417 | ], 3418 | "install_options": [] 3419 | }, 3420 | { 3421 | "name": "salesforce/aws-allowlister", 3422 | "repo": "https://github.com/salesforce/aws-allowlister", 3423 | "stars": 225, 3424 | "last_commit": "2022-07-17T18:15:08Z", 3425 | "language": "Python", 3426 | "description": "Automatically compile an AWS Service Control Policy that ONLY allows AWS services that are compliant with your preferred compliance frameworks.", 3427 | "tags": [ 3428 | "aws", 3429 | "security", 3430 | "cloud", 3431 | "salesforce", 3432 | "iam", 3433 | "cloud-security", 3434 | "compliance" 3435 | ], 3436 | "categories": [ 3437 | "Compliance", 3438 | "IAM Tools", 3439 | "Data Security", 3440 | "Policy Management" 3441 | ], 3442 | "install_options": [] 3443 | }, 3444 | { 3445 | "name": "salesforce/cloudsplaining", 3446 | "repo": "https://github.com/salesforce/cloudsplaining", 3447 | "stars": 2044, 3448 | "last_commit": "2025-02-02T13:22:46Z", 3449 | "language": "JavaScript", 3450 | "description": "Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.", 3451 | "tags": [ 3452 | "aws", 3453 | "aws-iam", 3454 | "cloud", 3455 | "security", 3456 | "salesforce", 3457 | "aws-security", 3458 | "cloud-security", 3459 | "iam", 3460 | "hacktoberfest" 3461 | ], 3462 | "categories": [ 3463 | "Compliance", 3464 | "IAM Tools", 3465 | "Data Security" 3466 | ], 3467 | "install_options": [] 3468 | }, 3469 | { 3470 | "name": "salesforce/policy_sentry", 3471 | "repo": "https://github.com/salesforce/policy_sentry", 3472 | "stars": 2053, 3473 | "last_commit": "2025-02-01T18:14:55Z", 3474 | "language": "Python", 3475 | "description": "IAM Least Privilege Policy Generator", 3476 | "tags": [ 3477 | "aws", 3478 | "iam", 3479 | "cloud", 3480 | "security", 3481 | "cloudsecurity", 3482 | "iam-policy", 3483 | "aws-security", 3484 | "salesforce", 3485 | "hacktoberfest" 3486 | ], 3487 | "categories": [ 3488 | "Compliance", 3489 | "IAM Tools", 3490 | "Data Security", 3491 | "Policy Management" 3492 | ], 3493 | "install_options": [] 3494 | }, 3495 | { 3496 | "name": "SanderKnape/assume", 3497 | "repo": "https://github.com/SanderKnape/assume", 3498 | "stars": 38, 3499 | "last_commit": "2020-04-02T18:18:50Z", 3500 | "language": "Python", 3501 | "description": "A simple CLI utility that makes it easier to switch between different AWS roles", 3502 | "tags": [], 3503 | "categories": [ 3504 | "IAM Tools" 3505 | ], 3506 | "install_options": [] 3507 | }, 3508 | { 3509 | "name": "SAP/cloud-active-defense", 3510 | "repo": "https://github.com/SAP/cloud-active-defense", 3511 | "stars": 89, 3512 | "last_commit": "2025-02-11T09:45:15Z", 3513 | "language": "Go", 3514 | "description": "Add a layer of active defense to your cloud applications.", 3515 | "tags": [ 3516 | "cybersecurity", 3517 | "deception", 3518 | "decoy", 3519 | "honeytoken", 3520 | "infosec", 3521 | "security" 3522 | ], 3523 | "categories": [ 3524 | "Compliance", 3525 | "Data Security" 3526 | ], 3527 | "install_options": [] 3528 | }, 3529 | { 3530 | "name": "saw-your-packet/CloudShovel", 3531 | "repo": "https://github.com/saw-your-packet/CloudShovel", 3532 | "stars": 101, 3533 | "last_commit": "2024-11-13T19:39:20Z", 3534 | "language": "Python", 3535 | "description": "A tool for scanning public or private AMIs for sensitive files and secrets. The tool follows the research made on AWS CloudQuarry where we scanned 20k+ public AMIs.", 3536 | "tags": [], 3537 | "categories": [ 3538 | "Static Analysis", 3539 | "Secrets Management", 3540 | "Data Security" 3541 | ], 3542 | "install_options": [] 3543 | }, 3544 | { 3545 | "name": "securing/BucketScanner", 3546 | "repo": "https://github.com/securing/BucketScanner", 3547 | "stars": 42, 3548 | "last_commit": "2018-03-06T13:32:22Z", 3549 | "language": "Python", 3550 | "description": "A tool for testing objects' permissions in AWS buckets", 3551 | "tags": [], 3552 | "categories": [ 3553 | "S3 Auditing", 3554 | "IAM Tools", 3555 | "Penetration Testing", 3556 | "Policy Management" 3557 | ], 3558 | "install_options": [] 3559 | }, 3560 | { 3561 | "name": "securing/DumpsterDiver", 3562 | "repo": "https://github.com/securing/DumpsterDiver", 3563 | "stars": 1000, 3564 | "last_commit": "2021-07-16T09:16:10Z", 3565 | "language": "Python", 3566 | "description": "Tool to search secrets in various filetypes.", 3567 | "tags": [], 3568 | "categories": [ 3569 | "Secrets Management" 3570 | ], 3571 | "install_options": [] 3572 | }, 3573 | { 3574 | "name": "SecurityRunners/CloudCommotion", 3575 | "repo": "https://github.com/SecurityRunners/CloudCommotion", 3576 | "stars": 143, 3577 | "last_commit": "2024-06-17T20:26:31Z", 3578 | "language": "HCL", 3579 | "description": "Cloud Commotion intends to cause chaos to simulate security incidents", 3580 | "tags": [], 3581 | "categories": [ 3582 | "Incident Response", 3583 | "Compliance", 3584 | "Data Security" 3585 | ], 3586 | "install_options": [] 3587 | }, 3588 | { 3589 | "name": "seisvelas/S3-Exif-Cleaner", 3590 | "repo": "https://github.com/seisvelas/S3-Exif-Cleaner", 3591 | "stars": 16, 3592 | "last_commit": "2021-03-16T23:03:54Z", 3593 | "language": "Python", 3594 | "description": "Remove EXIF data from all objects in an S3 bucket", 3595 | "tags": [], 3596 | "categories": [ 3597 | "S3 Auditing", 3598 | "Data Security" 3599 | ], 3600 | "install_options": [] 3601 | }, 3602 | { 3603 | "name": "sendgrid/krampus", 3604 | "repo": "https://github.com/sendgrid/krampus", 3605 | "stars": 60, 3606 | "last_commit": "2019-03-06T03:31:41Z", 3607 | "language": "Python", 3608 | "description": "The original AWS security enforcer™", 3609 | "tags": [ 3610 | "aws", 3611 | "aws-security", 3612 | "aws-security-automation", 3613 | "aws-lambda", 3614 | "infosec" 3615 | ], 3616 | "categories": [ 3617 | "Compliance", 3618 | "Data Security" 3619 | ], 3620 | "install_options": [] 3621 | }, 3622 | { 3623 | "name": "siigil/entra-id-terraform", 3624 | "repo": "https://github.com/siigil/entra-id-terraform", 3625 | "stars": 15, 3626 | "last_commit": "2024-09-24T12:18:46Z", 3627 | "language": "HCL", 3628 | "description": "Examples of various Entra ID scenarios in Terraform", 3629 | "tags": [], 3630 | "categories": [ 3631 | "Static Analysis", 3632 | "Cloud Infrastructure" 3633 | ], 3634 | "install_options": [] 3635 | }, 3636 | { 3637 | "name": "silascutler/dockerhoneypot-logs", 3638 | "repo": "https://github.com/silascutler/dockerhoneypot-logs", 3639 | "stars": 36, 3640 | "last_commit": "2024-09-30T04:45:16Z", 3641 | "language": "Python", 3642 | "description": "Collection of Docker honeypot logs from 2021 - 2024", 3643 | "tags": [], 3644 | "categories": [ 3645 | "Cloud Monitoring", 3646 | "Container Security" 3647 | ], 3648 | "install_options": [] 3649 | }, 3650 | { 3651 | "name": "Skyscanner/cfripper", 3652 | "repo": "https://github.com/Skyscanner/cfripper", 3653 | "stars": 401, 3654 | "last_commit": "2025-01-16T13:42:39Z", 3655 | "language": "Python", 3656 | "description": "Library and CLI tool for analysing CloudFormation templates and check them for security compliance.", 3657 | "tags": [ 3658 | "cfripper", 3659 | "cloudformation-template", 