[
  {
    "path": "LICENSE",
    "content": "                                 Apache License\n                           Version 2.0, January 2004\n                        http://www.apache.org/licenses/\n\n   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION\n\n   1. Definitions.\n\n      \"License\" shall mean the terms and conditions for use, reproduction,\n      and distribution as defined by Sections 1 through 9 of this document.\n\n      \"Licensor\" shall mean the copyright owner or entity authorized by\n      the copyright owner that is granting the License.\n\n      \"Legal Entity\" shall mean the union of the acting entity and all\n      other entities that control, are controlled by, or are under common\n      control with that entity. For the purposes of this definition,\n      \"control\" means (i) the power, direct or indirect, to cause the\n      direction or management of such entity, whether by contract or\n      otherwise, or (ii) ownership of fifty percent (50%) or more of the\n      outstanding shares, or (iii) beneficial ownership of such entity.\n\n      \"You\" (or \"Your\") shall mean an individual or Legal Entity\n      exercising permissions granted by this License.\n\n      \"Source\" form shall mean the preferred form for making modifications,\n      including but not limited to software source code, documentation\n      source, and configuration files.\n\n      \"Object\" form shall mean any form resulting from mechanical\n      transformation or translation of a Source form, including but\n      not limited to compiled object code, generated documentation,\n      and conversions to other media types.\n\n      \"Work\" shall mean the work of authorship, whether in Source or\n      Object form, made available under the License, as indicated by a\n      copyright notice that is included in or attached to the work\n      (an example is provided in the Appendix below).\n\n      \"Derivative Works\" shall mean any work, whether in Source or Object\n      form, that is based on (or derived from) the Work and for which the\n      editorial revisions, annotations, elaborations, or other modifications\n      represent, as a whole, an original work of authorship. For the purposes\n      of this License, Derivative Works shall not include works that remain\n      separable from, or merely link (or bind by name) to the interfaces of,\n      the Work and Derivative Works thereof.\n\n      \"Contribution\" shall mean any work of authorship, including\n      the original version of the Work and any modifications or additions\n      to that Work or Derivative Works thereof, that is intentionally\n      submitted to Licensor for inclusion in the Work by the copyright owner\n      or by an individual or Legal Entity authorized to submit on behalf of\n      the copyright owner. For the purposes of this definition, \"submitted\"\n      means any form of electronic, verbal, or written communication sent\n      to the Licensor or its representatives, including but not limited to\n      communication on electronic mailing lists, source code control systems,\n      and issue tracking systems that are managed by, or on behalf of, the\n      Licensor for the purpose of discussing and improving the Work, but\n      excluding communication that is conspicuously marked or otherwise\n      designated in writing by the copyright owner as \"Not a Contribution.\"\n\n      \"Contributor\" shall mean Licensor and any individual or Legal Entity\n      on behalf of whom a Contribution has been received by Licensor and\n      subsequently incorporated within the Work.\n\n   2. Grant of Copyright License. Subject to the terms and conditions of\n      this License, each Contributor hereby grants to You a perpetual,\n      worldwide, non-exclusive, no-charge, royalty-free, irrevocable\n      copyright license to reproduce, prepare Derivative Works of,\n      publicly display, publicly perform, sublicense, and distribute the\n      Work and such Derivative Works in Source or Object form.\n\n   3. Grant of Patent License. Subject to the terms and conditions of\n      this License, each Contributor hereby grants to You a perpetual,\n      worldwide, non-exclusive, no-charge, royalty-free, irrevocable\n      (except as stated in this section) patent license to make, have made,\n      use, offer to sell, sell, import, and otherwise transfer the Work,\n      where such license applies only to those patent claims licensable\n      by such Contributor that are necessarily infringed by their\n      Contribution(s) alone or by combination of their Contribution(s)\n      with the Work to which such Contribution(s) was submitted. If You\n      institute patent litigation against any entity (including a\n      cross-claim or counterclaim in a lawsuit) alleging that the Work\n      or a Contribution incorporated within the Work constitutes direct\n      or contributory patent infringement, then any patent licenses\n      granted to You under this License for that Work shall terminate\n      as of the date such litigation is filed.\n\n   4. Redistribution. You may reproduce and distribute copies of the\n      Work or Derivative Works thereof in any medium, with or without\n      modifications, and in Source or Object form, provided that You\n      meet the following conditions:\n\n      (a) You must give any other recipients of the Work or\n          Derivative Works a copy of this License; and\n\n      (b) You must cause any modified files to carry prominent notices\n          stating that You changed the files; and\n\n      (c) You must retain, in the Source form of any Derivative Works\n          that You distribute, all copyright, patent, trademark, and\n          attribution notices from the Source form of the Work,\n          excluding those notices that do not pertain to any part of\n          the Derivative Works; and\n\n      (d) If the Work includes a \"NOTICE\" text file as part of its\n          distribution, then any Derivative Works that You distribute must\n          include a readable copy of the attribution notices contained\n          within such NOTICE file, excluding those notices that do not\n          pertain to any part of the Derivative Works, in at least one\n          of the following places: within a NOTICE text file distributed\n          as part of the Derivative Works; within the Source form or\n          documentation, if provided along with the Derivative Works; or,\n          within a display generated by the Derivative Works, if and\n          wherever such third-party notices normally appear. The contents\n          of the NOTICE file are for informational purposes only and\n          do not modify the License. You may add Your own attribution\n          notices within Derivative Works that You distribute, alongside\n          or as an addendum to the NOTICE text from the Work, provided\n          that such additional attribution notices cannot be construed\n          as modifying the License.\n\n      You may add Your own copyright statement to Your modifications and\n      may provide additional or different license terms and conditions\n      for use, reproduction, or distribution of Your modifications, or\n      for any such Derivative Works as a whole, provided Your use,\n      reproduction, and distribution of the Work otherwise complies with\n      the conditions stated in this License.\n\n   5. Submission of Contributions. Unless You explicitly state otherwise,\n      any Contribution intentionally submitted for inclusion in the Work\n      by You to the Licensor shall be under the terms and conditions of\n      this License, without any additional terms or conditions.\n      Notwithstanding the above, nothing herein shall supersede or modify\n      the terms of any separate license agreement you may have executed\n      with Licensor regarding such Contributions.\n\n   6. Trademarks. This License does not grant permission to use the trade\n      names, trademarks, service marks, or product names of the Licensor,\n      except as required for reasonable and customary use in describing the\n      origin of the Work and reproducing the content of the NOTICE file.\n\n   7. Disclaimer of Warranty. Unless required by applicable law or\n      agreed to in writing, Licensor provides the Work (and each\n      Contributor provides its Contributions) on an \"AS IS\" BASIS,\n      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or\n      implied, including, without limitation, any warranties or conditions\n      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A\n      PARTICULAR PURPOSE. You are solely responsible for determining the\n      appropriateness of using or redistributing the Work and assume any\n      risks associated with Your exercise of permissions under this License.\n\n   8. Limitation of Liability. In no event and under no legal theory,\n      whether in tort (including negligence), contract, or otherwise,\n      unless required by applicable law (such as deliberate and grossly\n      negligent acts) or agreed to in writing, shall any Contributor be\n      liable to You for damages, including any direct, indirect, special,\n      incidental, or consequential damages of any character arising as a\n      result of this License or out of the use or inability to use the\n      Work (including but not limited to damages for loss of goodwill,\n      work stoppage, computer failure or malfunction, or any and all\n      other commercial damages or losses), even if such Contributor\n      has been advised of the possibility of such damages.\n\n   9. Accepting Warranty or Additional Liability. While redistributing\n      the Work or Derivative Works thereof, You may choose to offer,\n      and charge a fee for, acceptance of support, warranty, indemnity,\n      or other liability obligations and/or rights consistent with this\n      License. However, in accepting such obligations, You may act only\n      on Your own behalf and on Your sole responsibility, not on behalf\n      of any other Contributor, and only if You agree to indemnify,\n      defend, and hold each Contributor harmless for any liability\n      incurred by, or claims asserted against, such Contributor by reason\n      of your accepting any such warranty or additional liability.\n\n   END OF TERMS AND CONDITIONS\n\n   APPENDIX: How to apply the Apache License to your work.\n\n      To apply the Apache License to your work, attach the following\n      boilerplate notice, with the fields enclosed by brackets \"[]\"\n      replaced with your own identifying information. (Don't include\n      the brackets!)  The text should be enclosed in the appropriate\n      comment syntax for the file format. We also recommend that a\n      file or class name and description of purpose be included on the\n      same \"printed page\" as the copyright notice for easier\n      identification within third-party archives.\n\n   Copyright [yyyy] [name of copyright owner]\n\n   Licensed under the Apache License, Version 2.0 (the \"License\");\n   you may not use this file except in compliance with the License.\n   You may obtain a copy of the License at\n\n       http://www.apache.org/licenses/LICENSE-2.0\n\n   Unless required by applicable law or agreed to in writing, software\n   distributed under the License is distributed on an \"AS IS\" BASIS,\n   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n   See the License for the specific language governing permissions and\n   limitations under the License.\n"
  },
  {
    "path": "README.md",
