Cloud Security
Showing 27 of 63 projects
A curated collection of periodic cybersecurity newsletters covering news, research, tools, vulnerabilities, and threat analysis.
A vulnerable-by-design Terraform repository for learning cloud security misconfigurations across AWS, Azure, and GCP.
A collection of Python scripts for AWS penetration testing, reconnaissance, exploitation, and persistence.
A Terraform module to configure AWS accounts with a secure baseline aligned to CIS AWS Foundations and AWS Foundational Security Best Practices.
A high-performance open-source secret scanner with live validation, blast radius mapping, and 700+ detection rules for code, Git, CI, cloud, and SaaS platforms.
AWS incident response runbook templates for DoS/DDoS attacks, credential leakage, and S3 bucket access incidents.
Open source platform for X.509 certificate-based service authentication and fine-grained access control in dynamic infrastructures.
Regula checks infrastructure as code templates for AWS, Azure, Google Cloud, and Kubernetes security and compliance using Open Policy Agent/Rego.
Pike determines the minimum IAM permissions required to run OpenTofu/Terraform infrastructure code.
A serverless distributed hash-cracking platform built on AWS, offering pay-as-you-go GPU power with an intuitive UI.
A framework for executing and detecting cloud attacker TTPs via YAML definitions, generating APIs, Sigma rules, and documentation.
A Terraform module for creating and managing AWS EC2-VPC Security Groups with comprehensive rule support.
A fluent interface generator for AWS IAM policy statements with comprehensive AWS service coverage.
Open-source policy-as-code software for analyzing multi-cloud and SaaS environments using SQL, YAML, and natural language with GPT.
A serverless application to create and monitor fake HTTP endpoints (URL honeytokens) on AWS Lambda and API Gateway.
A collection of built-in detection rules and policies for Panther, a modern SIEM, enabling security monitoring as code.
A terminal-based CLI tool that audits AWS accounts for security, cost anomalies, and best practices.
A security inspection tool for managed Kubernetes clusters that identifies common misconfigurations via Docker container and web UI.
A collection of native security controls for major cloud platforms mapped to MITRE ATT&CK techniques to enable threat-informed defense decisions.
A community-driven collection of pre-built security analytics queries and rules for auditing and threat detection in Google Cloud.
Collects assets and relationships from cloud, SaaS, and security systems into a Neo4j graph for security analysis.
A Terraform module that sends notifications when users perform actions in the AWS Console to improve security and compliance.
IAMbic is version-control for IAM, centralizing and simplifying cloud access and permissions across AWS, Okta, Azure AD, and Google Workspace.
Visualizes AWS IAM and Organizations as a graph using Neo4j to identify security anomalies and privilege escalation paths.
An AWS CDK construct to deploy, update, and stage Web Application Firewalls (WAFs) with central governance via AWS Firewall Manager.
A Python script that implements security testing attacks against AWS Cognito, including account oracle and privilege escalation.
A vulnerable-by-design CloudFormation template for learning and testing infrastructure-as-code security scanning tools.
Related Tags
Found a gem we're missing?
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.