3660 | "cloudformation", 3661 | "cloud-governance", 3662 | "cloudformation-linter", 3663 | "aws-security", 3664 | "static-analysis", 3665 | "compliance", 3666 | "aws" 3667 | ], 3668 | "categories": [ 3669 | "Compliance", 3670 | "Static Analysis", 3671 | "Cloud Infrastructure", 3672 | "Data Security", 3673 | "Policy Management" 3674 | ], 3675 | "install_options": [] 3676 | }, 3677 | { 3678 | "name": "Skyscanner/whispers", 3679 | "repo": "https://github.com/Skyscanner/whispers", 3680 | "stars": 483, 3681 | "last_commit": "2021-10-18T10:09:45Z", 3682 | "language": "Python", 3683 | "description": "Identify hardcoded secrets in static structured text", 3684 | "tags": [ 3685 | "secrets-detection", 3686 | "passwords", 3687 | "leaks", 3688 | "pipeline", 3689 | "devsecops", 3690 | "security", 3691 | "secrets-scan", 3692 | "secrets", 3693 | "lint", 3694 | "linter", 3695 | "parser", 3696 | "structured-data", 3697 | "structured-text", 3698 | "yaml-parser", 3699 | "json-parser", 3700 | "xml-parser", 3701 | "security-compliance", 3702 | "hardcoded", 3703 | "credentials" 3704 | ], 3705 | "categories": [ 3706 | "Compliance", 3707 | "Static Analysis", 3708 | "Secrets Management", 3709 | "Data Security" 3710 | ], 3711 | "install_options": [] 3712 | }, 3713 | { 3714 | "name": "smiegles/mass3", 3715 | "repo": "https://github.com/smiegles/mass3", 3716 | "stars": 124, 3717 | "last_commit": "2019-09-02T16:41:43Z", 3718 | "language": "Go", 3719 | "description": "", 3720 | "tags": [], 3721 | "categories": [ 3722 | "Uncategorized" 3723 | ], 3724 | "install_options": [] 3725 | }, 3726 | { 3727 | "name": "soteria-security/365Inspect", 3728 | "repo": "https://github.com/soteria-security/365Inspect", 3729 | "stars": 602, 3730 | "last_commit": "2025-02-18T12:25:09Z", 3731 | "language": "PowerShell", 3732 | "description": "A PowerShell script that automates the security assessment of Microsoft 365 environments.", 3733 | "tags": [], 3734 | "categories": [ 3735 | "Compliance", 3736 | "Data Security" 3737 | ], 3738 | "install_options": [] 3739 | }, 3740 | { 3741 | "name": "soteria-security/AzureInspect", 3742 | "repo": "https://github.com/soteria-security/AzureInspect", 3743 | "stars": 17, 3744 | "last_commit": "2024-10-30T17:58:20Z", 3745 | "language": "PowerShell", 3746 | "description": "A series of PowerShell scripts to automate the assessment of Azure IaaS security", 3747 | "tags": [], 3748 | "categories": [ 3749 | "Compliance", 3750 | "Cloud Infrastructure", 3751 | "Data Security" 3752 | ], 3753 | "install_options": [] 3754 | }, 3755 | { 3756 | "name": "splunk/attack_range", 3757 | "repo": "https://github.com/splunk/attack_range", 3758 | "stars": 2224, 3759 | "last_commit": "2025-02-05T00:41:14Z", 3760 | "language": "Jinja", 3761 | "description": "A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data into Splunk ", 3762 | "tags": [ 3763 | "attack-range", 3764 | "attack-simulation", 3765 | "adversary", 3766 | "simulation", 3767 | "simulations", 3768 | "detection", 3769 | "lab" 3770 | ], 3771 | "categories": [ 3772 | "Threat Detection", 3773 | "Data Security", 3774 | "Penetration Testing" 3775 | ], 3776 | "install_options": [] 3777 | }, 3778 | { 3779 | "name": "spotify/gcp-aws-iam-federation-webidentity", 3780 | "repo": "https://github.com/spotify/gcp-aws-iam-federation-webidentity", 3781 | "stars": 28, 3782 | "last_commit": "2024-04-03T09:24:42Z", 3783 | "language": "HCL", 3784 | "description": "Creates needed resources for federating access between a GCP service account and AWS IAM role.", 3785 | "tags": [], 3786 | "categories": [ 3787 | "S3 Auditing", 3788 | "IAM Tools", 3789 | "Cloud Cost Management" 3790 | ], 3791 | "install_options": [] 3792 | }, 3793 | { 3794 | "name": "ssup2/kpexec", 3795 | "repo": "https://github.com/ssup2/kpexec", 3796 | "stars": 241, 3797 | "last_commit": "2024-04-24T17:49:06Z", 3798 | "language": "Go", 3799 | "description": " kpexec is a kubernetes cli that runs commands in a container with high privileges.", 3800 | "tags": [], 3801 | "categories": [ 3802 | "Container Security" 3803 | ], 3804 | "install_options": [] 3805 | }, 3806 | { 3807 | "name": "Static-Flow/CloudCopy", 3808 | "repo": "https://github.com/Static-Flow/CloudCopy", 3809 | "stars": 120, 3810 | "last_commit": "2019-11-02T17:36:19Z", 3811 | "language": "Python", 3812 | "description": "This tool implements a cloud version of the Shadow Copy attack against domain controllers running in AWS using only the EC2:CreateSnapshot permission.", 3813 | "tags": [ 3814 | "python3", 3815 | "redteam", 3816 | "hacking-tool" 3817 | ], 3818 | "categories": [ 3819 | "Threat Detection", 3820 | "Penetration Testing" 3821 | ], 3822 | "install_options": [] 3823 | }, 3824 | { 3825 | "name": "stelligent/cfn_nag", 3826 | "repo": "https://github.com/stelligent/cfn_nag", 3827 | "stars": 1263, 3828 | "last_commit": "2022-06-07T21:40:44Z", 3829 | "language": "Ruby", 3830 | "description": "Linting tool for CloudFormation templates", 3831 | "tags": [ 3832 | "continuous-testing", 3833 | "unit-testing", 3834 | "cloudformation", 3835 | "aws", 3836 | "devops", 3837 | "iam-rules", 3838 | "cloudformation-templates", 3839 | "cfn-nag", 3840 | "open-source", 3841 | "static-analysis", 3842 | "stelligent", 3843 | "cfn", 3844 | "lint", 3845 | "linting", 3846 | "amazon", 3847 | "security", 3848 | "security-automation", 3849 | "cloudformation-security", 3850 | "hacktoberfest", 3851 | "compliance" 3852 | ], 3853 | "categories": [ 3854 | "Compliance", 3855 | "Static Analysis", 3856 | "Cloud Infrastructure", 3857 | "Data Security", 3858 | "Policy Management" 3859 | ], 3860 | "install_options": [] 3861 | }, 3862 | { 3863 | "name": "StevenSmiley/aws-mine", 3864 | "repo": "https://github.com/StevenSmiley/aws-mine", 3865 | "stars": 87, 3866 | "last_commit": "2024-08-01T19:48:16Z", 3867 | "language": "TypeScript", 3868 | "description": "AWS honey token manager", 3869 | "tags": [], 3870 | "categories": [ 3871 | "Secrets Management" 3872 | ], 3873 | "install_options": [] 3874 | }, 3875 | { 3876 | "name": "suzuki-shunsuke/tfprovidercheck", 3877 | "repo": "https://github.com/suzuki-shunsuke/tfprovidercheck", 3878 | "stars": 82, 3879 | "last_commit": "2025-02-20T04:23:10Z", 3880 | "language": "Go", 3881 | "description": "CLI to prevent malicious Terraform Providers from being executed. You can define the allow list of Terraform Providers and their versions, and check if disallowed providers aren't used", 3882 | "tags": [ 3883 | "security", 3884 | "terraform", 3885 | "oss", 3886 | "cli" 3887 | ], 3888 | "categories": [ 3889 | "Compliance", 3890 | "Static Analysis", 3891 | "Cloud Infrastructure", 3892 | "Data Security" 3893 | ], 3894 | "install_options": [] 3895 | }, 3896 | { 3897 | "name": "SygniaLabs/Cirrus", 3898 | "repo": "https://github.com/SygniaLabs/Cirrus", 3899 | "stars": 71, 3900 | "last_commit": "2024-02-26T13:32:41Z", 3901 | "language": "Python", 3902 | "description": "", 3903 | "tags": [], 3904 | "categories": [ 3905 | "Uncategorized" 3906 | ], 3907 | "install_options": [] 3908 | }, 3909 | { 3910 | "name": "SySS-Research/azurenum", 3911 | "repo": "https://github.com/SySS-Research/azurenum", 3912 | "stars": 91, 3913 | "last_commit": "2025-01-08T13:31:31Z", 3914 | "language": "Python", 3915 | "description": "Enumerate Microsoft Entra ID (Azure AD) fast", 3916 | "tags": [], 3917 | "categories": [ 3918 | "Uncategorized" 3919 | ], 3920 | "install_options": [] 3921 | }, 3922 | { 3923 | "name": "tensult/cloud-reports", 3924 | "repo": "https://github.com/tensult/cloud-reports", 3925 | "stars": 278, 3926 | "last_commit": "2020-12-12T07:40:34Z", 3927 | "language": "TypeScript", 3928 | "description": "Scans your AWS cloud resources and generates reports. Check out free hosted version:", 3929 | "tags": [ 3930 | "aws", 3931 | "security", 3932 | "reports", 3933 | "scans", 3934 | "analyzer", 3935 | "cloud", 3936 | "best-practices", 3937 | "pdf", 3938 | "json", 3939 | "html", 3940 | "cloud-computing", 3941 | "puppeteer" 3942 | ], 3943 | "categories": [ 3944 | "Compliance", 3945 | "Static Analysis", 3946 | "Data Security", 3947 | "Cloud Cost Management" 3948 | ], 3949 | "install_options": [] 3950 | }, 3951 | { 3952 | "name": "threatcl/threatcl", 3953 | "repo": "https://github.com/threatcl/threatcl", 3954 | "stars": 421, 3955 | "last_commit": "2024-08-17T04:03:44Z", 3956 | "language": "Go", 3957 | "description": "Documenting your Threat Models with HCL", 3958 | "tags": [], 3959 | "categories": [ 3960 | "Incident Response", 3961 | "Threat Detection" 3962 | ], 3963 | "install_options": [] 3964 | }, 3965 | { 3966 | "name": "ThreatResponse/aws_ir", 3967 | "repo": "https://github.com/ThreatResponse/aws_ir", 3968 | "stars": 344, 3969 | "last_commit": "2021-07-14T20:46:44Z", 3970 | "language": "Python", 3971 | "description": "Python installable command line utiltity for mitigation of host and key compromises. ", 3972 | "tags": [], 3973 | "categories": [ 3974 | "Incident Response" 3975 | ], 3976 | "install_options": [] 3977 | }, 3978 | { 3979 | "name": "ThreatResponse/mad-king", 3980 | "repo": "https://github.com/ThreatResponse/mad-king", 3981 | "stars": 39, 3982 | "last_commit": "2016-09-18T20:48:23Z", 3983 | "language": "Python", 3984 | "description": "Proof of Concept Zappa Based AWS Persistence and Attack Platform ", 3985 | "tags": [], 3986 | "categories": [ 3987 | "Threat Detection", 3988 | "Penetration Testing" 3989 | ], 3990 | "install_options": [] 3991 | }, 3992 | { 3993 | "name": "tmobile/pacbot", 3994 | "repo": "https://github.com/tmobile/pacbot", 3995 | "stars": 1293, 3996 | "last_commit": "2020-09-29T05:06:47Z", 3997 | "language": "Java", 3998 | "description": "PacBot (Policy as Code Bot)", 3999 | "tags": [ 4000 | "cloud-security", 4001 | "security", 4002 | "aws", 4003 | "continous-compliance", 4004 | "cloud-auditing", 4005 | "policy-as-code", 4006 | "cloud", 4007 | "security-automation", 4008 | "aws-security", 4009 | "java", 4010 | "angularjs", 4011 | "cloud-compliance-reporting", 4012 | "cloud-native", 4013 | "spring-boot" 4014 | ], 4015 | "categories": [ 4016 | "Compliance", 4017 | "IAM Tools", 4018 | "Data Security", 4019 | "Policy Management" 4020 | ], 4021 | "install_options": [] 4022 | }, 4023 | { 4024 | "name": "tomdev/teh_s3_bucketeers", 4025 | "repo": "https://github.com/tomdev/teh_s3_bucketeers", 4026 | "stars": 274, 4027 | "last_commit": "2021-10-19T18:16:44Z", 4028 | "language": "Shell", 4029 | "description": "", 4030 | "tags": [], 4031 | "categories": [ 4032 | "Uncategorized" 4033 | ], 4034 | "install_options": [] 4035 | }, 4036 | { 4037 | "name": "turbot/steampipe", 4038 | "repo": "https://github.com/turbot/steampipe", 4039 | "stars": 7188, 4040 | "last_commit": "2025-02-03T12:33:46Z", 4041 | "language": "Go", 4042 | "description": "Zero-ETL, infinite possibilities. Live query APIs, code & more with SQL. No DB required.", 4043 | "tags": [ 4044 | "steampipe", 4045 | "postgresql", 4046 | "postgresql-fdw", 4047 | "cloud", 4048 | "security", 4049 | "aws", 4050 | "azure", 4051 | "cis", 4052 | "cnapp", 4053 | "cspm", 4054 | "devops", 4055 | "devsecops", 4056 | "gcp", 4057 | "golang", 4058 | "kubernetes", 4059 | "terraform", 4060 | "etl", 4061 | "sqlite", 4062 | "zero-etl", 4063 | "hacktoberfest" 4064 | ], 4065 | "categories": [ 4066 | "Compliance", 4067 | "Static Analysis", 4068 | "Cloud Infrastructure", 4069 | "Data Security", 4070 | "Container Security", 4071 | "API Security" 4072 | ], 4073 | "install_options": [] 4074 | }, 4075 | { 4076 | "name": "turnerlabs/antiope", 4077 | "repo": "https://github.com/turnerlabs/antiope", 4078 | "stars": 224, 4079 | "last_commit": "2021-03-24T13:24:29Z", 4080 | "language": "Python", 4081 | "description": "AWS Inventory and Compliance Framework", 4082 | "tags": [], 4083 | "categories": [ 4084 | "Compliance", 4085 | "Policy Management" 4086 | ], 4087 | "install_options": [] 4088 | }, 4089 | { 4090 | "name": "Ucnt/aws-s3-data-finder", 4091 | "repo": "https://github.com/Ucnt/aws-s3-data-finder", 4092 | "stars": 36, 4093 | "last_commit": "2022-01-16T16:57:56Z", 4094 | "language": "Python", 4095 | "description": "AWS S3 Sensitive Data Search", 4096 | "tags": [], 4097 | "categories": [ 4098 | "S3 Auditing", 4099 | "Data Security" 4100 | ], 4101 | "install_options": [] 4102 | }, 4103 | { 4104 | "name": "udondan/iam-floyd", 4105 | "repo": "https://github.com/udondan/iam-floyd", 4106 | "stars": 553, 4107 | "last_commit": "2025-02-20T01:38:47Z", 4108 | "language": "TypeScript", 4109 | "description": "AWS IAM policy statement generator with fluent interface", 4110 | "tags": [ 4111 | "aws", 4112 | "iam", 4113 | "iam-policy", 4114 | "generator", 4115 | "cdk", 4116 | "aws-cdk", 4117 | "jsii", 4118 | "hacktoberfest" 4119 | ], 4120 | "categories": [ 4121 | "Compliance", 4122 | "IAM Tools", 4123 | "Policy Management" 4124 | ], 4125 | "install_options": [] 4126 | }, 4127 | { 4128 | "name": "unknownhad/CloudIntel", 4129 | "repo": "https://github.com/unknownhad/CloudIntel", 4130 | "stars": 248, 4131 | "last_commit": "2024-11-11T09:38:32Z", 4132 | "language": "", 4133 | "description": "This repo contains IOC, malware and malware analysis associated with Public cloud", 4134 | "tags": [ 4135 | "aws", 4136 | "exploit", 4137 | "malware-analysis", 4138 | "security", 4139 | "threat-intelligence", 4140 | "threatintel", 4141 | "azure", 4142 | "gcp" 4143 | ], 4144 | "categories": [ 4145 | "Incident Response", 4146 | "Compliance", 4147 | "Static Analysis", 4148 | "Threat Detection", 4149 | "Data Security" 4150 | ], 4151 | "install_options": [] 4152 | }, 4153 | { 4154 | "name": "vectra-ai-research/derf", 4155 | "repo": "https://github.com/vectra-ai-research/derf", 4156 | "stars": 91, 4157 | "last_commit": "2024-01-12T20:01:38Z", 4158 | "language": "HCL", 4159 | "description": "DeRF (Detection Replay Framework) is an \"Attacks As A Service\" framework, allowing the emulation of offensive techniques and generation of repeatable detection samples in the cloud. Built on Google Workflows", 4160 | "tags": [ 4161 | "attack-defense", 4162 | "aws", 4163 | "cloudsecurity", 4164 | "gcp", 4165 | "security", 4166 | "clouddetection", 4167 | "cloud", 4168 | "google", 4169 | "google-workflow" 4170 | ], 4171 | "categories": [ 4172 | "Compliance", 4173 | "Threat Detection", 4174 | "Data Security", 4175 | "Penetration Testing" 4176 | ], 4177 | "install_options": [] 4178 | }, 4179 | { 4180 | "name": "vectra-ai-research/Halberd", 4181 | "repo": "https://github.com/vectra-ai-research/Halberd", 4182 | "stars": 248, 4183 | "last_commit": "2025-02-03T18:03:44Z", 4184 | "language": "Python", 4185 | "description": "Halberd : Multi-Cloud Attack Platform", 4186 | "tags": [ 4187 | "aws", 4188 | "azuread", 4189 | "blueteam-tools", 4190 | "entra-id", 4191 | "m365", 4192 | "microsoft", 4193 | "mitre-attack", 4194 | "offensive-security", 4195 | "redteam", 4196 | "redteam-tools", 4197 | "security-testing", 4198 | "security-tools", 4199 | "ttp", 4200 | "cloud-security", 4201 | "azure", 4202 | "gcp" 4203 | ], 4204 | "categories": [ 4205 | "Threat Detection", 4206 | "Penetration Testing" 4207 | ], 4208 | "install_options": [] 4209 | }, 4210 | { 4211 | "name": "VirtueSecurity/aws-extender-cli", 4212 | "repo": "https://github.com/VirtueSecurity/aws-extender-cli", 4213 | "stars": 82, 4214 | "last_commit": "2020-04-22T16:19:26Z", 4215 | "language": "Python", 4216 | "description": "AWS Extender CLI is a command-line script to test S3 buckets as well as Google Storage buckets and Azure Storage containers for common misconfiguration issues using the boto/boto3 SDK library.", 4217 | "tags": [], 4218 | "categories": [ 4219 | "S3 Auditing", 4220 | "Static Analysis", 4221 | "Data Security", 4222 | "Container Security", 4223 | "Policy Management" 4224 | ], 4225 | "install_options": [] 4226 | }, 4227 | { 4228 | "name": "Voulnet/barq", 4229 | "repo": "https://github.com/Voulnet/barq", 4230 | "stars": 387, 4231 | "last_commit": "2019-12-11T20:13:12Z", 4232 | "language": "Python", 4233 | "description": "barq: The AWS Cloud Post Exploitation framework!", 4234 | "tags": [], 4235 | "categories": [ 4236 | "Threat Detection", 4237 | "Penetration Testing" 4238 | ], 4239 | "install_options": [] 4240 | }, 4241 | { 4242 | "name": "welldone-cloud/aws-lint-iam-policies", 4243 | "repo": "https://github.com/welldone-cloud/aws-lint-iam-policies", 4244 | "stars": 134, 4245 | "last_commit": "2025-01-25T17:57:31Z", 4246 | "language": "Python", 4247 | "description": "", 4248 | "tags": [], 4249 | "categories": [ 4250 | "Uncategorized" 4251 | ], 4252 | "install_options": [] 4253 | }, 4254 | { 4255 | "name": "welldone-cloud/aws-list-resources", 4256 | "repo": "https://github.com/welldone-cloud/aws-list-resources", 4257 | "stars": 135, 4258 | "last_commit": "2025-01-10T07:13:14Z", 4259 | "language": "Python", 4260 | "description": "", 4261 | "tags": [], 4262 | "categories": [ 4263 | "Uncategorized" 4264 | ], 4265 | "install_options": [] 4266 | }, 4267 | { 4268 | "name": "welldone-cloud/aws-scps-for-sandbox-and-training-accounts", 4269 | "repo": "https://github.com/welldone-cloud/aws-scps-for-sandbox-and-training-accounts", 4270 | "stars": 146, 4271 | "last_commit": "2024-12-08T14:58:09Z", 4272 | "language": "Python", 4273 | "description": "", 4274 | "tags": [], 4275 | "categories": [ 4276 | "Uncategorized" 4277 | ], 4278 | "install_options": [] 4279 | }, 4280 | { 4281 | "name": "welldone-cloud/aws-summarize-account-activity", 4282 | "repo": "https://github.com/welldone-cloud/aws-summarize-account-activity", 4283 | "stars": 157, 4284 | "last_commit": "2025-01-25T07:02:28Z", 4285 | "language": "Python", 4286 | "description": "", 4287 | "tags": [], 4288 | "categories": [ 4289 | "Uncategorized" 4290 | ], 4291 | "install_options": [] 4292 | }, 4293 | { 4294 | "name": "whitfin/s3-meta", 4295 | "repo": "https://github.com/whitfin/s3-meta", 4296 | "stars": 49, 4297 | "last_commit": "2021-01-30T23:21:07Z", 4298 | "language": "Rust", 4299 | "description": "Gather metadata about your S3 buckets", 4300 | "tags": [ 4301 | "aws", 4302 | "aws-s3", 4303 | "metadata", 4304 | "tooling" 4305 | ], 4306 | "categories": [ 4307 | "S3 Auditing", 4308 | "Data Security" 4309 | ], 4310 | "install_options": [] 4311 | }, 4312 | { 4313 | "name": "whitfin/s3-utils", 4314 | "repo": "https://github.com/whitfin/s3-utils", 4315 | "stars": 54, 4316 | "last_commit": "2021-03-16T14:53:24Z", 4317 | "language": "Rust", 4318 | "description": "Utilities and tools based around Amazon S3 to provide convenience APIs in a CLI", 4319 | "tags": [ 4320 | "aws", 4321 | "aws-s3", 4322 | "command-line", 4323 | "text-processing" 4324 | ], 4325 | "categories": [ 4326 | "S3 Auditing", 4327 | "API Security" 4328 | ], 4329 | "install_options": [] 4330 | }, 4331 | { 4332 | "name": "widdix/aws-amicleaner", 4333 | "repo": "https://github.com/widdix/aws-amicleaner", 4334 | "stars": 33, 4335 | "last_commit": "2024-07-23T11:09:06Z", 4336 | "language": "JavaScript", 4337 | "description": "To clean up your AWS AMIs: First, include AMIs by name or tag. Second, exclude AMIs in use, younger than N days, or the newest N images. Third, manually confirm the list of AMIs for deletion.", 4338 | "tags": [], 4339 | "categories": [ 4340 | "Uncategorized" 4341 | ], 4342 | "install_options": [] 4343 | }, 4344 | { 4345 | "name": "willbengtson/trailblazer-aws", 4346 | "repo": "https://github.com/willbengtson/trailblazer-aws", 4347 | "stars": 135, 4348 | "last_commit": "2018-08-08T16:01:07Z", 4349 | "language": "Python", 4350 | "description": "Blazing CloudTrail since 2018", 4351 | "tags": [], 4352 | "categories": [ 4353 | "Uncategorized" 4354 | ], 4355 | "install_options": [] 4356 | }, 4357 | { 4358 | "name": "WithSecureLabs/cloud-security-vm", 4359 | "repo": "https://github.com/WithSecureLabs/cloud-security-vm", 4360 | "stars": 137, 4361 | "last_commit": "2025-01-02T18:12:27Z", 4362 | "language": "HCL", 4363 | "description": "Ansible/Vagrant/Packer files to create a virtual machine with the tooling needed to perform cloud security assessments", 4364 | "tags": [], 4365 | "categories": [ 4366 | "Compliance", 4367 | "Data Security" 4368 | ], 4369 | "install_options": [] 4370 | }, 4371 | { 4372 | "name": "WithSecureLabs/IAMSpy", 4373 | "repo": "https://github.com/WithSecureLabs/IAMSpy", 4374 | "stars": 211, 4375 | "last_commit": "2024-12-12T10:45:19Z", 4376 | "language": "Python", 4377 | "description": "", 4378 | "tags": [], 4379 | "categories": [ 4380 | "Uncategorized" 4381 | ], 4382 | "install_options": [] 4383 | }, 4384 | { 4385 | "name": "xen0l/aws-gate", 4386 | "repo": "https://github.com/xen0l/aws-gate", 4387 | "stars": 513, 4388 | "last_commit": "2023-08-04T16:16:48Z", 4389 | "language": "Python", 4390 | "description": "Better AWS SSM Session manager CLI client ", 4391 | "tags": [ 4392 | "aws", 4393 | "aws-ssm", 4394 | "session-manager", 4395 | "cli", 4396 | "ec2-instances", 4397 | "ec2", 4398 | "aws-ssm-agent", 4399 | "ssh", 4400 | "access-control", 4401 | "iam-access", 4402 | "scp", 4403 | "ssh-session", 4404 | "ssh-support", 4405 | "hardening" 4406 | ], 4407 | "categories": [ 4408 | "Uncategorized" 4409 | ], 4410 | "install_options": [] 4411 | }, 4412 | { 4413 | "name": "xen0l/iam-lint", 4414 | "repo": "https://github.com/xen0l/iam-lint", 4415 | "stars": 37, 4416 | "last_commit": "2020-02-28T11:15:27Z", 4417 | "language": "Shell", 