    "content": "\n## Table of Contents\n\n- [Contribute](#contribute)\n- [Defensive](#defensive-hardening-security-assessment-and-inventory)\n- [Offensive](#offensive)\n- [Purple Teaming & Adversary Emulation](#purple-teaming--adversary-emulation)\n- [Continuous Security Auditing](#continuous-security-auditing)\n- [Digital Forensics and Incident Response](#digital-forensics-and-incident-response)\n- [Development Security](#development-security)\n- [S3 Buckets Auditing](#s3-buckets-auditing)\n- [Training](#training)\n- [Other interesting tools/code](#other-interesting-toolscode)\n\n## Contribute\nDo you want to contribute to this list? Feel free to send a PR and make sure your tool is [Open Source](https://en.wikipedia.org/wiki/Open_source).\n\n\n| Name | Description | Popularity | Metadata |\n| ---------- | :---------- | :----------: | :----------: |\n| **[My Arsenal of AWS Security Tools](https://github.com/toniblyx/my-arsenal-of-aws-security-tools)** | This list of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.|[![stars](https://badgen.net/github/stars/toniblyx/my-arsenal-of-aws-security-tools)](https://badgen.net/github/stars/toniblyx/my-arsenal-of-aws-security-tools)| [![contributors](https://badgen.net/github/contributors/toniblyx/my-arsenal-of-aws-security-tools)](https://badgen.net/github/contributors/toniblyx/my-arsenal-of-aws-security-tools) [![watchers](https://badgen.net/github/watchers/toniblyx/my-arsenal-of-aws-security-tools)](https://badgen.net/github/watchers/toniblyx/my-arsenal-of-aws-security-tools) [![last-commit](https://badgen.net/github/last-commit/toniblyx/my-arsenal-of-aws-security-tools)](https://badgen.net/github/last-commit/toniblyx/my-arsenal-of-aws-security-tools)  [![open-issues](https://badgen.net/github/open-issues/toniblyx/my-arsenal-of-aws-security-tools)](https://badgen.net/github/open-issues/toniblyx/my-arsenal-of-aws-security-tools) [![closed-issues](https://badgen.net/github/closed-issues/toniblyx/my-arsenal-of-aws-security-tools)](https://badgen.net/github/closed-issues/toniblyx/my-arsenal-of-aws-security-tools) |\n\n## Defensive: Hardening, Security Assessment and Inventory\n| Name | Description | Popularity | Metadata |\n| ---------- | :---------- | :----------: | :----------: |\n| **[Prowler](https://github.com/toniblyx/prowler)** | Prowler is an Open Source Security tool for AWS, Azure and GCP to perform Cloud Security best practices assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more. (Python) |[![stars](https://badgen.net/github/stars/toniblyx/prowler)](https://badgen.net/github/stars/toniblyx/prowler)| [![contributors](https://badgen.net/github/contributors/toniblyx/prowler)](https://badgen.net/github/contributors/toniblyx/prowler)[![watchers](https://badgen.net/github/watchers/toniblyx/prowler)](https://badgen.net/github/watchers/toniblyx/prowler)[![last-commit](https://badgen.net/github/last-commit/toniblyx/prowler)](https://badgen.net/github/last-commit/toniblyx/prowler) [![open-issues](https://badgen.net/github/open-issues/toniblyx/prowler)](https://badgen.net/github/open-issues/toniblyx/prowler) [![closed-issues](https://badgen.net/github/closed-issues/toniblyx/prowler)](https://badgen.net/github/closed-issues/toniblyx/prowler) |\n| **[CloudMapper](https://github.com/duo-labs/cloudmapper)** | helps you analyze your AWS environments (Python) |[![stars](https://badgen.net/github/stars/duo-labs/cloudmapper)](https://badgen.net/github/stars/duo-labs/cloudmapper)| [![contributors](https://badgen.net/github/contributors/duo-labs/cloudmapper)](https://badgen.net/github/contributors/duo-labs/cloudmapper)[![watchers](https://badgen.net/github/watchers/duo-labs/cloudmapper)](https://badgen.net/github/watchers/duo-labs/cloudmapper)[![last-commit](https://badgen.net/github/last-commit/duo-labs/cloudmapper)](https://badgen.net/github/last-commit/duo-labs/cloudmapper) [![open-issues](https://badgen.net/github/open-issues/duo-labs/cloudmapper)](https://badgen.net/github/open-issues/duo-labs/cloudmapper) [![closed-issues](https://badgen.net/github/closed-issues/duo-labs/cloudmapper)](https://badgen.net/github/closed-issues/duo-labs/cloudmapper) |\n| **[ScoutSuite](https://github.com/nccgroup/ScoutSuite)** | Multi-Cloud Security auditing tool for AWS Google Cloud and Azure environments (python) |[![stars](https://badgen.net/github/stars/nccgroup/ScoutSuite)](https://badgen.net/github/stars/nccgroup/ScoutSuite)| [![contributors](https://badgen.net/github/contributors/nccgroup/ScoutSuite)](https://badgen.net/github/contributors/nccgroup/ScoutSuite)[![watchers](https://badgen.net/github/watchers/nccgroup/ScoutSuite)](https://badgen.net/github/watchers/nccgroup/ScoutSuite)[![last-commit](https://badgen.net/github/last-commit/nccgroup/ScoutSuite)](https://badgen.net/github/last-commit/nccgroup/ScoutSuite) [![open-issues](https://badgen.net/github/open-issues/nccgroup/ScoutSuite)](https://badgen.net/github/open-issues/nccgroup/ScoutSuite) [![closed-issues](https://badgen.net/github/closed-issues/nccgroup/ScoutSuite)](https://badgen.net/github/closed-issues/nccgroup/ScoutSuite) |\n| **[CloudCustodian](https://github.com/cloud-custodian/cloud-custodian/)** | Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources |[![stars](https://badgen.net/github/stars/cloud-custodian/cloud-custodian/)](https://badgen.net/github/stars/cloud-custodian/cloud-custodian/)| [![contributors](https://badgen.net/github/contributors/cloud-custodian/cloud-custodian/)](https://badgen.net/github/contributors/cloud-custodian/cloud-custodian/)[![watchers](https://badgen.net/github/watchers/cloud-custodian/cloud-custodian/)](https://badgen.net/github/watchers/cloud-custodian/cloud-custodian/)[![last-commit](https://badgen.net/github/last-commit/cloud-custodian/cloud-custodian/)](https://badgen.net/github/last-commit/cloud-custodian/cloud-custodian/) [![open-issues](https://badgen.net/github/open-issues/cloud-custodian/cloud-custodian/)](https://badgen.net/github/open-issues/cloud-custodian/cloud-custodian/) [![closed-issues](https://badgen.net/github/closed-issues/cloud-custodian/cloud-custodian/)](https://badgen.net/github/closed-issues/cloud-custodian/cloud-custodian/) |\n| **[ICE](https://github.com/Teevity/ice)** | Ice provides insights from a usage and cost perspective  with high detail dashboards. |[![stars](https://badgen.net/github/stars/Teevity/ice)](https://badgen.net/github/stars/Teevity/ice)| [![contributors](https://badgen.net/github/contributors/Teevity/ice)](https://badgen.net/github/contributors/Teevity/ice)[![watchers](https://badgen.net/github/watchers/Teevity/ice)](https://badgen.net/github/watchers/Teevity/ice)[![last-commit](https://badgen.net/github/last-commit/Teevity/ice)](https://badgen.net/github/last-commit/Teevity/ice) [![open-issues](https://badgen.net/github/open-issues/Teevity/ice)](https://badgen.net/github/open-issues/Teevity/ice) [![closed-issues](https://badgen.net/github/closed-issues/Teevity/ice)](https://badgen.net/github/closed-issues/Teevity/ice) |\n| **[CloudSploit Scans](https://github.com/cloudsploit/scans)** | AWS security scanning checks (NodeJS) |[![stars](https://badgen.net/github/stars/cloudsploit/scans)](https://badgen.net/github/stars/cloudsploit/scans)| [![contributors](https://badgen.net/github/contributors/cloudsploit/scans)](https://badgen.net/github/contributors/cloudsploit/scans)[![watchers](https://badgen.net/github/watchers/cloudsploit/scans)](https://badgen.net/github/watchers/cloudsploit/scans)[![last-commit](https://badgen.net/github/last-commit/cloudsploit/scans)](https://badgen.net/github/last-commit/cloudsploit/scans) [![open-issues](https://badgen.net/github/open-issues/cloudsploit/scans)](https://badgen.net/github/open-issues/cloudsploit/scans) [![closed-issues](https://badgen.net/github/closed-issues/cloudsploit/scans)](https://badgen.net/github/closed-issues/cloudsploit/scans) |\n| **[AWS Network Access Analyzer](https://github.com/aws-samples/network-access-analyzer-multi-account-analysis)** |  Automation for Amazon VPC Network Access Analyzer to identify all possible Internet Gateway reachability for your resources across all your AWS accounts |[![stars](https://badgen.net/github/stars/aws-samples/network-access-analyzer-multi-account-analysis)](https://badgen.net/github/stars/aws-samples/network-access-analyzer-multi-account-analysis)| [![contributors](https://badgen.net/github/contributors/aws-samples/network-access-analyzer-multi-account-analysis)](https://badgen.net/github/contributors/aws-samples/network-access-analyzer-multi-account-analysis)[![watchers](https://badgen.net/github/watchers/aws-samples/network-access-analyzer-multi-account-analysis)](https://badgen.net/github/watchers/aws-samples/network-access-analyzer-multi-account-analysis)[![last-commit](https://badgen.net/github/last-commit/aws-samples/network-access-analyzer-multi-account-analysis)](https://badgen.net/github/last-commit/aws-samples/network-access-analyzer-multi-account-analysis) [![open-issues](https://badgen.net/github/open-issues/aws-samples/network-access-analyzer-multi-account-analysis)](https://badgen.net/github/open-issues/aws-samples/network-access-analyzer-multi-account-analysis) [![closed-issues](https://badgen.net/github/closed-issues/aws-samples/network-access-analyzer-multi-account-analysis)](https://badgen.net/github/closed-issues/aws-samples/network-access-analyzer-multi-account-analysis) |\n| **[CloudTracker](https://github.com/duo-labs/cloudtracker)** | helps you find over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies (Python) |[![stars](https://badgen.net/github/stars/duo-labs/cloudtracker)](https://badgen.net/github/stars/duo-labs/cloudtracker)| [![contributors](https://badgen.net/github/contributors/duo-labs/cloudtracker)](https://badgen.net/github/contributors/duo-labs/cloudtracker)[![watchers](https://badgen.net/github/watchers/duo-labs/cloudtracker)](https://badgen.net/github/watchers/duo-labs/cloudtracker)[![last-commit](https://badgen.net/github/last-commit/duo-labs/cloudtracker)](https://badgen.net/github/last-commit/duo-labs/cloudtracker) [![open-issues](https://badgen.net/github/open-issues/duo-labs/cloudtracker)](https://badgen.net/github/open-issues/duo-labs/cloudtracker) [![closed-issues](https://badgen.net/github/closed-issues/duo-labs/cloudtracker)](https://badgen.net/github/closed-issues/duo-labs/cloudtracker) |\n| **[AWS Security Benchmarks](https://github.com/awslabs/aws-security-benchmark)** | scripts and templates guidance related to the AWS CIS Foundation framework (Python) |[![stars](https://badgen.net/github/stars/awslabs/aws-security-benchmark)](https://badgen.net/github/stars/awslabs/aws-security-benchmark)| [![contributors](https://badgen.net/github/contributors/awslabs/aws-security-benchmark)](https://badgen.net/github/contributors/awslabs/aws-security-benchmark)[![watchers](https://badgen.net/github/watchers/awslabs/aws-security-benchmark)](https://badgen.net/github/watchers/awslabs/aws-security-benchmark)[![last-commit](https://badgen.net/github/last-commit/awslabs/aws-security-benchmark)](https://badgen.net/github/last-commit/awslabs/aws-security-benchmark) [![open-issues](https://badgen.net/github/open-issues/awslabs/aws-security-benchmark)](https://badgen.net/github/open-issues/awslabs/aws-security-benchmark) [![closed-issues](https://badgen.net/github/closed-issues/awslabs/aws-security-benchmark)](https://badgen.net/github/closed-issues/awslabs/aws-security-benchmark) |\n| **[AWS Public IPs](https://github.com/arkadiyt/aws_public_ips)** | Fetch all public IP addresses tied to your AWS account. Works with IPv4/IPv6  Classic/VPC networking  and across all AWS services (Ruby) |[![stars](https://badgen.net/github/stars/arkadiyt/aws_public_ips)](https://badgen.net/github/stars/arkadiyt/aws_public_ips)| [![contributors](https://badgen.net/github/contributors/arkadiyt/aws_public_ips)](https://badgen.net/github/contributors/arkadiyt/aws_public_ips)[![watchers](https://badgen.net/github/watchers/arkadiyt/aws_public_ips)](https://badgen.net/github/watchers/arkadiyt/aws_public_ips)[![last-commit](https://badgen.net/github/last-commit/arkadiyt/aws_public_ips)](https://badgen.net/github/last-commit/arkadiyt/aws_public_ips) [![open-issues](https://badgen.net/github/open-issues/arkadiyt/aws_public_ips)](https://badgen.net/github/open-issues/arkadiyt/aws_public_ips) [![closed-issues](https://badgen.net/github/closed-issues/arkadiyt/aws_public_ips)](https://badgen.net/github/closed-issues/arkadiyt/aws_public_ips) |\n| **[PMapper](https://github.com/nccgroup/PMapper)** | Advanced and Automated AWS IAM Evaluation (Python) |[![stars](https://badgen.net/github/stars/nccgroup/PMapper)](https://badgen.net/github/stars/nccgroup/PMapper)| [![contributors](https://badgen.net/github/contributors/nccgroup/PMapper)](https://badgen.net/github/contributors/nccgroup/PMapper)[![watchers](https://badgen.net/github/watchers/nccgroup/PMapper)](https://badgen.net/github/watchers/nccgroup/PMapper)[![last-commit](https://badgen.net/github/last-commit/nccgroup/PMapper)](https://badgen.net/github/last-commit/nccgroup/PMapper) [![open-issues](https://badgen.net/github/open-issues/nccgroup/PMapper)](https://badgen.net/github/open-issues/nccgroup/PMapper) [![closed-issues](https://badgen.net/github/closed-issues/nccgroup/PMapper)](https://badgen.net/github/closed-issues/nccgroup/PMapper) |\n| **[nccgroup AWS-Inventory](https://github.com/nccgroup/aws-inventory)** | Make a inventory of all your resources across regions (Python) |[![stars](https://badgen.net/github/stars/nccgroup/aws-inventory)](https://badgen.net/github/stars/nccgroup/aws-inventory)| [![contributors](https://badgen.net/github/contributors/nccgroup/aws-inventory)](https://badgen.net/github/contributors/nccgroup/aws-inventory)[![watchers](https://badgen.net/github/watchers/nccgroup/aws-inventory)](https://badgen.net/github/watchers/nccgroup/aws-inventory)[![last-commit](https://badgen.net/github/last-commit/nccgroup/aws-inventory)](https://badgen.net/github/last-commit/nccgroup/aws-inventory) [![open-issues](https://badgen.net/github/open-issues/nccgroup/aws-inventory)](https://badgen.net/github/open-issues/nccgroup/aws-inventory) [![closed-issues](https://badgen.net/github/closed-issues/nccgroup/aws-inventory)](https://badgen.net/github/closed-issues/nccgroup/aws-inventory) |\n| **[Resource Counter](https://github.com/disruptops/resource-counter)** | Counts number of resources in categories across regions |[![stars](https://badgen.net/github/stars/disruptops/resource-counter)](https://badgen.net/github/stars/disruptops/resource-counter)| [![contributors](https://badgen.net/github/contributors/disruptops/resource-counter)](https://badgen.net/github/contributors/disruptops/resource-counter)[![watchers](https://badgen.net/github/watchers/disruptops/resource-counter)](https://badgen.net/github/watchers/disruptops/resource-counter)[![last-commit](https://badgen.net/github/last-commit/disruptops/resource-counter)](https://badgen.net/github/last-commit/disruptops/resource-counter) [![open-issues](https://badgen.net/github/open-issues/disruptops/resource-counter)](https://badgen.net/github/open-issues/disruptops/resource-counter) [![closed-issues](https://badgen.net/github/closed-issues/disruptops/resource-counter)](https://badgen.net/github/closed-issues/disruptops/resource-counter) |\n| **[SkyArk](https://github.com/cyberark/SkyArk)** | SkyArk provides advanced discovery and security assessment for the most privileged entities in the tested AWS.  |[![stars](https://badgen.net/github/stars/cyberark/SkyArk)](https://badgen.net/github/stars/cyberark/SkyArk)| [![contributors](https://badgen.net/github/contributors/cyberark/SkyArk)](https://badgen.net/github/contributors/cyberark/SkyArk)[![watchers](https://badgen.net/github/watchers/cyberark/SkyArk)](https://badgen.net/github/watchers/cyberark/SkyArk)[![last-commit](https://badgen.net/github/last-commit/cyberark/SkyArk)](https://badgen.net/github/last-commit/cyberark/SkyArk) [![open-issues](https://badgen.net/github/open-issues/cyberark/SkyArk)](https://badgen.net/github/open-issues/cyberark/SkyArk) [![closed-issues](https://badgen.net/github/closed-issues/cyberark/SkyArk)](https://badgen.net/github/closed-issues/cyberark/SkyArk) |\n| **[findmytakeover](https://github.com/anirudhbiyani/findmytakeover)** | find dangling domains in a multi cloud environment | [![stars](https://badgen.net/github/stars/anirudhbiyani/findmytakeover)](https://badgen.net/github/stars/anirudhbiyani/findmytakeover) | [![contributors](https://badgen.net/github/contributors/anirudhbiyani/findmytakeover)](https://badgen.net/github/contributors/anirudhbiyani/findmytakeover)  [![watchers](https://badgen.net/github/watchers/anirudhbiyani/findmytakeover)](https://badgen.net/github/watchers/anirudhbiyani/findmytakeover)  [![last-commit](https://badgen.net/github/last-commit/anirudhbiyani/findmytakeover)](https://badgen.net/github/last-commit/anirudhbiyani/findmytakeover) [![open-issues](https://badgen.net/github/open-issues/anirudhbiyani/findmytakeover)](https://badgen.net/github/open-issues/anirudhbiyani/findmytakeover) [![closed-issues](https://badgen.net/github/closed-issues/anirudhbiyani/findmytakeover)](https://badgen.net/github/closed-issues/anirudhbiyani/findmytakeover) |\n| **[Trailblazer AWS](https://github.com/willbengtson/trailblazer-aws)** | Trailblazer AWS  determine what AWS API calls are logged by CloudTrail and what they are logged as. You can also use TrailBlazer as an attack simulation framework. |[![stars](https://badgen.net/github/stars/willbengtson/trailblazer-aws)](https://badgen.net/github/stars/willbengtson/trailblazer-aws)| [![contributors](https://badgen.net/github/contributors/willbengtson/trailblazer-aws)](https://badgen.net/github/contributors/willbengtson/trailblazer-aws)[![watchers](https://badgen.net/github/watchers/willbengtson/trailblazer-aws)](https://badgen.net/github/watchers/willbengtson/trailblazer-aws)[![last-commit](https://badgen.net/github/last-commit/willbengtson/trailblazer-aws)](https://badgen.net/github/last-commit/willbengtson/trailblazer-aws) [![open-issues](https://badgen.net/github/open-issues/willbengtson/trailblazer-aws)](https://badgen.net/github/open-issues/willbengtson/trailblazer-aws) [![closed-issues](https://badgen.net/github/closed-issues/willbengtson/trailblazer-aws)](https://badgen.net/github/closed-issues/willbengtson/trailblazer-aws) |\n| **[Lunar](https://github.com/lateralblast/lunar)** | Security auditing tool based on several security frameworks (it does some AWS checks) |[![stars](https://badgen.net/github/stars/lateralblast/lunar)](https://badgen.net/github/stars/lateralblast/lunar)| [![contributors](https://badgen.net/github/contributors/lateralblast/lunar)](https://badgen.net/github/contributors/lateralblast/lunar)[![watchers](https://badgen.net/github/watchers/lateralblast/lunar)](https://badgen.net/github/watchers/lateralblast/lunar)[![last-commit](https://badgen.net/github/last-commit/lateralblast/lunar)](https://badgen.net/github/last-commit/lateralblast/lunar) [![open-issues](https://badgen.net/github/open-issues/lateralblast/lunar)](https://badgen.net/github/open-issues/lateralblast/lunar) [![closed-issues](https://badgen.net/github/closed-issues/lateralblast/lunar)](https://badgen.net/github/closed-issues/lateralblast/lunar) |\n| **[Cloud-reports](https://github.com/tensult/cloud-reports)** | Scans your AWS cloud resources and generates reports |[![stars](https://badgen.net/github/stars/tensult/cloud-reports)](https://badgen.net/github/stars/tensult/cloud-reports)| [![contributors](https://badgen.net/github/contributors/tensult/cloud-reports)](https://badgen.net/github/contributors/tensult/cloud-reports)[![watchers](https://badgen.net/github/watchers/tensult/cloud-reports)](https://badgen.net/github/watchers/tensult/cloud-reports)[![last-commit](https://badgen.net/github/last-commit/tensult/cloud-reports)](https://badgen.net/github/last-commit/tensult/cloud-reports) [![open-issues](https://badgen.net/github/open-issues/tensult/cloud-reports)](https://badgen.net/github/open-issues/tensult/cloud-reports) [![closed-issues](https://badgen.net/github/closed-issues/tensult/cloud-reports)](https://badgen.net/github/closed-issues/tensult/cloud-reports) |\n| **[Pacbot](https://github.com/tmobile/pacbot)** | Platform for continuous compliance monitoring  compliance reporting and security automation for the cloud |[![stars](https://badgen.net/github/stars/tmobile/pacbot)](https://badgen.net/github/stars/tmobile/pacbot)| [![contributors](https://badgen.net/github/contributors/tmobile/pacbot)](https://badgen.net/github/contributors/tmobile/pacbot)[![watchers](https://badgen.net/github/watchers/tmobile/pacbot)](https://badgen.net/github/watchers/tmobile/pacbot)[![last-commit](https://badgen.net/github/last-commit/tmobile/pacbot)](https://badgen.net/github/last-commit/tmobile/pacbot) [![open-issues](https://badgen.net/github/open-issues/tmobile/pacbot)](https://badgen.net/github/open-issues/tmobile/pacbot) [![closed-issues](https://badgen.net/github/closed-issues/tmobile/pacbot)](https://badgen.net/github/closed-issues/tmobile/pacbot) |\n| **[cs-suite](https://github.com/SecurityFTW/cs-suite)** | Integrates tools like Scout2 and Prowler among others  |[![stars](https://badgen.net/github/stars/SecurityFTW/cs-suite)](https://badgen.net/github/stars/SecurityFTW/cs-suite)| [![contributors](https://badgen.net/github/contributors/SecurityFTW/cs-suite)](https://badgen.net/github/contributors/SecurityFTW/cs-suite)[![watchers](https://badgen.net/github/watchers/SecurityFTW/cs-suite)](https://badgen.net/github/watchers/SecurityFTW/cs-suite)[![last-commit](https://badgen.net/github/last-commit/SecurityFTW/cs-suite)](https://badgen.net/github/last-commit/SecurityFTW/cs-suite) [![open-issues](https://badgen.net/github/open-issues/SecurityFTW/cs-suite)](https://badgen.net/github/open-issues/SecurityFTW/cs-suite) [![closed-issues](https://badgen.net/github/closed-issues/SecurityFTW/cs-suite)](https://badgen.net/github/closed-issues/SecurityFTW/cs-suite) |\n| **[aws-key-disabler](https://github.com/te-papa/aws-key-disabler)** | A small lambda script that will disable access keys older than a given amount of days |[![stars](https://badgen.net/github/stars/te-papa/aws-key-disabler)](https://badgen.net/github/stars/te-papa/aws-key-disabler)| [![contributors](https://badgen.net/github/contributors/te-papa/aws-key-disabler)](https://badgen.net/github/contributors/te-papa/aws-key-disabler)[![watchers](https://badgen.net/github/watchers/te-papa/aws-key-disabler)](https://badgen.net/github/watchers/te-papa/aws-key-disabler)[![last-commit](https://badgen.net/github/last-commit/te-papa/aws-key-disabler)](https://badgen.net/github/last-commit/te-papa/aws-key-disabler) [![open-issues](https://badgen.net/github/open-issues/te-papa/aws-key-disabler)](https://badgen.net/github/open-issues/te-papa/aws-key-disabler) [![closed-issues](https://badgen.net/github/closed-issues/te-papa/aws-key-disabler)](https://badgen.net/github/closed-issues/te-papa/aws-key-disabler) |\n| **[Antiope](https://github.com/turnerlabs/antiope)** | AWS Inventory and Compliance Framework |[![stars](https://badgen.net/github/stars/turnerlabs/antiope)](https://badgen.net/github/stars/turnerlabs/antiope)| [![contributors](https://badgen.net/github/contributors/turnerlabs/antiope)](https://badgen.net/github/contributors/turnerlabs/antiope)[![watchers](https://badgen.net/github/watchers/turnerlabs/antiope)](https://badgen.net/github/watchers/turnerlabs/antiope)[![last-commit](https://badgen.net/github/last-commit/turnerlabs/antiope)](https://badgen.net/github/last-commit/turnerlabs/antiope) [![open-issues](https://badgen.net/github/open-issues/turnerlabs/antiope)](https://badgen.net/github/open-issues/turnerlabs/antiope) [![closed-issues](https://badgen.net/github/closed-issues/turnerlabs/antiope)](https://badgen.net/github/closed-issues/turnerlabs/antiope) |\n| **[Cloud Reports](https://github.com/tensult/cloud-reports)** | Scans your AWS cloud resources and generates reports and includes security best practices. |[![stars](https://badgen.net/github/stars/tensult/cloud-reports)](https://badgen.net/github/stars/tensult/cloud-reports)| [![contributors](https://badgen.net/github/contributors/tensult/cloud-reports)](https://badgen.net/github/contributors/tensult/cloud-reports)[![watchers](https://badgen.net/github/watchers/tensult/cloud-reports)](https://badgen.net/github/watchers/tensult/cloud-reports)[![last-commit](https://badgen.net/github/last-commit/tensult/cloud-reports)](https://badgen.net/github/last-commit/tensult/cloud-reports) [![open-issues](https://badgen.net/github/open-issues/tensult/cloud-reports)](https://badgen.net/github/open-issues/tensult/cloud-reports) [![closed-issues](https://badgen.net/github/closed-issues/tensult/cloud-reports)](https://badgen.net/github/closed-issues/tensult/cloud-reports) |\n| **[Terraform AWS Secure Baseline](https://github.com/nozaq/terraform-aws-secure-baseline)** | Terraform module to set up your AWS account with the secure |[![stars](https://badgen.net/github/stars/nozaq/terraform-aws-secure-baseline)](https://badgen.net/github/stars/nozaq/terraform-aws-secure-baseline)| [![contributors](https://badgen.net/github/contributors/nozaq/terraform-aws-secure-baseline)](https://badgen.net/github/contributors/nozaq/terraform-aws-secure-baseline)[![watchers](https://badgen.net/github/watchers/nozaq/terraform-aws-secure-baseline)](https://badgen.net/github/watchers/nozaq/terraform-aws-secure-baseline)[![last-commit](https://badgen.net/github/last-commit/nozaq/terraform-aws-secure-baseline)](https://badgen.net/github/last-commit/nozaq/terraform-aws-secure-baseline) [![open-issues](https://badgen.net/github/open-issues/nozaq/terraform-aws-secure-baseline)](https://badgen.net/github/open-issues/nozaq/terraform-aws-secure-baseline) [![closed-issues](https://badgen.net/github/closed-issues/nozaq/terraform-aws-secure-baseline)](https://badgen.net/github/closed-issues/nozaq/terraform-aws-secure-baseline) |\n| **[ZeusCloud](https://github.com/Zeus-Labs/ZeusCloud)** | Discover, prioritize, and remediate security risks in your AWS cloud environments.  | [![stars](https://badgen.net/github/stars/Zeus-Labs/ZeusCloud)](https://badgen.net/github/stars/Zeus-Labs/ZeusCloud)| [![contributors](https://badgen.net/github/contributors/Zeus-Labs/ZeusCloud)](https://badgen.net/github/contributors/Zeus-Labs/ZeusCloud) [![watchers](https://badgen.net/github/watchers/Zeus-Labs/ZeusCloud)](https://badgen.net/github/watchers/Zeus-Labs/ZeusCloud) [![last-commit](https://badgen.net/github/last-commit/Zeus-Labs/ZeusCloud)](https://badgen.net/github/last-commit/Zeus-Labs/ZeusCloud) [![open-issues](https://badgen.net/github/open-issues/Zeus-Labs/ZeusCloud)](https://badgen.net/github/open-issues/Zeus-Labs/ZeusCloud) [![closed-issues](https://badgen.net/github/closed-issues/Zeus-Labs/ZeusCloud)](https://badgen.net/github/closed-issues/Zeus-Labs/ZeusCloud) |\n| **[Cartography](https://github.com/lyft/cartography)** | Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database.  |[![stars](https://badgen.net/github/stars/lyft/cartography)](https://badgen.net/github/stars/lyft/cartography)| [![contributors](https://badgen.net/github/contributors/lyft/cartography)](https://badgen.net/github/contributors/lyft/cartography)[![watchers](https://badgen.net/github/watchers/lyft/cartography)](https://badgen.net/github/watchers/lyft/cartography)[![last-commit](https://badgen.net/github/last-commit/lyft/cartography)](https://badgen.net/github/last-commit/lyft/cartography) [![open-issues](https://badgen.net/github/open-issues/lyft/cartography)](https://badgen.net/github/open-issues/lyft/cartography) [![closed-issues](https://badgen.net/github/closed-issues/lyft/cartography)](https://badgen.net/github/closed-issues/lyft/cartography) |\n| **[TrailScraper](https://github.com/flosell/trailscraper)** | A command-line tool to get valuable information out of AWS CloudTrail |[![stars](https://badgen.net/github/stars/flosell/trailscraper)](https://badgen.net/github/stars/flosell/trailscraper)| [![contributors](https://badgen.net/github/contributors/flosell/trailscraper)](https://badgen.net/github/contributors/flosell/trailscraper)[![watchers](https://badgen.net/github/watchers/flosell/trailscraper)](https://badgen.net/github/watchers/flosell/trailscraper)[![last-commit](https://badgen.net/github/last-commit/flosell/trailscraper)](https://badgen.net/github/last-commit/flosell/trailscraper) [![open-issues](https://badgen.net/github/open-issues/flosell/trailscraper)](https://badgen.net/github/open-issues/flosell/trailscraper) [![closed-issues](https://badgen.net/github/closed-issues/flosell/trailscraper)](https://badgen.net/github/closed-issues/flosell/trailscraper) |\n| **[Komiser](https://github.com/mlabouardy/komiser)** | Cloud Environment Inspector analyze and manage cloud cost usage security and governance in one place. |[![stars](https://badgen.net/github/stars/mlabouardy/komiser)](https://badgen.net/github/stars/mlabouardy/komiser)| [![contributors](https://badgen.net/github/contributors/mlabouardy/komiser)](https://badgen.net/github/contributors/mlabouardy/komiser)[![watchers](https://badgen.net/github/watchers/mlabouardy/komiser)](https://badgen.net/github/watchers/mlabouardy/komiser)[![last-commit](https://badgen.net/github/last-commit/mlabouardy/komiser)](https://badgen.net/github/last-commit/mlabouardy/komiser) [![open-issues](https://badgen.net/github/open-issues/mlabouardy/komiser)](https://badgen.net/github/open-issues/mlabouardy/komiser) [![closed-issues](https://badgen.net/github/closed-issues/mlabouardy/komiser)](https://badgen.net/github/closed-issues/mlabouardy/komiser) |\n| **[Perimeterator](https://github.com/darkarnium/perimeterator)** | AWS perimeter monitoring. Periodically scan internet facing AWS resources to detect misconfigured services |[![stars](https://badgen.net/github/stars/darkarnium/perimeterator)](https://badgen.net/github/stars/darkarnium/perimeterator)| [![contributors](https://badgen.net/github/contributors/darkarnium/perimeterator)](https://badgen.net/github/contributors/darkarnium/perimeterator)[![watchers](https://badgen.net/github/watchers/darkarnium/perimeterator)](https://badgen.net/github/watchers/darkarnium/perimeterator)[![last-commit](https://badgen.net/github/last-commit/darkarnium/perimeterator)](https://badgen.net/github/last-commit/darkarnium/perimeterator) [![open-issues](https://badgen.net/github/open-issues/darkarnium/perimeterator)](https://badgen.net/github/open-issues/darkarnium/perimeterator) [![closed-issues](https://badgen.net/github/closed-issues/darkarnium/perimeterator)](https://badgen.net/github/closed-issues/darkarnium/perimeterator) |\n| **[PolicySentry](https://github.com/salesforce/policy_sentry)** | IAM Least Privilege Policy Generator auditor and analysis database |[![stars](https://badgen.net/github/stars/salesforce/policy_sentry)](https://badgen.net/github/stars/salesforce/policy_sentry)| [![contributors](https://badgen.net/github/contributors/salesforce/policy_sentry)](https://badgen.net/github/contributors/salesforce/policy_sentry)[![watchers](https://badgen.net/github/watchers/salesforce/policy_sentry)](https://badgen.net/github/watchers/salesforce/policy_sentry)[![last-commit](https://badgen.net/github/last-commit/salesforce/policy_sentry)](https://badgen.net/github/last-commit/salesforce/policy_sentry) [![open-issues](https://badgen.net/github/open-issues/salesforce/policy_sentry)](https://badgen.net/github/open-issues/salesforce/policy_sentry) [![closed-issues](https://badgen.net/github/closed-issues/salesforce/policy_sentry)](https://badgen.net/github/closed-issues/salesforce/policy_sentry) |\n| **[Zeus](https://github.com/DenizParlak/Zeus)** | AWS Auditing & Hardening Tool  |[![stars](https://badgen.net/github/stars/DenizParlak/Zeus)](https://badgen.net/github/stars/DenizParlak/Zeus)| [![contributors](https://badgen.net/github/contributors/DenizParlak/Zeus)](https://badgen.net/github/contributors/DenizParlak/Zeus)[![watchers](https://badgen.net/github/watchers/DenizParlak/Zeus)](https://badgen.net/github/watchers/DenizParlak/Zeus)[![last-commit](https://badgen.net/github/last-commit/DenizParlak/Zeus)](https://badgen.net/github/last-commit/DenizParlak/Zeus) [![open-issues](https://badgen.net/github/open-issues/DenizParlak/Zeus)](https://badgen.net/github/open-issues/DenizParlak/Zeus) [![closed-issues](https://badgen.net/github/closed-issues/DenizParlak/Zeus)](https://badgen.net/github/closed-issues/DenizParlak/Zeus) |\n| **[janiko71 AWS-inventory](https://github.com/janiko71/aws-inventory)** | Python script for AWS resources inventory |[![stars](https://badgen.net/github/stars/janiko71/aws-inventory)](https://badgen.net/github/stars/janiko71/aws-inventory)| [![contributors](https://badgen.net/github/contributors/janiko71/aws-inventory)](https://badgen.net/github/contributors/janiko71/aws-inventory)[![watchers](https://badgen.net/github/watchers/janiko71/aws-inventory)](https://badgen.net/github/watchers/janiko71/aws-inventory)[![last-commit](https://badgen.net/github/last-commit/janiko71/aws-inventory)](https://badgen.net/github/last-commit/janiko71/aws-inventory) [![open-issues](https://badgen.net/github/open-issues/janiko71/aws-inventory)](https://badgen.net/github/open-issues/janiko71/aws-inventory) [![closed-issues](https://badgen.net/github/closed-issues/janiko71/aws-inventory)](https://badgen.net/github/closed-issues/janiko71/aws-inventory) |\n| **[awspx](https://github.com/fsecurelabs/awspx)** | A graph-based tool for visualizing effective access and resource relationships in AWS environments |[![stars](https://badgen.net/github/stars/fsecurelabs/awspx)](https://badgen.net/github/stars/fsecurelabs/awspx)| [![contributors](https://badgen.net/github/contributors/fsecurelabs/awspx)](https://badgen.net/github/contributors/fsecurelabs/awspx)[![watchers](https://badgen.net/github/watchers/fsecurelabs/awspx)](https://badgen.net/github/watchers/fsecurelabs/awspx)[![last-commit](https://badgen.net/github/last-commit/fsecurelabs/awspx)](https://badgen.net/github/last-commit/fsecurelabs/awspx) [![open-issues](https://badgen.net/github/open-issues/fsecurelabs/awspx)](https://badgen.net/github/open-issues/fsecurelabs/awspx) [![closed-issues](https://badgen.net/github/closed-issues/fsecurelabs/awspx)](https://badgen.net/github/closed-issues/fsecurelabs/awspx) |\n| **[clinv](https://github.com/lyz-code/clinv)** | DevSecOps command line asset inventory tool  |[![stars](https://badgen.net/github/stars/lyz-code/clinv)](https://badgen.net/github/stars/lyz-code/clinv)| [![contributors](https://badgen.net/github/contributors/lyz-code/clinv)](https://badgen.net/github/contributors/lyz-code/clinv)[![watchers](https://badgen.net/github/watchers/lyz-code/clinv)](https://badgen.net/github/watchers/lyz-code/clinv)[![last-commit](https://badgen.net/github/last-commit/lyz-code/clinv)](https://badgen.net/github/last-commit/lyz-code/clinv) [![open-issues](https://badgen.net/github/open-issues/lyz-code/clinv)](https://badgen.net/github/open-issues/lyz-code/clinv) [![closed-issues](https://badgen.net/github/closed-issues/lyz-code/clinv)](https://badgen.net/github/closed-issues/lyz-code/clinv) |\n| **[aws-gate](https://github.com/xen0l/aws-gate)** | Enhanced AWS SSM Session manager CLI client |[![stars](https://badgen.net/github/stars/xen0l/aws-gate)](https://badgen.net/github/stars/xen0l/aws-gate)| [![contributors](https://badgen.net/github/contributors/xen0l/aws-gate)](https://badgen.net/github/contributors/xen0l/aws-gate) [![watchers](https://badgen.net/github/watchers/xen0l/aws-gate)](https://badgen.net/github/watchers/xen0l/aws-gate) [![last-commit](https://badgen.net/github/last-commit/xen0l/aws-gate)](https://badgen.net/github/last-commit/xen0l/aws-gate)  [![open-issues](https://badgen.net/github/open-issues/xen0l/aws-gate)](https://badgen.net/github/open-issues/xen0l/aws-gate) [![closed-issues](https://badgen.net/github/closed-issues/xen0l/aws-gate)](https://badgen.net/github/closed-issues/xen0l/aws-gate) |\n| **[Detecting Credential Compromise](https://github.com/Netflix-Skunkworks/aws-credential-compromise-detection)** | Detecting of your compromised credential in AWS  |[![stars](https://badgen.net/github/stars/Netflix-Skunkworks/aws-credential-compromise-detection)](https://badgen.net/github/stars/Netflix-Skunkworks/aws-credential-compromise-detection)| [![contributors](https://badgen.net/github/contributors/Netflix-Skunkworks/aws-credential-compromise-detection)](https://badgen.net/github/contributors/Netflix-Skunkworks/aws-credential-compromise-detection)[![watchers](https://badgen.net/github/watchers/Netflix-Skunkworks/aws-credential-compromise-detection)](https://badgen.net/github/watchers/Netflix-Skunkworks/aws-credential-compromise-detection)[![last-commit](https://badgen.net/github/last-commit/Netflix-Skunkworks/aws-credential-compromise-detection)](https://badgen.net/github/last-commit/Netflix-Skunkworks/aws-credential-compromise-detection) [![open-issues](https://badgen.net/github/open-issues/Netflix-Skunkworks/aws-credential-compromise-detection)](https://badgen.net/github/open-issues/Netflix-Skunkworks/aws-credential-compromise-detection) [![closed-issues](https://badgen.net/github/closed-issues/Netflix-Skunkworks/aws-credential-compromise-detection)](https://badgen.net/github/closed-issues/Netflix-Skunkworks/aws-credential-compromise-detection)|\n| **[AWS-Security-Toolbox (AST)](https://github.com/z0ph/aws-security-toolbox)** | AWS Security Toolbox (Docker Image) for Security Assessments |[![stars](https://badgen.net/github/stars/z0ph/aws-security-toolbox)](https://badgen.net/github/stars/z0ph/aws-security-toolbox)| [![contributors](https://badgen.net/github/contributors/z0ph/aws-security-toolbox)](https://badgen.net/github/contributors/z0ph/aws-security-toolbox) [![watchers](https://badgen.net/github/watchers/z0ph/aws-security-toolbox)](https://badgen.net/github/watchers/z0ph/aws-security-toolbox) [![last-commit](https://badgen.net/github/last-commit/z0ph/aws-security-toolbox)](https://badgen.net/github/last-commit/z0ph/aws-security-toolbox)  [![open-issues](https://badgen.net/github/open-issues/z0ph/aws-security-toolbox)](https://badgen.net/github/open-issues/z0ph/aws-security-toolbox) [![closed-issues](https://badgen.net/github/closed-issues/z0ph/aws-security-toolbox)](https://badgen.net/github/closed-issues/z0ph/aws-security-toolbox) |\n| **[iam-lint](https://github.com/xen0l/iam-lint)** | Github action for linting AWS IAM policy documents for correctness and possible security issues |[![stars](https://badgen.net/github/stars/xen0l/iam-lint)](https://badgen.net/github/stars/xen0l/iam-lint)| [![contributors](https://badgen.net/github/contributors/xen0l/iam-lint)](https://badgen.net/github/contributors/xen0l/iam-lint) [![watchers](https://badgen.net/github/watchers/xen0l/iam-lint)](https://badgen.net/github/watchers/xen0l/iam-lint) [![last-commit](https://badgen.net/github/last-commit/xen0l/iam-lint)](https://badgen.net/github/last-commit/xen0l/iam-lint) [![open-issues](https://badgen.net/github/open-issues/xen0l/iam-lint)](https://badgen.net/github/open-issues/xen0l/iam-lint) [![closed-issues](https://badgen.net/github/closed-issues/xen0l/iam-lint)](https://badgen.net/github/closed-issues/xen0l/iam-lint) |\n| **[aws-security-viz](https://github.com/anaynayak/aws-security-viz)** | A tool to visualize aws security groups. |[![stars](https://badgen.net/github/stars/anaynayak/aws-security-viz)](https://badgen.net/github/stars/anaynayak/aws-security-viz)| [![contributors](https://badgen.net/github/contributors/anaynayak/aws-security-viz)](https://badgen.net/github/contributors/anaynayak/aws-security-viz) [![watchers](https://badgen.net/github/watchers/anaynayak/aws-security-viz)](https://badgen.net/github/watchers/anaynayak/aws-security-viz) [![last-commit](https://badgen.net/github/last-commit/anaynayak/aws-security-viz)](https://badgen.net/github/last-commit/anaynayak/aws-security-viz) [![open-issues](https://badgen.net/github/open-issues/anaynayak/aws-security-viz)](https://badgen.net/github/open-issues/anaynayak/aws-security-viz) [![closed-issues](https://badgen.net/github/closed-issues/anaynayak/aws-security-viz)](https://badgen.net/github/closed-issues/anaynayak/aws-security-viz) |\n| **[AirIAM](https://github.com/bridgecrewio/AirIAM)** | Least privilege AWS IAM using Terraform |[![stars](https://badgen.net/github/stars/bridgecrewio/AirIAM)](https://badgen.net/github/stars/bridgecrewio/AirIAM)| [![contributors](https://badgen.net/github/contributors/bridgecrewio/AirIAM)](https://badgen.net/github/contributors/bridgecrewio/AirIAM) [![watchers](https://badgen.net/github/watchers/bridgecrewio/AirIAM)](https://badgen.net/github/watchers/bridgecrewio/AirIAM) [![last-commit](https://badgen.net/github/last-commit/bridgecrewio/AirIAM)](https://badgen.net/github/last-commit/bridgecrewio/AirIAM) [![open-issues](https://badgen.net/github/open-issues/bridgecrewio/AirIAM)](https://badgen.net/github/open-issues/bridgecrewio/AirIAM) [![closed-issues](https://badgen.net/github/closed-issues/bridgecrewio/AirIAM)](https://badgen.net/github/closed-issues/bridgecrewio/AirIAM) |\n| **[Cloudsplaining](https://github.com/salesforce/cloudsplaining)** | AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized HTML report. |[![stars](https://badgen.net/github/stars/salesforce/cloudsplaining)](https://badgen.net/github/stars/salesforce/cloudsplaining)| [![contributors](https://badgen.net/github/contributors/salesforce/cloudsplaining)](https://badgen.net/github/contributors/salesforce/cloudsplaining) [![watchers](https://badgen.net/github/watchers/salesforce/cloudsplaining)](https://badgen.net/github/watchers/salesforce/cloudsplaining) [![last-commit](https://badgen.net/github/last-commit/salesforce/cloudsplaining)](https://badgen.net/github/last-commit/salesforce/cloudsplaining) [![open-issues](https://badgen.net/github/open-issues/salesforce/cloudsplaining)](https://badgen.net/github/open-issues/salesforce/cloudsplaining) [![closed-issues](https://badgen.net/github/closed-issues/salesforce/cloudsplaining)](https://badgen.net/github/closed-issues/salesforce/cloudsplaining) |\n| **[iam-policy-generator](https://github.com/aletheia/iam-policy-generator)** | A simple library to