Cloud Security

NucleiGo

A fast, customizable vulnerability scanner with a YAML-based DSL, powered by a global security community.

truffleHogGo

A secrets scanning tool that discovers, classifies, validates, and analyzes leaked credentials across multiple sources.

truffleHogGo

A secrets scanning tool that discovers, classifies, validates, and analyzes leaked credentials across multiple sources.

wazuhC++

An open-source unified XDR and SIEM platform for threat prevention, detection, and response across endpoints and cloud workloads.

ProwlerPython

An open-source cloud security platform that automates security and compliance assessments across AWS, Azure, GCP, and other cloud providers.

prowlerPython

An open-source cloud security platform that automates security and compliance assessments across AWS, Azure, GCP, and other cloud providers.

CheckovPython

A static code analysis tool that scans infrastructure as code, container images, and open source packages for security misconfigurations and vulnerabilities.

checkovPython

A static code analysis tool that scans infrastructure as code, container images, and open source packages for security misconfigurations and vulnerabilities.

Scout SuitePython

An open-source multi-cloud security auditing tool that assesses cloud environment security posture via provider APIs.

tfsecGo

A static analysis security scanner for Terraform code that identifies misconfigurations across major cloud providers.

TfsecGo

A static analysis security scanner for Terraform code that identifies misconfigurations across major cloud providers.

tfsecGo

A static analysis security scanner for Terraform code that identifies misconfigurations across major cloud providers.

TFSecGo

A static analysis security scanner for Terraform code that identifies misconfigurations across major cloud providers.

CloudQueryGo

Open-source data pipelines to sync cloud infrastructure metadata from AWS, Azure, GCP, and 70+ sources into your data warehouse.

cloud-custodianPython

A rules engine for cloud security, cost optimization, and governance using YAML policies to query, filter, and act on cloud resources.

Kubernetes GoatHTML

An intentionally vulnerable Kubernetes cluster environment for hands-on security training and practice.

ThreatMapperTypeScript

Open source CNAPP that hunts for threats in cloud native platforms, ranks them by risk, and visualizes attack paths.

terrascanGo

A static code analyzer that detects security and compliance violations in Infrastructure as Code before provisioning cloud infrastructure.

TerrascanGo

A static code analyzer that detects security and compliance violations in Infrastructure as Code before provisioning cloud infrastructure.

security_monkeyPython

Monitors AWS, GCP, OpenStack, and GitHub for policy changes and insecure configurations, tracking asset changes over time.

KomiserGo

An open-source, cloud-agnostic tool to analyze and manage cloud cost, usage, security, and governance across multiple providers.

CartographyPython

A Python tool that pulls infrastructure assets and relationships from AWS, GCP, Azure, and 30+ other platforms into a Neo4j graph for security analysis.

scansJavaScript

An open-source Cloud Security Posture Management (CSPM) tool that scans AWS, Azure, GCP, Oracle, and GitHub for security misconfigurations.

CloudGoatPython

A 'Vulnerable by Design' cloud deployment tool for creating and completing capture-the-flag style security scenarios on AWS and Azure.

driftctlGo

A CLI tool that scans cloud infrastructure to detect, track, and alert on drift from Terraform IaC definitions.

KICSOpen Policy Agent

KICS is an open-source static analysis tool that finds security vulnerabilities, compliance issues, and misconfigurations in Infrastructure as Code.

Awesome List of IAM: Fraud links

A curated list of resources covering Identity and Access Management (IAM) for cloud platforms, including authentication, authorization, and security.

IAM

A curated list of resources covering Identity and Access Management (IAM) for cloud platforms, including authentication, authorization, and security.

policy_sentryPython

Automatically generate least-privilege IAM policies for AWS by specifying resource ARNs and access levels.

Policy SentryPython

Automatically generate least-privilege IAM policies for AWS based on resource ARNs and access levels.

MatanoRust

An open source, serverless security data lake for AWS that normalizes logs, enables detection-as-code, and supports petabyte-scale threat hunting.

Principal Mapper (PMapper)Python

A tool for quickly evaluating IAM permissions and identifying security risks in AWS accounts through graph-based analysis.