4418 | "description": "Github action for linting AWS IAM policy documents", 4419 | "tags": [ 4420 | "aws", 4421 | "iam", 4422 | "security" 4423 | ], 4424 | "categories": [ 4425 | "Compliance", 4426 | "IAM Tools", 4427 | "Static Analysis", 4428 | "Data Security", 4429 | "Policy Management" 4430 | ], 4431 | "install_options": [] 4432 | }, 4433 | { 4434 | "name": "yanilov/control-tags", 4435 | "repo": "https://github.com/yanilov/control-tags", 4436 | "stars": 39, 4437 | "last_commit": "2025-01-27T19:24:24Z", 4438 | "language": "HCL", 4439 | "description": "Scalable integrity framework for ABAC on AWS", 4440 | "tags": [ 4441 | "abac", 4442 | "aws-iam", 4443 | "multiparty-approval" 4444 | ], 4445 | "categories": [ 4446 | "Uncategorized" 4447 | ], 4448 | "install_options": [] 4449 | }, 4450 | { 4451 | "name": "Yelp/detect-secrets", 4452 | "repo": "https://github.com/Yelp/detect-secrets", 4453 | "stars": 3944, 4454 | "last_commit": "2025-01-06T20:58:21Z", 4455 | "language": "Python", 4456 | "description": "An enterprise friendly way of detecting and preventing secrets in code.", 4457 | "tags": [], 4458 | "categories": [ 4459 | "Secrets Management" 4460 | ], 4461 | "install_options": [] 4462 | }, 4463 | { 4464 | "name": "z0ph/aws-security-toolbox", 4465 | "repo": "https://github.com/z0ph/aws-security-toolbox", 4466 | "stars": 287, 4467 | "last_commit": "2021-05-20T13:06:05Z", 4468 | "language": "Shell", 4469 | "description": "AWS Security Tools (AST) in a simple Docker container. :package:", 4470 | "tags": [ 4471 | "security", 4472 | "assessments", 4473 | "aws", 4474 | "amazon-web-services", 4475 | "audit" 4476 | ], 4477 | "categories": [ 4478 | "Compliance", 4479 | "Data Security", 4480 | "Penetration Testing", 4481 | "Container Security" 4482 | ], 4483 | "install_options": [] 4484 | }, 4485 | { 4486 | "name": "gitleaks/gitleaks", 4487 | "repo": "https://github.com/gitleaks/gitleaks", 4488 | "stars": 18966, 4489 | "last_commit": "2025-02-20T01:36:42Z", 4490 | "language": "Go", 4491 | "description": "Find secrets with Gitleaks 🔑", 4492 | "tags": [ 4493 | "security", 4494 | "security-tools", 4495 | "git", 4496 | "golang", 4497 | "go", 4498 | "secret", 4499 | "gitleaks", 4500 | "devsecops", 4501 | "hacktoberfest", 4502 | "ci-cd", 4503 | "cicd", 4504 | "cli", 4505 | "data-loss-prevention", 4506 | "dlp", 4507 | "open-source" 4508 | ], 4509 | "categories": [ 4510 | "Compliance", 4511 | "Secrets Management", 4512 | "Data Security" 4513 | ], 4514 | "install_options": [] 4515 | } 4516 | ] -------------------------------------------------------------------------------- /src/index.css: -------------------------------------------------------------------------------- 1 | @import '@fontsource/montserrat'; 2 | @tailwind base; 3 | @tailwind components; 4 | @tailwind utilities; 5 | @layer base { 6 | body { 7 | @apply font-sans; 8 | } 9 | } 10 | 11 | :root { 12 | font-family: Inter, system-ui, Avenir, Helvetica, Arial, sans-serif; 13 | line-height: 1.5; 14 | font-weight: 400; 15 | 16 | color-scheme: light dark; 17 | color: rgba(255, 255, 255, 0.87); 18 | background-color: #242424; 19 | 20 | font-synthesis: none; 21 | text-rendering: optimizeLegibility; 22 | -webkit-font-smoothing: antialiased; 23 | -moz-osx-font-smoothing: grayscale; 24 | } 25 | 26 | a { 27 | font-weight: 500; 28 | color: #646cff; 29 | text-decoration: inherit; 30 | } 31 | a:hover { 32 | color: #535bf2; 33 | } 34 | 35 | body { 36 | margin: 0; 37 | display: flex; 38 | place-items: center; 39 | min-width: 320px; 40 | min-height: 100vh; 41 | } 42 | 43 | h1 { 44 | font-size: 3.2em; 45 | line-height: 1.1; 46 | } 47 | 48 | button { 49 | border-radius: 8px; 50 | border: 1px solid transparent; 51 | padding: 0.6em 1.2em; 52 | font-size: 1em; 53 | font-weight: 500; 54 | font-family: inherit; 55 | background-color: #1a1a1a; 56 | cursor: pointer; 57 | transition: border-color 0.25s; 58 | } 59 | button:hover { 60 | border-color: #646cff; 61 | } 62 | button:focus, 63 | button:focus-visible { 64 | outline: 4px auto -webkit-focus-ring-color; 65 | } 66 | 67 | @media (prefers-color-scheme: light) { 68 | :root { 69 | color: #213547; 70 | background-color: #ffffff; 71 | } 72 | a:hover { 73 | color: #747bff; 74 | } 75 | button { 76 | background-color: #f9f9f9; 77 | } 78 | } 79 | 80 | /* src/index.css */ 81 | .sort-control, .filter-bar { 82 | margin-bottom: 1rem; 83 | display: flex; 84 | align-items: center; 85 | gap: 0.5rem; 86 | } 87 | 88 | .sort-control select, .filter-bar select { 89 | padding: 0.5rem; 90 | font-size: 1rem; 91 | } 92 | 93 | .tool-card { 94 | margin-bottom: 1rem; 95 | padding: 1rem; 96 | border: 1px solid #ddd; 97 | border-radius: 0.5rem; 98 | background: #fff; 99 | box-shadow: 0 2px 4px rgba(0, 0, 0, 0.1); 100 | } 101 | .tool-card h2 { 102 | margin-bottom: 0.5rem; 103 | font-size: 1.5rem; 104 | } 105 | .tool-card p { 106 | margin: 0.5rem 0; 107 | } -------------------------------------------------------------------------------- /src/main.tsx: -------------------------------------------------------------------------------- 1 | import { StrictMode } from 'react'; 2 | import { createRoot } from 'react-dom/client'; 3 | import './index.css'; // Import Tailwind styles 4 | import App from './App'; // No need for ".tsx" extension 5 | 6 | createRoot(document.getElementById('root')!).render( 7 | 8 | 9 | 10 | ); -------------------------------------------------------------------------------- /src/vite-env.d.ts: -------------------------------------------------------------------------------- 1 | /// 2 | -------------------------------------------------------------------------------- /tailwind.config.cjs: -------------------------------------------------------------------------------- 1 | /** @type {import('tailwindcss').Config} */ 2 | module.exports = { 3 | content: [ 4 | "./index.html", 5 | "./src/**/*.{js,ts,jsx,tsx}", 6 | ], 7 | theme: { 8 | extend: { 9 | fontFamily: { 10 | sans: ['Montserrat', 'ui-sans-serif', 'system-ui'], // Add Montserrat as the default sans font 11 | }, 12 | }, 13 | }, 14 | plugins: [ 15 | require('@tailwindcss/typography'), 16 | require('@tailwindcss/forms'), 17 | ], 18 | }; -------------------------------------------------------------------------------- /tsconfig.app.json: -------------------------------------------------------------------------------- 1 | { 2 | "compilerOptions": { 3 | "tsBuildInfoFile": "./node_modules/.tmp/tsconfig.app.tsbuildinfo", 4 | "target": "ES2020", 5 | "useDefineForClassFields": true, 6 | "lib": ["ES2020", "DOM", "DOM.Iterable"], 7 | "module": "ESNext", 8 | "skipLibCheck": true, 9 | 10 | /* Bundler mode */ 11 | "moduleResolution": "Bundler", 12 | "allowImportingTsExtensions": true, 13 | "isolatedModules": true, 14 | "moduleDetection": "force", 15 | "noEmit": true, 16 | "jsx": "react-jsx", 17 | 18 | /* Linting */ 19 | "strict": true, 20 | "noUnusedLocals": true, 21 | "noUnusedParameters": true, 22 | "noFallthroughCasesInSwitch": true, 23 | "noUncheckedSideEffectImports": true 24 | }, 25 | "include": ["src"] 26 | } 27 | -------------------------------------------------------------------------------- /tsconfig.json: -------------------------------------------------------------------------------- 1 | { 2 | "files": [], 3 | "references": [ 4 | { "path": "./tsconfig.app.json" }, 5 | { "path": "./tsconfig.node.json" } 6 | ] 7 | } 8 | -------------------------------------------------------------------------------- /tsconfig.node.json: -------------------------------------------------------------------------------- 1 | { 2 | "compilerOptions": { 3 | "tsBuildInfoFile": "./node_modules/.tmp/tsconfig.node.tsbuildinfo", 4 | "target": "ES2022", 5 | "lib": ["ES2023"], 6 | "module": "ESNext", 7 | "skipLibCheck": true, 8 | 9 | /* Bundler mode */ 10 | "moduleResolution": "Bundler", 11 | "allowImportingTsExtensions": true, 12 | "isolatedModules": true, 13 | "moduleDetection": "force", 14 | "noEmit": true, 15 | 16 | /* Linting */ 17 | "strict": true, 18 | "noUnusedLocals": true, 19 | "noUnusedParameters": true, 20 | "noFallthroughCasesInSwitch": true, 21 | "noUncheckedSideEffectImports": true 22 | }, 23 | "include": ["vite.config.ts"] 24 | } 25 | -------------------------------------------------------------------------------- /utils/cloudformation/cf-template.yml: -------------------------------------------------------------------------------- 1 | AWSTemplateFormatVersion: "2010-09-09" 2 | Resources: 3 | StaticWebsiteBucket: 4 | Type: AWS::S3::Bucket 5 | Properties: 6 | OwnershipControls: 7 | Rules: 8 | - ObjectOwnership: BucketOwnerEnforced 9 | PublicAccessBlockConfiguration: 10 | BlockPublicAcls: true 11 | BlockPublicPolicy: true 12 | IgnorePublicAcls: true 13 | RestrictPublicBuckets: true 14 | VersioningConfiguration: 15 | Status: Enabled 16 | BucketEncryption: 17 | ServerSideEncryptionConfiguration: 18 | - ServerSideEncryptionByDefault: 19 | SSEAlgorithm: AES256 20 | 21 | LoggingBucket: 22 | Type: AWS::S3::Bucket 23 | Properties: 24 | PublicAccessBlockConfiguration: 25 | BlockPublicAcls: true 26 | BlockPublicPolicy: true 27 | IgnorePublicAcls: true 28 | RestrictPublicBuckets: true 29 | BucketEncryption: 30 | ServerSideEncryptionConfiguration: 31 | - ServerSideEncryptionByDefault: 32 | SSEAlgorithm: AES256 33 | 34 | LoggingBucketPolicy: 35 | Type: AWS::S3::BucketPolicy 36 | Properties: 37 | Bucket: !Ref LoggingBucket 38 | PolicyDocument: 39 | Version: "2012-10-17" 40 | Statement: 41 | - Sid: AllowCloudFrontLogs 42 | Effect: Allow 43 | Principal: 44 | Service: "cloudfront.amazonaws.com" 45 | Action: 46 | - "s3:PutObject" 47 | Resource: !Sub "arn:aws:s3:::${LoggingBucket}/*" 48 | Condition: 49 | StringEquals: 50 | aws:SourceAccount: !Ref AWS::AccountId 51 | 52 | S3BucketPolicy: 53 | Type: AWS::S3::BucketPolicy 54 | Properties: 55 | Bucket: !Ref StaticWebsiteBucket 56 | PolicyDocument: 57 | Version: "2012-10-17" 58 | Statement: 59 | - Sid: CloudFrontAccess 60 | Effect: Allow 61 | Principal: 62 | CanonicalUser: !GetAtt CloudFrontOAI.S3CanonicalUserId 63 | Action: "s3:GetObject" 64 | Resource: !Sub "arn:aws:s3:::${StaticWebsiteBucket}/*" 65 | 66 | CloudFrontOAI: 67 | Type: AWS::CloudFront::CloudFrontOriginAccessIdentity 68 | Properties: 69 | CloudFrontOriginAccessIdentityConfig: 70 | Comment: !Sub "Access for ${AWS::StackName} CloudFront distribution" 71 | 72 | CloudFrontDistribution: 73 | Type: AWS::CloudFront::Distribution 74 | DependsOn: 75 | - LoggingBucket 76 | - LoggingBucketPolicy 77 | Properties: 78 | DistributionConfig: 79 | Enabled: true 80 | Origins: 81 | - DomainName: !GetAtt StaticWebsiteBucket.DomainName 82 | Id: StaticWebsiteOrigin 83 | S3OriginConfig: 84 | OriginAccessIdentity: !Sub "origin-access-identity/cloudfront/${CloudFrontOAI}" 85 | DefaultCacheBehavior: 86 | TargetOriginId: StaticWebsiteOrigin 87 | ViewerProtocolPolicy: redirect-to-https 88 | AllowedMethods: 89 | - GET 90 | - HEAD 91 | CachedMethods: 92 | - GET 93 | - HEAD 94 | ForwardedValues: 95 | QueryString: false 96 | Cookies: 97 | Forward: none 98 | # Logging: 99 | # Bucket: !GetAtt LoggingBucket.DomainName 100 | # Prefix: "cloudfront-logs/" 101 | ViewerCertificate: 102 | CloudFrontDefaultCertificate: true 103 | 104 | Outputs: 105 | WebsiteBucketName: 106 | Description: The name of the S3 bucket for the static website 107 | Value: !Ref StaticWebsiteBucket 108 | 109 | CloudFrontDistributionURL: 110 | Description: The URL of the CloudFront distribution 111 | Value: !Sub "https://${CloudFrontDistribution.DomainName}" 112 | -------------------------------------------------------------------------------- /utils/fetchData/data.cjs: -------------------------------------------------------------------------------- 1 | const categories = { 2 | "Incident Response": [ 3 | "incident", 4 | "response", 5 | "forensics", 6 | "dfir", 7 | "investigation", 8 | "triage", 9 | "analysis", 10 | "compromise", 11 | "breach", 12 | "threat" 13 | ], 14 | "S3 Auditing": [ 15 | "s3", 16 | "bucket", 17 | "permissions", 18 | "auditing", 19 | "storage", 20 | "object", 21 | "access", 22 | "aws s3", 23 | "buckets" 24 | ], 25 | "Compliance": [ 26 | "compliance", 27 | "security", 28 | "cis", 29 | "pci", 30 | "frameworks", 31 | "benchmark", 32 | "governance", 33 | "regulations", 34 | "standards", 35 | "audit", 36 | "policy" 37 | ], 38 | "IAM Tools": [ 39 | "iam", 40 | "identity", 41 | "role", 42 | "permissions", 43 | "policy", 44 | "users", 45 | "groups", 46 | "access", 47 | "authentication", 48 | "authorization" 49 | ], 50 | "Cloud Monitoring": [ 51 | "monitoring", 52 | "alerts", 53 | "metrics", 54 | "logs", 55 | "cloudwatch", 56 | "activity", 57 | "dashboard", 58 | "tracking", 59 | "notification", 60 | "telemetry", 61 | "analytics" 62 | ], 63 | "Static Analysis": [ 64 | "scan", 65 | "checkov", 66 | "analysis", 67 | "terraform", 68 | "cloudformation", 69 | "configuration", 70 | "vulnerability", 71 | "misconfiguration", 72 | "static", 73 | "lint", 74 | "inspection" 75 | ], 76 | "Secrets Management": [ 77 | "secret", 78 | "keys", 79 | "token", 80 | "vault", 81 | "credential", 82 | "encryption", 83 | "key rotation", 84 | "secrets", 85 | "leaks", 86 | "passwords" 87 | ], 88 | "Cloud Infrastructure": [ 89 | "infrastructure", 90 | "provisioning", 91 | "terraform", 92 | "cloudformation", 93 | "deployment", 94 | "automation", 95 | "iaas", 96 | "orchestration", 97 | "infrastructure-as-code" 98 | ], 99 | "Threat Detection": [ 100 | "threat", 101 | "detection", 102 | "malware", 103 | "abuse", 104 | "anomaly", 105 | "attack", 106 | "red team", 107 | "recon", 108 | "security monitoring", 109 | "exploitation" 110 | ], 111 | "Data Security": [ 112 | "data", 113 | "encryption", 114 | "storage", 115 | "leakage", 116 | "detection", 117 | "security", 118 | "classification", 119 | "sensitive", 120 | "backup", 121 | "protection" 122 | ], 123 | "Penetration Testing": [ 124 | "pentest", 125 | "testing", 126 | "exploitation", 127 | "red team", 128 | "recon", 129 | "simulation", 130 | "ethical hacking", 131 | "vulnerabilities", 132 | "attack", 133 | "audit" 134 | ], 135 | "Container Security": [ 136 | "container", 137 | "docker", 138 | "kubernetes", 139 | "orchestration", 140 | "image scanning", 141 | "runtime", 142 | "containerization", 143 | "pod", 144 | "cluster", 