generate IAM policy statements with no need to remember all the actions APIs | [![stars](https://badgen.net/github/stars/aletheia/iam-policy-generator)](https://badgen.net/github/stars/aletheia/iam-policy-generator) | [![contributors](https://badgen.net/github/contributors/aletheia/iam-policy-generator)](https://badgen.net/github/contributors/aletheia/iam-policy-generator) [![watchers](https://badgen.net/github/watchers/aletheia/iam-policy-generator)](https://badgen.net/github/watchers/aletheia/iam-policy-generator) [![last-commit](https://badgen.net/github/last-commit/aletheia/iam-policy-generator)](https://badgen.net/github/last-commit/aletheia/iam-policy-generator) [![open-issues](https://badgen.net/github/open-issues/aletheia/iam-policy-generator)](https://badgen.net/github/open-issues/aletheia/iam-policy-generator) [![closed-issues](https://badgen.net/github/closed-issues/aletheia/iam-policy-generator)](https://badgen.net/github/closed-issues/aletheia/iam-policy-generator) |\n| **[SkyWrapper](https://github.com/cyberark/SkyWrapper)** | SkyWrapper helps to discover suspicious creation forms and uses of temporary tokens in AWS | [![stars](https://badgen.net/github/stars/cyberark/SkyWrapper)](https://badgen.net/github/stars/cyberark/SkyWrapper) | [![contributors](https://badgen.net/github/contributors/cyberark/SkyWrapper)](https://badgen.net/github/contributors/cyberark/SkyWrapper) [![watchers](https://badgen.net/github/watchers/cyberark/SkyWrapper)](https://badgen.net/github/watchers/cyberark/SkyWrapper) [![last-commit](https://badgen.net/github/last-commit/cyberark/SkyWrapper)](https://badgen.net/github/last-commit/cyberark/SkyWrapper) [![open-issues](https://badgen.net/github/open-issues/cyberark/SkyWrapper)](https://badgen.net/github/open-issues/cyberark/SkyWrapper) [![closed-issues](https://badgen.net/github/closed-issues/cyberark/SkyWrapper)](https://badgen.net/github/closed-issues/cyberark/SkyWrapper) |\n| **[aws-recon](https://github.com/darkbitio/aws-recon)** | Multi-threaded AWS inventory collection tool | [![stars](https://badgen.net/github/stars/darkbitio/aws-recon)](https://badgen.net/github/stars/darkbitio/aws-recon) | [![contributors](https://badgen.net/github/contributors/darkbitio/aws-recon)](https://badgen.net/github/contributors/darkbitio/aws-recon) [![watchers](https://badgen.net/github/watchers/darkbitio/aws-recon)](https://badgen.net/github/watchers/darkbitio/aws-recon) [![last-commit](https://badgen.net/github/last-commit/darkbitio/aws-recon)](https://badgen.net/github/last-commit/darkbitio/aws-recon) [![open-issues](https://badgen.net/github/open-issues/darkbitio/aws-recon)](https://badgen.net/github/open-issues/darkbitio/aws-recon) [![closed-issues](https://badgen.net/github/closed-issues/darkbitio/aws-recon)](https://badgen.net/github/closed-issues/darkbitio/aws-recon) |\n| **[iam-policies-cli](https://github.com/mhlabs/iam-policies-cli)** | A CLI tool for building simple to complex IAM policies | [![stars](https://badgen.net/github/stars/mhlabs/iam-policies-cli)](https://badgen.net/github/stars/mhlabs/iam-policies-cli) | [![contributors](https://badgen.net/github/contributors/mhlabs/iam-policies-cli)](https://badgen.net/github/contributors/mhlabs/iam-policies-cli) [![watchers](https://badgen.net/github/watchers/mhlabs/iam-policies-cli)](https://badgen.net/github/watchers/mhlabs/iam-policies-cli) [![last-commit](https://badgen.net/github/last-commit/mhlabs/iam-policies-cli)](https://badgen.net/github/last-commit/mhlabs/iam-policies-cli) [![open-issues](https://badgen.net/github/open-issues/mhlabs/iam-policies-cli)](https://badgen.net/github/open-issues/mhlabs/iam-policies-cli) [![closed-issues](https://badgen.net/github/closed-issues/mhlabs/iam-policies-cli)](https://badgen.net/github/closed-issues/mhlabs/iam-policies-cli) |\n| **[Aaia](https://github.com/rams3sh/Aaia)** | AWS Identity and Access Management Visualizer and Anomaly Finder | [![stars](https://badgen.net/github/stars/rams3sh/Aaia)](https://badgen.net/github/stars/rams3sh/Aaia) | [![contributors](https://badgen.net/github/contributors/rams3sh/Aaia)](https://badgen.net/github/contributors/rams3sh/Aaia) [![watchers](https://badgen.net/github/watchers/rams3sh/Aaia)](https://badgen.net/github/watchers/rams3sh/Aaia) [![last-commit](https://badgen.net/github/last-commit/rams3sh/Aaia)](https://badgen.net/github/last-commit/rams3sh/Aaia) [![open-issues](https://badgen.net/github/open-issues/rams3sh/Aaia)](https://badgen.net/github/open-issues/rams3sh/Aaia) [![closed-issues](https://badgen.net/github/closed-issues/rams3sh/Aaia)](https://badgen.net/github/closed-issues/rams3sh/Aaia) |\n| **[iam-floyd](https://github.com/udondan/iam-floyd)** | IAM policy statement generator with fluent interface - Available for Node.js, Python, .Net and Java | [![stars](https://badgen.net/github/stars/udondan/iam-floyd)](https://badgen.net/github/stars/udondan/iam-floyd) | [![contributors](https://badgen.net/github/contributors/udondan/iam-floyd)](https://badgen.net/github/contributors/udondan/iam-floyd) [![watchers](https://badgen.net/github/watchers/udondan/iam-floyd)](https://badgen.net/github/watchers/udondan/iam-floyd) [![last-commit](https://badgen.net/github/last-commit/udondan/iam-floyd)](https://badgen.net/github/last-commit/udondan/iam-floyd) [![open-issues](https://badgen.net/github/open-issues/udondan/iam-floyd)](https://badgen.net/github/open-issues/udondan/iam-floyd) [![closed-issues](https://badgen.net/github/closed-issues/udondan/iam-floyd)](https://badgen.net/github/closed-issues/udondan/iam-floyd) |\n| **[rpCheckup](https://github.com/goldfiglabs/rpCheckup)** | AWS resource policy security checkup tool that identifies public, external account access, intra-org account access, and private resources. | [![stars](https://badgen.net/github/stars/goldfiglabs/rpCheckup)](https://badgen.net/github/stars/goldfiglabs/rpCheckup) | [![contributors](https://badgen.net/github/contributors/goldfiglabs/rpCheckup)](https://badgen.net/github/contributors/goldfiglabs/rpCheckup) [![watchers](https://badgen.net/github/watchers/goldfiglabs/rpCheckup)](https://badgen.net/github/watchers/goldfiglabs/rpCheckup) [![last-commit](https://badgen.net/github/last-commit/goldfiglabs/rpCheckup)](https://badgen.net/github/last-commit/goldfiglabs/rpCheckup) [![open-issues](https://badgen.net/github/open-issues/goldfiglabs/rpCheckup)](https://badgen.net/github/open-issues/goldfiglabs/rpCheckup) [![closed-issues](https://badgen.net/github/closed-issues/goldfiglabs/rpCheckup)](https://badgen.net/github/closed-issues/goldfiglabs/rpCheckup) |\n| **[S3 Exif Cleaner](https://github.com/seisvelas/S3-Exif-Cleaner)** | Remove EXIF data from all objects in an S3 bucket |[![stars](https://badgen.net/github/stars/seisvelas/S3-Exif-Cleaner)](https://badgen.net/github/stars/seisvelas/S3-Exif-Cleaner)| [![contributors](https://badgen.net/github/contributors/seisvelas/S3-Exif-Cleaner)](https://badgen.net/github/contributors/seisvelas/S3-Exif-Cleaner)[![watchers](https://badgen.net/github/watchers/seisvelas/S3-Exif-Cleaner)](https://badgen.net/github/watchers/seisvelas/S3-Exif-Cleaner)[![last-commit](https://badgen.net/github/last-commit/seisvelas/S3-Exif-Cleaner)](https://badgen.net/github/last-commit/seisvelas/S3-Exif-Cleaner) [![open-issues](https://badgen.net/github/open-issues/seisvelas/S3-Exif-Cleaner)](https://badgen.net/github/open-issues/seisvelas/S3-Exif-Cleaner) [![closed-issues](https://badgen.net/github/closed-issues/seisvelas/S3-Exif-Cleaner)](https://badgen.net/github/closed-issues/seisvelas/S3-Exif-Cleaner) |\n| **[Steampipe](https://github.com/turbot/steampipe)** | Use SQL to instantly query your cloud services (AWS, Azure, GCP and more). Open source CLI. No DB required. (SQL) |[![stars](https://badgen.net/github/stars/turbot/steampipe)](https://badgen.net/github/stars/turbot/steampipe)| [![contributors](https://badgen.net/github/contributors/turbot/steampipe)](https://badgen.net/github/contributors/turbot/steampipe)[![watchers](https://badgen.net/github/watchers/turbot/steampipe)](https://badgen.net/github/watchers/turbot/steampipe)[![last-commit](https://badgen.net/github/last-commit/turbot/steampipe/main)](https://badgen.net/github/last-commit/turbot/steampipe/main) [![open-issues](https://badgen.net/github/open-issues/turbot/steampipe)](https://badgen.net/github/open-issues/turbot/steampipe) [![closed-issues](https://badgen.net/github/closed-issues/turbot/steampipe)](https://badgen.net/github/closed-issues/turbot/steampipe) |\n| **[access-undenied-aws](https://github.com/ermetic/access-undenied-aws)** | Parses AWS AccessDenied CloudTrail events, explains the reasons for them, and offers actionable remediation steps. |  [![stars](https://badgen.net/github/stars/ermetic/access-undenied-aws)](https://badgen.net/github/stars/ermetic/access-undenied-aws) | [![contributors](https://badgen.net/github/contributors/ermetic/access-undenied-aws)](https://badgen.net/github/contributors/ermetic/access-undenied-aws) [![watchers](https://badgen.net/github/watchers/ermetic/access-undenied-aws)](https://badgen.net/github/watchers/ermetic/access-undenied-aws) [![last-commit](https://badgen.net/github/last-commit/ermetic/access-undenied-aws)](https://badgen.net/github/last-commit/ermetic/access-undenied-aws) [![open-issues](https://badgen.net/github/open-issues/ermetic/access-undenied-aws)](https://badgen.net/github/open-issues/ermetic/access-undenied-aws) [![closed-issues](https://badgen.net/github/closed-issues/ermetic/access-undenied-aws)](https://badgen.net/github/closed-issues/ermetic/access-undenied-aws) |\n| **[Metabadger](https://github.com/salesforce/metabadger)** | Prevent SSRF attacks on AWS EC2 via automated upgrades to the more secure Instance Metadata Service v2 (IMDSv2). |[![stars](https://badgen.net/github/stars/salesforce/metabadger)](https://badgen.net/github/stars/salesforce/metabadger)| [![contributors](https://badgen.net/github/contributors/salesforce/metabadger)](https://badgen.net/github/contributors/salesforce/metabadger)[![watchers](https://badgen.net/github/watchers/salesforce/metabadger)](https://badgen.net/github/watchers/salesforce/metabadger)[![last-commit](https://badgen.net/github/last-commit/salesforce/metabadger/main)](https://badgen.net/github/last-commit/salesforce/metabadger) [![open-issues](https://badgen.net/github/open-issues/salesforce/metabadger)](https://badgen.net/github/open-issues/salesforce/metabadger) [![closed-issues](https://badgen.net/github/closed-issues/salesforce/metabadger)](https://badgen.net/github/closed-issues/salesforce/metabadger) |\n| **[AWS-Firewall Factory](https://github.com/globaldatanet/aws-firewall-factory)** | Deploy, update, and stage your WAFs while managing them centrally via FMS (CDK) |[![stars](https://badgen.net/github/stars/globaldatanet/aws-firewall-factory)](https://badgen.net/github/stars/globaldatanet/aws-firewall-factory)| [![contributors](https://badgen.net/github/contributors/globaldatanet/aws-firewall-factory)](https://badgen.net/github/contributors/globaldatanet/aws-firewall-factory) [![watchers](https://badgen.net/github/watchers/globaldatanet/aws-firewall-factory)](https://badgen.net/github/watchers/globaldatanet/aws-firewall-factory) [![last-commit](https://badgen.net/github/last-commit/globaldatanet/aws-firewall-factory)](https://badgen.net/github/last-commit/globaldatanet/aws-firewall-factory) [![open-issues](https://badgen.net/github/open-issues/globaldatanet/aws-firewall-factory)](https://badgen.net/github/open-issues/globaldatanet/aws-firewall-factory) [![closed-issues](https://badgen.net/github/closed-issues/globaldatanet/aws-firewall-factory)](https://badgen.net/github/closed-issues/globaldatanet/aws-firewall-factory) |\n| **[IAMSpy](https://github.com/WithSecureLabs/IAMSpy)** | A library that utilises the Z3 prover to attempt to answer questions about AWS IAM. |[![stars](https://badgen.net/github/stars/WithSecureLabs/IAMSpy)](https://badgen.net/github/stars/WithSecureLabs/IAMSpy)| [![contributors](https://badgen.net/github/contributors/WithSecureLabs/IAMSpy)](https://badgen.net/github/contributors/WithSecureLabs/IAMSpy) [![watchers](https://badgen.net/github/watchers/WithSecureLabs/IAMSpy)](https://badgen.net/github/watchers/WithSecureLabs/IAMSpy) [![last-commit](https://badgen.net/github/last-commit/WithSecureLabs/IAMSpy)](https://badgen.net/github/last-commit/WithSecureLabs/IAMSpy) [![open-issues](https://badgen.net/github/open-issues/WithSecureLabs/IAMSpy)](https://badgen.net/github/open-issues/WithSecureLabs/IAMSpy) [![closed-issues](https://badgen.net/github/closed-issues/WithSecureLabs/IAMSpy)](https://badgen.net/github/closed-issues/WithSecureLabs/IAMSpy) |\n| **[nuvola](https://github.com/primait/nuvola)** | Dump and perform automatic and manual security analysis on AWS environments configurations and services using predefined, extensible and custom rules created using a simple Yaml syntax |[![stars](https://badgen.net/github/stars/primait/nuvola)](https://badgen.net/github/stars/primait/nuvola)| [![contributors](https://badgen.net/github/contributors/primait/nuvola)](https://badgen.net/github/contributors/primait/nuvola)[![watchers](https://badgen.net/github/watchers/primait/nuvola)](https://badgen.net/github/watchers/primait/nuvola)[![last-commit](https://badgen.net/github/last-commit/primait/nuvola)](https://badgen.net/github/last-commit/primait/nuvola) [![open-issues](https://badgen.net/github/open-issues/primait/nuvola)](https://badgen.net/github/open-issues/primait/nuvola) [![closed-issues](https://badgen.net/github/closed-issues/primait/nuvola)](https://badgen.net/github/closed-issues/primait/nuvola) |\n| **[aws-security-architectures](https://github.com/cjsrkd3321/aws-security-architectures)** | Architectures