145 | "microservices" 146 | ], 147 | "Serverless Security": [ 148 | "serverless", 149 | "lambda", 150 | "faas", 151 | "cloud functions", 152 | "event-driven", 153 | "runtime security", 154 | "functions", 155 | "aws lambda", 156 | "api gateway", 157 | "trigger" 158 | ], 159 | "Cloud Cost Management": [ 160 | "cost", 161 | "optimization", 162 | "billing", 163 | "savings", 164 | "usage", 165 | "resources", 166 | "expenses", 167 | "accounting", 168 | "spend", 169 | "estimation" 170 | ], 171 | "Policy Management": [ 172 | "policy", 173 | "rules", 174 | "compliance", 175 | "configuration", 176 | "benchmark", 177 | "security group", 178 | "firewall", 179 | "permissions", 180 | "policy enforcement", 181 | "controls" 182 | ], 183 | "API Security": [ 184 | "api", 185 | "gateway", 186 | "rest", 187 | "web services", 188 | "soap", 189 | "authentication", 190 | "authorization", 191 | "api calls", 192 | "throttling", 193 | "rate limiting" 194 | ] 195 | }; 196 | 197 | const repos = [ 198 | '0xsha/cloudbrute', 199 | '99designs/aws-vault', 200 | 'aaparmeggiani/s3find', 201 | 'abhn/S3Scan', 202 | 'adanalvarez/HoneyTrail', 203 | 'adanalvarez/TrailDiscover', 204 | 'airbnb/streamalert', 205 | 'aletheia/iam-policy-generator', 206 | 'anaynayak/aws-security-viz', 207 | 'andresriancho/enumerate-iam', 208 | 'andresriancho/nimbostratus', 209 | 'anirudhbiyani/findmytakeover', 210 | 'Aqua-Nautilus/TrailShark', 211 | 'aquasecurity/trivy', 212 | 'aquia-inc/scpkit', 213 | 'arkadiyt/aws_public_ips', 214 | 'Atticuss/bucketcat', 215 | 'aws-cloudformation/cloudformation-guard', 216 | 'aws-samples/automated-security-helper', 217 | 'aws/aws-imds-packet-analyzer', 218 | 'aws/aws-secretsmanager-agent', 219 | 'awslabs/amazon-guardduty-tester', 220 | 'awslabs/coldsnap', 221 | 'awslabs/StsOidcDriver', 222 | 'awslabs/sustainability-scanner', 223 | 'awslabs/threat-composer', 224 | 'Azure/dalec', 225 | 'Azure/Stormspotter', 226 | 'azurekid/blackcat', 227 | 'bear/s3scan', 228 | 'benkehoe/aws-whoami-golang', 229 | 'BishopFox/cloudfox', 230 | 'bishopfox/dufflebag', 231 | 'boostsecurityio/poutine', 232 | 'brianwarehime/inSp3ctor', 233 | 'bridgecrewio/AirIAM', 234 | 'bridgecrewio/checkov', 235 | 'bridgecrewio/yor', 236 | 'btkrausen/AWS', 237 | 'c6fc/npk', 238 | 'canonical/cloud-init', 239 | 'carnal0wnage/weirdAAL', 240 | 'ccbrown/cloud-snitch', 241 | 'CCob/okta-terrify', 242 | 'cesar-rodriguez/terrascan', 243 | 'Checkmarx/kics', 244 | 'cjsrkd3321/aws-security-architectures', 245 | 'cloud-copilot/iam-expand', 246 | 'cloud-copilot/iam-simulate', 247 | 'cloud-custodian/cloud-custodian', 248 | 'cloudquery/cloudquery', 249 | 'cloudsploit/scans', 250 | 'clutchsecurity/federator', 251 | 'common-fate/granted', 252 | 'controlplaneio/simulator', 253 | 'cr0hn/festin', 254 | 'cyberark/SkyArk', 255 | 'cyberark/SkyWrapper', 256 | 'cycloidio/terracognita', 257 | 'dagrz/aws_pwn', 258 | 'damienjburks/DataCop', 259 | 'datadog/grimoire', 260 | 'datadog/guarddog', 261 | 'datadog/stratus-red-team', 262 | 'deepfence/threatmapper', 263 | 'DenizParlak/Zeus', 264 | 'dievus/AWeSomeUserFinder', 265 | 'disruptops/cred_scanner', 266 | 'disruptops/resource-counter', 267 | 'domain-protect/domain-protect-gcp', 268 | 'dowjones/hammer', 269 | 'duo-labs/cloudmapper', 270 | 'duo-labs/cloudtracker', 271 | 'duo-labs/cloudtrail-partitioner', 272 | 'duo-labs/parliament', 273 | 'dxa4481/truffleHog', 274 | 'edera-dev/am-i-isolated', 275 | 'eerkunt/terraform-compliance', 276 | 'ekristen/aws-nuke', 277 | 'elastic/dorothy', 278 | 'elitest/Redboto', 279 | 'endgameinc/aws-logsearch', 280 | 'endgameinc/varna', 281 | 'ermetic/access-undenied-aws', 282 | 'eth0izzle/bucket-stream', 283 | 'evild3ad/Microsoft-Analyzer-Suite', 284 | 'facebookincubator/TTPForge', 285 | 'falcosecurity/falco', 286 | 'FishermansEnemy/bucket_finder', 287 | 'flosell/trailscraper', 288 | 'FogSecurity/finders-keypers', 289 | 'FogSecurity/yes3-scanner', 290 | 'fsecurelabs/awspx', 291 | 'fsecurelabs/leonidas', 292 | 'fugue/regula', 293 | 'gabrielsoltz/metahub', 294 | 'gladstomych/AHHHZURE', 295 | 'goldfiglabs/rpCheckup', 296 | 'google/trillian', 297 | 'GoogleCloudPlatform/assured-workloads-terraform', 298 | 'gruntwork-io/cloud-nuke', 299 | 'gwen001/s3-buckets-finder', 300 | 'hac01/gcp-iam-brute', 301 | 'HarshVaragiya/aws-redteam-kit', 302 | 'hazardsec/cx-scan', 303 | 'hotnops/apeman', 304 | 'iann0036/iamlive', 305 | 'iknowjason/PurpleCloud', 306 | 'infrahouse/terraform-aws-secret', 307 | 'initstring/cloud_enum', 308 | 'janiko71/aws-inventory', 309 | 'jonrau1/AWS-ComplianceMachineDontStop', 310 | 'jonrau1/ElectricEye', 311 | 'jonrau1/SyntheticSun', 312 | 'jordanpotti/AWSBucketDump', 313 | 'joshlarsen/aws-recon', 314 | 'KatTraxler/gcpdocs', 315 | 'kurmiashish/S3Insights', 316 | 'lateralblast/lunar', 317 | 'lirlia/prel', 318 | 'luminaut-org/luminaut', 319 | 'lyft/cartography', 320 | 'maester365/maester', 321 | 'matthewdfuller/safer-scps', 322 | 'mchaffe/cloudprefixes', 323 | 'mchmarny/s3cme', 324 | 'messypoutine/gravy-overflow', 325 | 'mindpointgroup/cloudfrunt', 326 | 'mlabouardy/komiser', 327 | 'mozilla-services/pytest-services', 328 | 'mozilla/MozDef', 329 | 'mozilla/ssm-acquire', 330 | 'MrSecure/review-security-groups', 331 | 'n0jam/gcp-ctf-workshop', 332 | 'nahamsec/lazys3', 333 | 'nccgroup/aws-inventory', 334 | 'nccgroup/PMapper', 335 | 'nccgroup/s3_objects_check', 336 | 'nccgroup/ScoutSuite', 337 | 'nccgroup/SteppingStones', 338 | 'Netflix-Skunkworks/aws-credential-compromise-detection', 339 | 'Netflix/repokid', 340 | 'Netflix/security_monkey', 341 | 'NetSPI/gcpwn', 342 | 'nianticlabs/venator', 343 | 'nozaq/terraform-aws-secure-baseline', 344 | 'nullenc0de/servicelens', 345 | 'octo-sts/app', 346 | 'OffensAI/RogueOIDC', 347 | 'offensive-actions/azure-storage-reverse-shell', 348 | 'okigan/awscurl', 349 | 'open-policy-agent/gatekeeper-library', 350 | 'openai/openai-security-bots', 351 | 'openraven/magpie', 352 | 'orcasecurity-research/kte', 353 | 'ovotech/cloud-key-rotator', 354 | 'padok-team/cognito-scanner', 355 | 'PaperMtn/slack-watchman', 356 | 'Permiso-io-tools/azure-activity-log-axe', 357 | 'Permiso-io-tools/Bucket-Shield', 358 | 'Permiso-io-tools/CloudConsoleCartographer', 359 | 'Permiso-io-tools/CloudGrappler', 360 | 'Permiso-io-tools/cloudtail', 361 | 'Permiso-io-tools/SkyScalpel', 362 | 'planetscale/cloudranger', 363 | 'prevade/cloudjack', 364 | 'primait/nuvola', 365 | 'primeharbor/pht-securityhub-management', 366 | 'prisma-cloud/IAMFinder', 367 | 'projectdiscovery/cdncheck', 368 | 'prowler-cloud/prowler', 369 | 'pumasecurity/nymeria', 370 | 'pumasecurity/serverless-prey', 371 | 'puresec/lambda-proxy', 372 | 'puresec/serverless-puresec-cli', 373 | 'rdkls/tf-parliament', 374 | 'RhinoSecurityLabs/ccat', 375 | 'RhinoSecurityLabs/pacu', 376 | 'RichardoC/gitlab-secrets', 377 | 'RiotGames/cloud-inquisitor', 378 | 'robburger/terraform-pr-commenter', 379 | 'runfinch/finch', 380 | 'salesforce/aws-allowlister', 381 | 'salesforce/cloudsplaining', 382 | 'salesforce/policy_sentry', 383 | 'SanderKnape/assume', 384 | 'SAP/cloud-active-defense', 385 | 'saw-your-packet/CloudShovel', 386 | 'saw-your-packet/EC2StepShell', 387 | 'saw-your-packet/fun-with-ssm', 388 | 'securing/BucketScanner', 389 | 'securing/DumpsterDiver', 390 | 'SecurityRunners/CloudCommotion', 391 | 'seisvelas/S3-Exif-Cleaner', 392 | 'sendgrid/krampus', 393 | 'shabarkin/aws-enumerator', 394 | 'siigil/entra-id-terraform', 395 | 'silascutler/dockerhoneypot-logs', 396 | 'skyscanner/cfripper', 397 | 'skyscanner/whispers', 398 | 'smiegles/mass3', 399 | 'soteria-security/365Inspect', 400 | 'soteria-security/AzureInspect', 401 | 'splunk/attack_range', 402 | 'spotify/gcp-aws-iam-federation-webidentity', 403 | 'ssup2/kpexec', 404 | 'static-flow/CloudCopy', 405 | 'Stelligent/cfn_nag', 406 | 'StevenSmiley/aws-mine', 407 | 'suzuki-shunsuke/tfprovidercheck', 408 | 'synfinatic/aws-sso-cli', 409 | 'SygniaLabs/Cirrus', 410 | 'SySS-Research/azurenum', 411 | 'tensult/cloud-reports', 412 | 'threatcl/threatcl', 413 | 'ThreatResponse/aws_ir', 414 | 'ThreatResponse/mad-king', 415 | 'tmobile/pacbot', 416 | 'tomdev/teh_s3_bucketeers', 417 | 'turbot/steampipe', 418 | 'turnerlabs/antiope', 419 | 'Ucnt/aws-s3-data-finder', 420 | 'udondan/iam-floyd', 421 | 'unknownhad/CloudIntel', 422 | 'vectra-ai-research/derf', 423 | 'vectra-ai-research/Halberd', 424 | 'VirtueSecurity/aws-extender-cli', 425 | 'Voulnet/barq', 426 | 'welldone-cloud/aws-lint-iam-policies', 427 | 'welldone-cloud/aws-list-resources', 428 | 'welldone-cloud/aws-scps-for-sandbox-and-training-accounts', 429 | 'welldone-cloud/aws-summarize-account-activity', 430 | 'WhiteOakSecurity/GoAWSConsoleSpray', 431 | 'whitfin/s3-meta', 432 | 'whitfin/s3-utils', 433 | 'widdix/aws-amicleaner', 434 | 'willbengtson/trailblazer-aws', 435 | 'WithSecureLabs/cloud-security-vm', 436 | 'WithSecureLabs/IAMSpy', 437 | 'xen0l/aws-gate', 438 | 'xen0l/iam-lint', 439 | 'yanilov/control-tags', 440 | 'yelp/detect-secrets', 441 | 'z0ph/aws-security-toolbox', 442 | 'zoph-io/kye', 443 | 'zricethezav/gitleaks', 444 | ]; 445 | 446 | module.exports = { repos, categories }; 447 | -------------------------------------------------------------------------------- /utils/fetchData/fetchRepoData.cjs: -------------------------------------------------------------------------------- 1 | const axios = require('axios'); 2 | const fs = require('fs'); 3 | const { repos, categories } = require('./data.cjs'); // Import repos and categories 4 | 5 | // Use an environment variable for the GitHub token 6 | const GITHUB_TOKEN = process.env.GITHUB_TOKEN; 7 | 8 | if (!GITHUB_TOKEN) { 9 | console.error("Error: GITHUB_TOKEN environment variable is not set."); 10 | process.exit(1); 11 | } 12 | 13 | async function checkRateLimit() { 14 | const rateLimitResponse = await axios.get('https://api.github.com/rate_limit', { 15 | headers: { 16 | Authorization: `Bearer ${GITHUB_TOKEN}`, 17 | }, 18 | }); 19 | 20 | const remainingRequests = rateLimitResponse.data.resources.core.remaining; 21 | const resetTime = rateLimitResponse.data.resources.core.reset; 22 | 23 | console.log(`Remaining requests: ${remainingRequests}`); 24 | 25 | if (remainingRequests === 0) { 26 | const waitTime = resetTime * 1000 - Date.now() + 5000; 27 | console.log(`Rate limit reached. Waiting for ${Math.round(waitTime / 1000)} seconds...`); 28 | await new Promise(resolve => setTimeout(resolve, waitTime)); 29 | console.log('Resuming requests...'); 30 | } 31 | } 32 | 33 | function assignCategory(description, tags, language) { 34 | const lowerDesc = description.toLowerCase(); 35 | const lowerTags = tags.map(tag => tag.toLowerCase()); 36 | const matchedCategories = []; 37 | 38 | for (const [category, keywords] of Object.entries(categories)) { 39 | if ( 40 | keywords.some(keyword => lowerDesc.includes(keyword)) || 41 | keywords.some(keyword => lowerTags.includes(keyword)) || 42 | keywords.some(keyword => language.toLowerCase().includes(keyword)) 43 | ) { 44 | matchedCategories.push(category); 45 | } 46 | } 47 | return matchedCategories.length > 0 ? matchedCategories : ["Uncategorized"]; 48 | } 49 | 50 | async function fetchLastAcceptedCommit(repo) { 51 | try { 52 | const [owner, name] = repo.split("/"); 53 | const repoInfoResponse = await axios.get(`https://api.github.com/repos/${owner}/${name}`, { 54 | headers: { 55 | Authorization: `Bearer ${GITHUB_TOKEN}`, 56 | }, 57 | }); 58 | 59 | const defaultBranch = repoInfoResponse.data.default_branch; 60 | 61 | const branchResponse = await axios.get( 62 | `https://api.github.com/repos/${owner}/${name}/branches/${defaultBranch}`, 63 | { 64 | headers: { 65 | Authorization: `Bearer ${GITHUB_TOKEN}`, 66 | }, 67 | } 68 | ); 69 | 70 | return branchResponse.data.commit.commit.committer.date; 71 | } catch (error) { 72 | console.error(`Error fetching last commit for ${repo}:`, error.response?.data || error.message); 73 | throw error; 74 | } 75 | } 76 | 77 | async function fetchRepoData(repo) { 78 | try { 79 | await checkRateLimit(); 80 | 81 | const repoResponse = await axios.get(`https://api.github.com/repos/${repo}`, { 82 | headers: { 83 | Authorization: `Bearer ${GITHUB_TOKEN}`, 84 | }, 85 | }); 86 | 87 | const topicsResponse = await axios.get(`https://api.github.com/repos/${repo}/topics`, { 88 | headers: { 89 | Accept: 'application/vnd.github.mercy-preview+json', 90 | Authorization: `Bearer ${GITHUB_TOKEN}`, 91 | }, 92 | }); 93 | 94 | const fullRepoName = `${repoResponse.data.owner.login}/${repoResponse.data.name}`; 95 | const description = repoResponse.data.description || ""; 96 | const tags = topicsResponse.data.names || []; 97 | const language = repoResponse.data.language || ""; 98 | const lastAcceptedCommit = await fetchLastAcceptedCommit(repo); 99 | const assignedCategories = assignCategory(description, tags, language); 100 | 101 | return { 102 | name: fullRepoName, 103 | repo: repoResponse.data.html_url, 104 | stars: repoResponse.data.stargazers_count, 105 | last_commit: lastAcceptedCommit, 106 | language, 107 | description, 108 | tags, 109 | categories: assignedCategories, 110 | install_options: [], 111 | }; 112 | } catch (error) { 113 | const timestamp = new Date().toISOString(); 114 | const errorMsg = `[${timestamp}] Error fetching data for ${repo}: ${error.message}\n`; 115 | fs.appendFileSync('errors.log', errorMsg); 116 | console.error(errorMsg); 117 | return null; 118 | } 119 | } 120 | 121 | async function fetchData() { 122 | const toolsData = []; 123 | 124 | for (const repo of repos) { 125 | const data = await fetchRepoData(repo); 126 | if (data) { 127 | toolsData.push(data); 128 | } 129 | } 130 | 131 | fs.writeFileSync('src/data/tools.json', JSON.stringify(toolsData, null, 2), 'utf8'); 132 | console.log('Data has been written to src/data/tools.json'); 133 | } 134 | 135 | fetchData(); -------------------------------------------------------------------------------- /vite.config.ts: -------------------------------------------------------------------------------- 1 | import { defineConfig } from 'vite' 2 | import react from '@vitejs/plugin-react' 3 | 4 | // https://vite.dev/config/ 5 | export default defineConfig({ 6 | plugins: [react()], 7 | }) 8 | --------------------------------------------------------------------------------