for AWS security. (Detect, Alarm, Macie, etc.) Many architectures will be added in the future. |[![stars](https://badgen.net/github/stars/cjsrkd3321/aws-security-architectures)](https://badgen.net/github/stars/cjsrkd3321/aws-security-architectures)| [![contributors](https://badgen.net/github/contributors/cjsrkd3321/aws-security-architectures)](https://badgen.net/github/contributors/cjsrkd3321/aws-security-architectures) [![watchers](https://badgen.net/github/watchers/cjsrkd3321/aws-security-architectures)](https://badgen.net/github/watchers/cjsrkd3321/aws-security-architectures) [![last-commit](https://badgen.net/github/last-commit/cjsrkd3321/aws-security-architectures)](https://badgen.net/github/last-commit/cjsrkd3321/aws-security-architectures) [![open-issues](https://badgen.net/github/open-issues/cjsrkd3321/aws-security-architectures)](https://badgen.net/github/open-issues/cjsrkd3321/aws-security-architectures) [![closed-issues](https://badgen.net/github/closed-issues/cjsrkd3321/aws-security-architectures)](https://badgen.net/github/closed-issues/cjsrkd3321/aws-security-architectures) |\n| **[MetaHub for AWS Security Hub](https://github.com/gabrielsoltz/metahub)** | MetaHub is the CLI utility for AWS Security Hub which provides you with extra functionality like grouping your findings by affected reources, executing MetaChecks and MetaTags directly in the affected resource for enriching your findings, filters on top of MetaChecks and MetaTags, different reports like CSV, JSON and HTML, bulk updates, and enriching your findings directly in AWS Security Hub. | [![stars](https://badgen.net/github/stars/gabrielsoltz/metahub)](https://badgen.net/github/stars/gabrielsoltz/metahub) | [![contributors](https://badgen.net/github/contributors/gabrielsoltz/metahub)](https://badgen.net/github/contributors/gabrielsoltz/metahub)  [![watchers](https://badgen.net/github/watchers/gabrielsoltz/metahub)](https://badgen.net/github/watchers/gabrielsoltz/metahub)  [![last-commit](https://badgen.net/github/last-commit/gabrielsoltz/metahub)](https://badgen.net/github/last-commit/gabrielsoltz/metahub) [![open-issues](https://badgen.net/github/open-issues/gabrielsoltz/metahub)](https://badgen.net/github/open-issues/gabrielsoltz/metahub) [![closed-issues](https://badgen.net/github/closed-issues/gabrielsoltz/metahub)](https://badgen.net/github/closed-issues/gabrielsoltz/metahub) |\n| **[Matano](https://github.com/matanolabs/matano)** | Matano is an open source cloud-native security lake platform (SIEM alternative) for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS.  | [![stars](https://badgen.net/github/stars/matanolabs/matano)](https://badgen.net/github/stars/matanolabs/matano) | [![contributors](https://badgen.net/github/contributors/matanolabs/matano)](https://badgen.net/github/contributors/matanolabs/matano)  [![watchers](https://badgen.net/github/watchers/matanolabs/matano)](https://badgen.net/github/watchers/matanolabs/matano)  [![last-commit](https://badgen.net/github/last-commit/matanolabs/matano)](https://badgen.net/github/last-commit/matanolabs/matano) [![open-issues](https://badgen.net/github/open-issues/matanolabs/matano)](https://badgen.net/github/open-issues/matanolabs/matano) [![closed-issues](https://badgen.net/github/closed-issues/matanolabs/matano)](https://badgen.net/github/closed-issues/matanolabs/matano) |\n| **[aws-list-resources](https://github.com/welldone-cloud/aws-list-resources)** | Uses the AWS Cloud Control API to list resources that are present in a given AWS account and region(s). Discovered resources are written to a JSON output file. | [![stars](https://badgen.net/github/stars/welldone-cloud/aws-list-resources)](https://badgen.net/github/stars/welldone-cloud/aws-list-resources) | [![contributors](https://badgen.net/github/contributors/welldone-cloud/aws-list-resources)](https://badgen.net/github/contributors/welldone-cloud/aws-list-resources)  [![watchers](https://badgen.net/github/watchers/welldone-cloud/aws-list-resources)](https://badgen.net/github/watchers/welldone-cloud/aws-list-resources)  [![last-commit](https://badgen.net/github/last-commit/welldone-cloud/aws-list-resources)](https://badgen.net/github/last-commit/welldone-cloud/aws-list-resources) [![open-issues](https://badgen.net/github/open-issues/welldone-cloud/aws-list-resources)](https://badgen.net/github/open-issues/welldone-cloud/aws-list-resources) [![closed-issues](https://badgen.net/github/closed-issues/welldone-cloud/aws-list-resources)](https://badgen.net/github/closed-issues/welldone-cloud/aws-list-resources) |\n| **[aws-summarize-account-activity](https://github.com/welldone-cloud/aws-summarize-account-activity)** | Analyzes CloudTrail data of a given AWS account and generates a summary of recently active IAM principals, API calls they made and regions that were used. The summary is written to a JSON output file and can optionally be visualized as PNG files. | [![stars](https://badgen.net/github/stars/welldone-cloud/aws-summarize-account-activity)](https://badgen.net/github/stars/welldone-cloud/aws-summarize-account-activity) | [![contributors](https://badgen.net/github/contributors/welldone-cloud/aws-summarize-account-activity)](https://badgen.net/github/contributors/welldone-cloud/aws-summarize-account-activity)  [![watchers](https://badgen.net/github/watchers/welldone-cloud/aws-summarize-account-activity)](https://badgen.net/github/watchers/welldone-cloud/aws-summarize-account-activity)  [![last-commit](https://badgen.net/github/last-commit/welldone-cloud/aws-summarize-account-activity)](https://badgen.net/github/last-commit/welldone-cloud/aws-summarize-account-activity) [![open-issues](https://badgen.net/github/open-issues/welldone-cloud/aws-summarize-account-activity)](https://badgen.net/github/open-issues/welldone-cloud/aws-summarize-account-activity) [![closed-issues](https://badgen.net/github/closed-issues/welldone-cloud/aws-summarize-account-activity)](https://badgen.net/github/closed-issues/welldone-cloud/aws-summarize-account-activity) |\n| **[aws-lint-iam-policies](https://github.com/welldone-cloud/aws-lint-iam-policies)** | Runs IAM policy linting checks against either a single AWS account or all accounts of an AWS Organization. Reports on policies that violate security best practices or contain errors. Supports both identity-based and resource-based policies. | [![stars](https://badgen.net/github/stars/welldone-cloud/aws-lint-iam-policies)](https://badgen.net/github/stars/welldone-cloud/aws-lint-iam-policies) | [![contributors](https://badgen.net/github/contributors/welldone-cloud/aws-lint-iam-policies)](https://badgen.net/github/contributors/welldone-cloud/aws-lint-iam-policies)  [![watchers](https://badgen.net/github/watchers/welldone-cloud/aws-lint-iam-policies)](https://badgen.net/github/watchers/welldone-cloud/aws-lint-iam-policies)  [![last-commit](https://badgen.net/github/last-commit/welldone-cloud/aws-lint-iam-policies)](https://badgen.net/github/last-commit/welldone-cloud/aws-lint-iam-policies) [![open-issues](https://badgen.net/github/open-issues/welldone-cloud/aws-lint-iam-policies)](https://badgen.net/github/open-issues/welldone-cloud/aws-lint-iam-policies) [![closed-issues](https://badgen.net/github/closed-issues/welldone-cloud/aws-lint-iam-policies)](https://badgen.net/github/closed-issues/welldone-cloud/aws-lint-iam-policies) |\n\n\n## Offensive\n| Name | Description | Popularity | Metadata |\n| ---------- | :---------- | :----------: | :----------: |\n| **[cloudfox](https://github.com/BishopFox/cloudfox)** | Find exploitable attack paths in cloud infrastructure |[![stars](https://badgen.net/github/stars/BishopFox/cloudfox)](https://badgen.net/github/stars/BishopFox/cloudfox)| [![contributors](https://badgen.net/github/contributors/BishopFox/cloudfox)](https://badgen.net/github/contributors/BishopFox/cloudfox)[![watchers](https://badgen.net/github/watchers/BishopFox/cloudfox)](https://badgen.net/github/watchers/BishopFox/cloudfox)[![last-commit](https://badgen.net/github/last-commit/BishopFox/cloudfox)](https://badgen.net/github/last-commit/BishopFox/cloudfox) [![open-issues](https://badgen.net/github/open-issues/BishopFox/cloudfox)](https://badgen.net/github/open-issues/BishopFox/cloudfox) [![closed-issues](https://badgen.net/github/closed-issues/BishopFox/cloudfox)](https://badgen.net/github/closed-issues/BishopFox/cloudfox) |\n| **[WeirdAAL](https://github.com/carnal0wnage/weirdAAL)** | AWS Attack Library |[![stars](https://badgen.net/github/stars/carnal0wnage/weirdAAL)](https://badgen.net/github/stars/carnal0wnage/weirdAAL)| [![contributors](https://badgen.net/github/contributors/carnal0wnage/weirdAAL)](https://badgen.net/github/contributors/carnal0wnage/weirdAAL)[![watchers](https://badgen.net/github/watchers/carnal0wnage/weirdAAL)](https://badgen.net/github/watchers/carnal0wnage/weirdAAL)[![last-commit](https://badgen.net/github/last-commit/carnal0wnage/weirdAAL)](https://badgen.net/github/last-commit/carnal0wnage/weirdAAL) [![open-issues](https://badgen.net/github/open-issues/carnal0wnage/weirdAAL)](https://badgen.net/github/open-issues/carnal0wnage/weirdAAL) [![closed-issues](https://badgen.net/github/closed-issues/carnal0wnage/weirdAAL)](https://badgen.net/github/closed-issues/carnal0wnage/weirdAAL) |\n| **[Pacu](https://github.com/RhinoSecurityLabs/pacu)** | AWS penetration testing toolkit |[![stars](https://badgen.net/github/stars/RhinoSecurityLabs/pacu)](https://badgen.net/github/stars/RhinoSecurityLabs/pacu)| [![contributors](https://badgen.net/github/contributors/RhinoSecurityLabs/pacu)](https://badgen.net/github/contributors/RhinoSecurityLabs/pacu)[![watchers](https://badgen.net/github/watchers/RhinoSecurityLabs/pacu)](https://badgen.net/github/watchers/RhinoSecurityLabs/pacu)[![last-commit](https://badgen.net/github/last-commit/RhinoSecurityLabs/pacu)](https://badgen.net/github/last-commit/RhinoSecurityLabs/pacu) [![open-issues](https://badgen.net/github/open-issues/RhinoSecurityLabs/pacu)](https://badgen.net/github/open-issues/RhinoSecurityLabs/pacu) [![closed-issues](https://badgen.net/github/closed-issues/RhinoSecurityLabs/pacu)](https://badgen.net/github/closed-issues/RhinoSecurityLabs/pacu) |\n| **[Cred Scanner](https://github.com/disruptops/cred_scanner)** | A simple file-based scanner to look for potential AWS access and secret keys in files  |[![stars](https://badgen.net/github/stars/disruptops/cred_scanner)](https://badgen.net/github/stars/disruptops/cred_scanner)| [![contributors](https://badgen.net/github/contributors/disruptops/cred_scanner)](https://badgen.net/github/contributors/disruptops/cred_scanner)[![watchers](https://badgen.net/github/watchers/disruptops/cred_scanner)](https://badgen.net/github/watchers/disruptops/cred_scanner)[![last-commit](https://badgen.net/github/last-commit/disruptops/cred_scanner)](https://badgen.net/github/last-commit/disruptops/cred_scanner) [![open-issues](https://badgen.net/github/open-issues/disruptops/cred_scanner)](https://badgen.net/github/open-issues/disruptops/cred_scanner) [![closed-issues](https://badgen.net/github/closed-issues/disruptops/cred_scanner)](https://badgen.net/github/closed-issues/disruptops/cred_scanner) |\n| **[AWS PWN](https://github.com/dagrz/aws_pwn)** | A collection of AWS penetration testing junk  |[![stars](https://badgen.net/github/stars/dagrz/aws_pwn)](https://badgen.net/github/stars/dagrz/aws_pwn)| [![contributors](https://badgen.net/github/contributors/dagrz/aws_pwn)](https://badgen.net/github/contributors/dagrz/aws_pwn)[![watchers](https://badgen.net/github/watchers/dagrz/aws_pwn)](https://badgen.net/github/watchers/dagrz/aws_pwn)[![last-commit](https://badgen.net/github/last-commit/dagrz/aws_pwn)](https://badgen.net/github/last-commit/dagrz/aws_pwn) [![open-issues](https://badgen.net/github/open-issues/dagrz/aws_pwn)](https://badgen.net/github/open-issues/dagrz/aws_pwn) [![closed-issues](https://badgen.net/github/closed-issues/dagrz/aws_pwn)](https://badgen.net/github/closed-issues/dagrz/aws_pwn) |\n| **[Cloudfrunt](https://github.com/MindPointGroup/cloudfrunt)** | A tool for identifying misconfigured CloudFront domains  |[![stars](https://badgen.net/github/stars/MindPointGroup/cloudfrunt)](https://badgen.net/github/stars/MindPointGroup/cloudfrunt)| [![contributors](https://badgen.net/github/contributors/MindPointGroup/cloudfrunt)](https://badgen.net/github/contributors/MindPointGroup/cloudfrunt)[![watchers](https://badgen.net/github/watchers/MindPointGroup/cloudfrunt)](https://badgen.net/github/watchers/MindPointGroup/cloudfrunt)[![last-commit](https://badgen.net/github/last-commit/MindPointGroup/cloudfrunt)](https://badgen.net/github/last-commit/MindPointGroup/cloudfrunt) [![open-issues](https://badgen.net/github/open-issues/MindPointGroup/cloudfrunt)](https://badgen.net/github/open-issues/MindPointGroup/cloudfrunt) [![closed-issues](https://badgen.net/github/closed-issues/MindPointGroup/cloudfrunt)](https://badgen.net/github/closed-issues/MindPointGroup/cloudfrunt) |\n| **[Cloudjack](https://github.com/prevade/cloudjack)** | Route53/CloudFront Vulnerability Assessment Utility  |[![stars](https://badgen.net/github/stars/prevade/cloudjack)](https://badgen.net/github/stars/prevade/cloudjack)| [![contributors](https://badgen.net/github/contributors/prevade/cloudjack)](https://badgen.net/github/contributors/prevade/cloudjack)[![watchers](https://badgen.net/github/watchers/prevade/cloudjack)](https://badgen.net/github/watchers/prevade/cloudjack)[![last-commit](https://badgen.net/github/last-commit/prevade/cloudjack)](https://badgen.net/github/last-commit/prevade/cloudjack) [![open-issues](https://badgen.net/github/open-issues/prevade/cloudjack)](https://badgen.net/github/open-issues/prevade/cloudjack) [![closed-issues](https://badgen.net/github/closed-issues/prevade/cloudjack)](https://badgen.net/github/closed-issues/prevade/cloudjack) |\n| **[Nimbostratus](https://github.com/andresriancho/nimbostratus)** | Tools for fingerprinting and exploiting Amazon cloud infrastructures  |[![stars](https://badgen.net/github/stars/andresriancho/nimbostratus)](https://badgen.net/github/stars/andresriancho/nimbostratus)| [![contributors](https://badgen.net/github/contributors/andresriancho/nimbostratus)](https://badgen.net/github/contributors/andresriancho/nimbostratus)[![watchers](https://badgen.net/github/watchers/andresriancho/nimbostratus)](https://badgen.net/github/watchers/andresriancho/nimbostratus)[![last-commit](https://badgen.net/github/last-commit/andresriancho/nimbostratus)](https://badgen.net/github/last-commit/andresriancho/nimbostratus) [![open-issues](https://badgen.net/github/open-issues/andresriancho/nimbostratus)](https://badgen.net/github/open-issues/andresriancho/nimbostratus) [![closed-issues](https://badgen.net/github/closed-issues/andresriancho/nimbostratus)](https://badgen.net/github/closed-issues/andresriancho/nimbostratus) |\n| **[GitLeaks](https://github.com/zricethezav/gitleaks)** | Audit git repos for secrets |[![stars](https://badgen.net/github/stars/zricethezav/gitleaks)](https://badgen.net/github/stars/zricethezav/gitleaks)| [![contributors](https://badgen.net/github/contributors/zricethezav/gitleaks)](https://badgen.net/github/contributors/zricethezav/gitleaks)[![watchers](https://badgen.net/github/watchers/zricethezav/gitleaks)](https://badgen.net/github/watchers/zricethezav/gitleaks)[![last-commit](https://badgen.net/github/last-commit/zricethezav/gitleaks)](https://badgen.net/github/last-commit/zricethezav/gitleaks) [![open-issues](https://badgen.net/github/open-issues/zricethezav/gitleaks)](https://badgen.net/github/open-issues/zricethezav/gitleaks) [![closed-issues](https://badgen.net/github/closed-issues/zricethezav/gitleaks)](https://badgen.net/github/closed-issues/zricethezav/gitleaks) |\n| **[TruffleHog](https://github.com/dxa4481/truffleHog)** | Searches through git repositories for high entropy strings and secrets  digging deep into commit history |[![stars](https://badgen.net/github/stars/dxa4481/truffleHog)](https://badgen.net/github/stars/dxa4481/truffleHog)| [![contributors](https://badgen.net/github/contributors/dxa4481/truffleHog)](https://badgen.net/github/contributors/dxa4481/truffleHog)[![watchers](https://badgen.net/github/watchers/dxa4481/truffleHog)](https://badgen.net/github/watchers/dxa4481/truffleHog)[![last-commit](https://badgen.net/github/last-commit/dxa4481/truffleHog)](https://badgen.net/github/last-commit/dxa4481/truffleHog) [![open-issues](https://badgen.net/github/open-issues/dxa4481/truffleHog)](https://badgen.net/github/open-issues/dxa4481/truffleHog) [![closed-issues](https://badgen.net/github/closed-issues/dxa4481/truffleHog)](https://badgen.net/github/closed-issues/dxa4481/truffleHog) |\n| **[DumpsterDiver](https://github.com/securing/DumpsterDiver)** | \"Tool to search secrets in various filetypes  like keys (e.g. AWS Access Key  Azure Share Key or SSH keys) or passwords.\" |[![stars](https://badgen.net/github/stars/securing/DumpsterDiver)](https://badgen.net/github/stars/securing/DumpsterDiver)| [![contributors](https://badgen.net/github/contributors/securing/DumpsterDiver)](https://badgen.net/github/contributors/securing/DumpsterDiver)[![watchers](https://badgen.net/github/watchers/securing/DumpsterDiver)](https://badgen.net/github/watchers/securing/DumpsterDiver)[![last-commit](https://badgen.net/github/last-commit/securing/DumpsterDiver)](https://badgen.net/github/last-commit/securing/DumpsterDiver) [![open-issues](https://badgen.net/github/open-issues/securing/DumpsterDiver)](https://badgen.net/github/open-issues/securing/DumpsterDiver) [![closed-issues](https://badgen.net/github/closed-issues/securing/DumpsterDiver)](https://badgen.net/github/closed-issues/securing/DumpsterDiver) |\n| **[Mad-King](https://github.com/ThreatResponse/mad-king)** | Proof of Concept Zappa Based AWS Persistence and Attack Platform |[![stars](https://badgen.net/github/stars/ThreatResponse/mad-king)](https://badgen.net/github/stars/ThreatResponse/mad-king)| [![contributors](https://badgen.net/github/contributors/ThreatResponse/mad-king)](https://badgen.net/github/contributors/ThreatResponse/mad-king)[![watchers](https://badgen.net/github/watchers/ThreatResponse/mad-king)](https://badgen.net/github/watchers/ThreatResponse/mad-king)[![last-commit](https://badgen.net/github/last-commit/ThreatResponse/mad-king)](https://badgen.net/github/last-commit/ThreatResponse/mad-king) [![open-issues](https://badgen.net/github/open-issues/ThreatResponse/mad-king)](https://badgen.net/github/open-issues/ThreatResponse/mad-king) [![closed-issues](https://badgen.net/github/closed-issues/ThreatResponse/mad-king)](https://badgen.net/github/closed-issues/ThreatResponse/mad-king) |\n| **[Cloud-Nuke](https://github.com/gruntwork-io/cloud-nuke)** | A tool for cleaning up your cloud accounts by nuking (deleting) all resources within it |[![stars](https://badgen.net/github/stars/gruntwork-io/cloud-nuke)](https://badgen.net/github/stars/gruntwork-io/cloud-nuke)| [![contributors](https://badgen.net/github/contributors/gruntwork-io/cloud-nuke)](https://badgen.net/github/contributors/gruntwork-io/cloud-nuke)[![watchers](https://badgen.net/github/watchers/gruntwork-io/cloud-nuke)](https://badgen.net/github/watchers/gruntwork-io/cloud-nuke)[![last-commit](https://badgen.net/github/last-commit/gruntwork-io/cloud-nuke)](https://badgen.net/github/last-commit/gruntwork-io/cloud-nuke) [![open-issues](https://badgen.net/github/open-issues/gruntwork-io/cloud-nuke)](https://badgen.net/github/open-issues/gruntwork-io/cloud-nuke) [![closed-issues](https://badgen.net/github/closed-issues/gruntwork-io/cloud-nuke)](https://badgen.net/github/closed-issues/gruntwork-io/cloud-nuke) |\n| **[MozDef - The Mozilla Defense Platform](https://github.com/mozilla/MozDef)** | The Mozilla Defense Platform (MozDef) seeks to automate the security incident handling process and facilitate the real-time activities of incident handlers. |[![stars](https://badgen.net/github/stars/mozilla/MozDef)](https://badgen.net/github/stars/mozilla/MozDef)| [![contributors](https://badgen.net/github/contributors/mozilla/MozDef)](https://badgen.net/github/contributors/mozilla/MozDef)[![watchers](https://badgen.net/github/watchers/mozilla/MozDef)](https://badgen.net/github/watchers/mozilla/MozDef)[![last-commit](https://badgen.net/github/last-commit/mozilla/MozDef)](https://badgen.net/github/last-commit/mozilla/MozDef) [![open-issues](https://badgen.net/github/open-issues/mozilla/MozDef)](https://badgen.net/github/open-issues/mozilla/MozDef) [![closed-issues](https://badgen.net/github/closed-issues/mozilla/MozDef)](https://badgen.net/github/closed-issues/mozilla/MozDef) |\n| **[Lambda-Proxy](https://github.com/puresec/lambda-proxy)** | A bridge between SQLMap and AWS Lambda  which lets you use SQLMap to natively test AWS Lambda functions for SQL Injection vulnerabilities. |[![stars](https://badgen.net/github/stars/puresec/lambda-proxy)](https://badgen.net/github/stars/puresec/lambda-proxy)| [![contributors](https://badgen.net/github/contributors/puresec/lambda-proxy)](https://badgen.net/github/contributors/puresec/lambda-proxy)[![watchers](https://badgen.net/github/watchers/puresec/lambda-proxy)](https://badgen.net/github/watchers/puresec/lambda-proxy)[![last-commit](https://badgen.net/github/last-commit/puresec/lambda-proxy)](https://badgen.net/github/last-commit/puresec/lambda-proxy) [![open-issues](https://badgen.net/github/open-issues/puresec/lambda-proxy)](https://badgen.net/github/open-issues/puresec/lambda-proxy) [![closed-issues](https://badgen.net/github/closed-issues/puresec/lambda-proxy)](https://badgen.net/github/closed-issues/puresec/lambda-proxy) |\n| **[CloudCopy](https://github.com/Static-Flow/CloudCopy)** | Cloud version of the Shadow Copy attack against domain controllers running in AWS using only the EC2:CreateSnapshot permission |[![stars](https://badgen.net/github/stars/Static-Flow/CloudCopy)](https://badgen.net/github/stars/Static-Flow/CloudCopy)| [![contributors](https://badgen.net/github/contributors/Static-Flow/CloudCopy)](https://badgen.net/github/contributors/Static-Flow/CloudCopy)[![watchers](https://badgen.net/github/watchers/Static-Flow/CloudCopy)](https://badgen.net/github/watchers/Static-Flow/CloudCopy)[![last-commit](https://badgen.net/github/last-commit/Static-Flow/CloudCopy)](https://badgen.net/github/last-commit/Static-Flow/CloudCopy) [![open-issues](https://badgen.net/github/open-issues/Static-Flow/CloudCopy)](https://badgen.net/github/open-issues/Static-Flow/CloudCopy) [![closed-issues](https://badgen.net/github/closed-issues/Static-Flow/CloudCopy)](https://badgen.net/github/closed-issues/Static-Flow/CloudCopy) |\n| **[enumerate-iam](https://github.com/andresriancho/enumerate-iam)** | Enumerate the permissions associated with AWS credential set |[![stars](https://badgen.net/github/stars/andresriancho/enumerate-iam)](https://badgen.net/github/stars/andresriancho/enumerate-iam)| [![contributors](https://badgen.net/github/contributors/andresriancho/enumerate-iam)](https://badgen.net/github/contributors/andresriancho/enumerate-iam)[![watchers](https://badgen.net/github/watchers/andresriancho/enumerate-iam)](https://badgen.net/github/watchers/andresriancho/enumerate-iam)[![last-commit](https://badgen.net/github/last-commit/andresriancho/enumerate-iam)](https://badgen.net/github/last-commit/andresriancho/enumerate-iam) [![open-issues](https://badgen.net/github/open-issues/andresriancho/enumerate-iam)](https://badgen.net/github/open-issues/andresriancho/enumerate-iam) [![closed-issues](https://badgen.net/github/closed-issues/andresriancho/enumerate-iam)](https://badgen.net/github/closed-issues/andresriancho/enumerate-iam) |\n| **[Barq](https://github.com/Voulnet/barq)** | A post-exploitation framework that allows you to easily perform attacks on a running AWS infrastructure |[![stars](https://badgen.net/github/stars/Voulnet/barq)](https://badgen.net/github/stars/Voulnet/barq)| [![contributors](https://badgen.net/github/contributors/Voulnet/barq)](https://badgen.net/github/contributors/Voulnet/barq)[![watchers](https://badgen.net/github/watchers/Voulnet/barq)](https://badgen.net/github/watchers/Voulnet/barq)[![last-commit](https://badgen.net/github/last-commit/Voulnet/barq)](https://badgen.net/github/last-commit/Voulnet/barq) [![open-issues](https://badgen.net/github/open-issues/Voulnet/barq)](https://badgen.net/github/open-issues/Voulnet/barq) [![closed-issues](https://badgen.net/github/closed-issues/Voulnet/barq)](https://badgen.net/github/closed-issues/Voulnet/barq) |\n| **[CCAT](https://github.com/RhinoSecurityLabs/ccat)** | Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments |[![stars](https://badgen.net/github/stars/RhinoSecurityLabs/ccat)](https://badgen.net/github/stars/RhinoSecurityLabs/ccat)| [![contributors](https://badgen.net/github/contributors/RhinoSecurityLabs/ccat)](https://badgen.net/github/contributors/RhinoSecurityLabs/ccat)[![watchers](https://badgen.net/github/watchers/RhinoSecurityLabs/ccat)](https://badgen.net/github/watchers/RhinoSecurityLabs/ccat)[![last-commit](https://badgen.net/github/last-commit/RhinoSecurityLabs/ccat)](https://badgen.net/github/last-commit/RhinoSecurityLabs/ccat) [![open-issues](https://badgen.net/github/open-issues/RhinoSecurityLabs/ccat)](https://badgen.net/github/open-issues/RhinoSecurityLabs/ccat) [![closed-issues](https://badgen.net/github/closed-issues/RhinoSecurityLabs/ccat)](https://badgen.net/github/closed-issues/RhinoSecurityLabs/ccat) |\n| **[Dufflebag](https://github.com/bishopfox/dufflebag)** | Search exposed EBS volumes for secrets | [![stars](https://badgen.net/github/stars/bishopfox/dufflebag)](https://badgen.net/github/stars/bishopfox/dufflebag) | [![contributors](https://badgen.net/github/contributors/bishopfox/dufflebag)](https://badgen.net/github/contributors/bishopfox/dufflebag) [![watchers](https://badgen.net/github/watchers/bishopfox/dufflebag)](https://badgen.net/github/watchers/bishopfox/dufflebag) [![last-commit](https://badgen.net/github/last-commit/bishopfox/dufflebag)](https://badgen.net/github/last-commit/bishopfox/dufflebag) [![open-issues](https://badgen.net/github/open-issues/bishopfox/dufflebag)](https://badgen.net/github/open-issues/bishopfox/dufflebag) [![closed-issues](https://badgen.net/github/closed-issues/bishopfox/dufflebag)](https://badgen.net/github/closed-issues/bishopfox/dufflebag) |\n| **[attack_range](https://github.com/splunk/attack_range)** | A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data into Splunk | [![stars](https://badgen.net/github/stars/splunk/attack_range)](https://badgen.net/github/stars/splunk/attack_range) | [![contributors](https://badgen.net/github/contributors/splunk/attack_range)](https://badgen.net/github/contributors/splunk/attack_range) [![watchers](https://badgen.net/github/watchers/splunk/attack_range)](https://badgen.net/github/watchers/splunk/attack_range) [![last-commit](https://badgen.net/github/last-commit/splunk/attack_range)](https://badgen.net/github/last-commit/splunk/attack_range) [![open-issues](https://badgen.net/github/open-issues/splunk/attack_range)](https://badgen.net/github/open-issues/splunk/attack_range) [![closed-issues](https://badgen.net/github/closed-issues/splunk/attack_range)](https://badgen.net/github/closed-issues/splunk/attack_range) |\n| **[whispers](https://github.com/Skyscanner/whispers)** | Identify hardcoded secrets and dangerous behaviours | [![stars](https://badgen.net/github/stars/Skyscanner/whispers)](https://badgen.net/github/stars/Skyscanner/whispers) | [![contributors](https://badgen.net/github/contributors/Skyscanner/whispers)](https://badgen.net/github/contributors/Skyscanner/whispers) [![watchers](https://badgen.net/github/watchers/Skyscanner/whispers)](https://badgen.net/github/watchers/Skyscanner/whispers) [![last-commit](https://badgen.net/github/last-commit/Skyscanner/whispers)](https://badgen.net/github/last-commit/Skyscanner/whispers) [![open-issues](https://badgen.net/github/open-issues/Skyscanner/whispers)](https://badgen.net/github/open-issues/Skyscanner/whispers) [![closed-issues](https://badgen.net/github/closed-issues/Skyscanner/whispers)](https://badgen.net/github/closed-issues/Skyscanner/whispers) |\n| **[Redboto](https://github.com/elitest/Redboto)** | Red Team AWS Scripts | [![stars](https://badgen.net/github/stars/elitest/Redboto)](https://badgen.net/github/stars/elitest/Redboto) | [![contributors](https://badgen.net/github/contributors/elitest/Redboto)](https://badgen.net/github/contributors/elitest/Redboto) [![watchers](https://badgen.net/github/watchers/elitest/Redboto)](https://badgen.net/github/watchers/elitest/Redboto) [![last-commit](https://badgen.net/github/last-commit/elitest/Redboto)](https://badgen.net/github/last-commit/elitest/Redboto) [![open-issues](https://badgen.net/github/open-issues/elitest/Redboto)](https://badgen.net/github/open-issues/elitest/Redboto) [![closed-issues](https://badgen.net/github/closed-issues/elitest/Redboto)](https://badgen.net/github/closed-issues/elitest/Redboto) |\n| **[CloudBrute](https://github.com/0xsha/cloudbrute)** | A tool to find a company (target) infrastructure, files, and apps on the top cloud providers | [![stars](https://badgen.net/github/stars/0xsha/cloudbrute)](https://badgen.net/github/stars/0xsha/cloudbrute) | [![contributors](https://badgen.net/github/contributors/0xsha/cloudbrute)](https://badgen.net/github/contributors/0xsha/cloudbrute) [![watchers](https://badgen.net/github/watchers/0xsha/cloudbrute)](https://badgen.net/github/watchers/0xsha/cloudbrute) [![last-commit](https://badgen.net/github/last-commit/0xsha/cloudbrute)](https://badgen.net/github/last-commit/0xsha/cloudbrute) [![open-issues](https://badgen.net/github/open-issues/0xsha/cloudbrute)](https://badgen.net/github/open-issues/0xsha/cloudbrute) [![closed-issues](https://badgen.net/github/closed-issues/0xsha/cloudbrute)](https://badgen.net/github/closed-issues/0xsha/cloudbrute) |\n\n## Purple Teaming & Adversary Emulation\n\n| Name | Description | Popularity | Metadata |\n| ---------- | :---------- | :----------: | :----------: |\n| **[Stratus Red Team](https://github.com/datadog/stratus-red-team)** | Granular, Actionable Adversary Emulation for the Cloud  | [![stars](https://badgen.net/github/stars/datadog/stratus-red-team)](https://badgen.net/github/stars/datadog/stratus-red-team) | [![contributors](https://badgen.net/github/contributors/datadog/stratus-red-team)](https://badgen.net/github/contributors/datadog/stratus-red-team) [![watchers](https://badgen.net/github/watchers/datadog/stratus-red-team)](https://badgen.net/github/watchers/datadog/stratus-red-team) [![last-commit](https://badgen.net/github/last-commit/datadog/stratus-red-team)](https://badgen.net/github/last-commit/datadog/stratus-red-team) [![open-issues](https://badgen.net/github/open-issues/datadog/stratus-red-team)](https://badgen.net/github/open-issues/datadog/stratus-red-team) [![closed-issues](https://badgen.net/github/closed-issues/datadog/stratus-red-team)](https://badgen.net/github/closed-issues/datadog/stratus-red-team) |\n| **[Leonidas](https://github.com/fsecurelabs/leonidas)** | Automated Attack Simulation in the Cloud complete with detection use cases.  | [![stars](https://badgen.net/github/stars/fsecurelabs/leonidas)](https://badgen.net/github/stars/fsecurelabs/leonidas) | [![contributors](https://badgen.net/github/contributors/fsecurelabs/leonidas)](https://badgen.net/github/contributors/fsecurelabs/leonidas) [![watchers](https://badgen.net/github/watchers/fsecurelabs/leonidas)](https://badgen.net/github/watchers/fsecurelabs/leonidas) [![last-commit](https://badgen.net/github/last-commit/fsecurelabs/leonidas)](https://badgen.net/github/last-commit/fsecurelabs/leonidas) [![open-issues](https://badgen.net/github/open-issues/fsecurelabs/leonidas)](https://badgen.net/github/open-issues/fsecurelabs/leonidas) [![closed-issues](https://badgen.net/github/closed-issues/fsecurelabs/leonidas)](https://badgen.net/github/closed-issues/fsecurelabs/leonidas) |\n| **[Amazon Guardduty Tester](https://github.com/awslabs/amazon-guardduty-tester)** | This script is used to generate some basic detections of the GuardDuty service | [![stars](https://badgen.net/github/stars/awslabs/amazon-guardduty-tester)](https://badgen.net/github/stars/awslabs/amazon-guardduty-tester) | [![contributors](https://badgen.net/github/contributors/awslabs/amazon-guardduty-tester)](https://badgen.net/github/contributors/awslabs/amazon-guardduty-tester) [![watchers](https://badgen.net/github/watchers/awslabs/amazon-guardduty-tester)](https://badgen.net/github/watchers/awslabs/amazon-guardduty-tester) [![last-commit](https://badgen.net/github/last-commit/awslabs/amazon-guardduty-tester)](https://badgen.net/github/last-commit/awslabs/amazon-guardduty-tester) [![open-issues](https://badgen.net/github/open-issues/awslabs/amazon-guardduty-tester)](https://badgen.net/github/open-issues/awslabs/amazon-guardduty-tester) [![closed-issues](https://badgen.net/github/closed-issues/awslabs/amazon-guardduty-tester)](https://badgen.net/github/closed-issues/awslabs/amazon-guardduty-tester) |\n\n## Continuous Security Auditing\n| Name | Description | Popularity | Metadata |\n| ---------- | :---------- | :----------: | :----------: |\n| **[Security Monkey](https://github.com/Netflix/security_monkey)** |  |[![stars](https://badgen.net/github/stars/Netflix/security_monkey)](https://badgen.net/github/stars/Netflix/security_monkey)| [![contributors](https://badgen.net/github/contributors/Netflix/security_monkey)](https://badgen.net/github/contributors/Netflix/security_monkey)[![watchers](https://badgen.net/github/watchers/Netflix/security_monkey)](https://badgen.net/github/watchers/Netflix/security_monkey)[![last-commit](https://badgen.net/github/last-commit/Netflix/security_monkey)](https://badgen.net/github/last-commit/Netflix/security_monkey) [![open-issues](https://badgen.net/github/open-issues/Netflix/security_monkey)](https://badgen.net/github/open-issues/Netflix/security_monkey) [![closed-issues](https://badgen.net/github/closed-issues/Netflix/security_monkey)](https://badgen.net/github/closed-issues/Netflix/security_monkey) |\n| **[Krampus](https://github.com/sendgrid/krampus)** |  |[![stars](https://badgen.net/github/stars/sendgrid/krampus)](https://badgen.net/github/stars/sendgrid/krampus)| [![contributors](https://badgen.net/github/contributors/sendgrid/krampus)](https://badgen.net/github/contributors/sendgrid/krampus)[![watchers](https://badgen.net/github/watchers/sendgrid/krampus)](https://badgen.net/github/watchers/sendgrid/krampus)[![last-commit](https://badgen.net/github/last-commit/sendgrid/krampus)](https://badgen.net/github/last-commit/sendgrid/krampus) [![open-issues](https://badgen.net/github/open-issues/sendgrid/krampus)](https://badgen.net/github/open-issues/sendgrid/krampus) [![closed-issues](https://badgen.net/github/closed-issues/sendgrid/krampus)](https://badgen.net/github/closed-issues/sendgrid/krampus) |\n| **[Cloud Inquisitor](https://github.com/RiotGames/cloud-inquisitor)** |  |[![stars](https://badgen.net/github/stars/RiotGames/cloud-inquisitor)](https://badgen.net/github/stars/RiotGames/cloud-inquisitor)| [![contributors](https://badgen.net/github/contributors/RiotGames/cloud-inquisitor)](https://badgen.net/github/contributors/RiotGames/cloud-inquisitor)[![watchers](https://badgen.net/github/watchers/RiotGames/cloud-inquisitor)](https://badgen.net/github/watchers/RiotGames/cloud-inquisitor)[![last-commit](https://badgen.net/github/last-commit/RiotGames/cloud-inquisitor)](https://badgen.net/github/last-commit/RiotGames/cloud-inquisitor) [![open-issues](https://badgen.net/github/open-issues/RiotGames/cloud-inquisitor)](https://badgen.net/github/open-issues/RiotGames/cloud-inquisitor) [![closed-issues](https://badgen.net/github/closed-issues/RiotGames/cloud-inquisitor)](https://badgen.net/github/closed-issues/RiotGames/cloud-inquisitor) |\n| **[Disable keys after X days](https://github.com/te-papa/aws-key-disabler)** |  |[![stars](https://badgen.net/github/stars/te-papa/aws-key-disabler)](https://badgen.net/github/stars/te-papa/aws-key-disabler)| [![contributors](https://badgen.net/github/contributors/te-papa/aws-key-disabler)](https://badgen.net/github/contributors/te-papa/aws-key-disabler)[![watchers](https://badgen.net/github/watchers/te-papa/aws-key-disabler)](https://badgen.net/github/watchers/te-papa/aws-key-disabler)[![last-commit](https://badgen.net/github/last-commit/te-papa/aws-key-disabler)](https://badgen.net/github/last-commit/te-papa/aws-key-disabler) [![open-issues](https://badgen.net/github/open-issues/te-papa/aws-key-disabler)](https://badgen.net/github/open-issues/te-papa/aws-key-disabler) [![closed-issues](https://badgen.net/github/closed-issues/te-papa/aws-key-disabler)](https://badgen.net/github/closed-issues/te-papa/aws-key-disabler) |\n| **[Repokid Least Privilege](https://github.com/Netflix/repokid)** |  |[![stars](https://badgen.net/github/stars/Netflix/repokid)](https://badgen.net/github/stars/Netflix/repokid)| [![contributors](https://badgen.net/github/contributors/Netflix/repokid)](https://badgen.net/github/contributors/Netflix/repokid)[![watchers](https://badgen.net/github/watchers/Netflix/repokid)](https://badgen.net/github/watchers/Netflix/repokid)[![last-commit](https://badgen.net/github/last-commit/Netflix/repokid)](https://badgen.net/github/last-commit/Netflix/repokid) [![open-issues](https://badgen.net/github/open-issues/Netflix/repokid)](https://badgen.net/github/open-issues/Netflix/repokid) [![closed-issues](https://badgen.net/github/closed-issues/Netflix/repokid)](https://badgen.net/github/closed-issues/Netflix/repokid) |\n| **[Wazuh CloudTrail module](https://github.com/wazuh/wazuh)** |  |[![stars](https://badgen.net/github/stars/wazuh/wazuh)](https://badgen.net/github/stars/wazuh/wazuh)| [![contributors](https://badgen.net/github/contributors/wazuh/wazuh)](https://badgen.net/github/contributors/wazuh/wazuh)[![watchers](https://badgen.net/github/watchers/wazuh/wazuh)](https://badgen.net/github/watchers/wazuh/wazuh)[![last-commit](https://badgen.net/github/last-commit/wazuh/wazuh)](https://badgen.net/github/last-commit/wazuh/wazuh) [![open-issues](https://badgen.net/github/open-issues/wazuh/wazuh)](https://badgen.net/github/open-issues/wazuh/wazuh) [![closed-issues](https://badgen.net/github/closed-issues/wazuh/wazuh)](https://badgen.net/github/closed-issues/wazuh/wazuh) |\n| **[Hammer](https://github.com/dowjones/hammer)** |  |[![stars](https://badgen.net/github/stars/dowjones/hammer)](https://badgen.net/github/stars/dowjones/hammer)| [![contributors](https://badgen.net/github/contributors/dowjones/hammer)](https://badgen.net/github/contributors/dowjones/hammer)[![watchers](https://badgen.net/github/watchers/dowjones/hammer)](https://badgen.net/github/watchers/dowjones/hammer)[![last-commit](https://badgen.net/github/last-commit/dowjones/hammer)](https://badgen.net/github/last-commit/dowjones/hammer) [![open-issues](https://badgen.net/github/open-issues/dowjones/hammer)](https://badgen.net/github/open-issues/dowjones/hammer) [![closed-issues](https://badgen.net/github/closed-issues/dowjones/hammer)](https://badgen.net/github/closed-issues/dowjones/hammer) |\n| **[Streamalert](https://github.com/airbnb/streamalert)** |  |[![stars](https://badgen.net/github/stars/airbnb/streamalert)](https://badgen.net/github/stars/airbnb/streamalert)| [![contributors](https://badgen.net/github/contributors/airbnb/streamalert)](https://badgen.net/github/contributors/airbnb/streamalert)[![watchers](https://badgen.net/github/watchers/airbnb/streamalert)](https://badgen.net/github/watchers/airbnb/streamalert)[![last-commit](https://badgen.net/github/last-commit/airbnb/streamalert)](https://badgen.net/github/last-commit/airbnb/streamalert) [![open-issues](https://badgen.net/github/open-issues/airbnb/streamalert)](https://badgen.net/github/open-issues/airbnb/streamalert) [![closed-issues](https://badgen.net/github/closed-issues/airbnb/streamalert)](https://badgen.net/github/closed-issues/airbnb/streamalert) |\n| **[Billing Alerts CFN templates](https://github.com/btkrausen/AWS)** |  |[![stars](https://badgen.net/github/stars/btkrausen/AWS)](https://badgen.net/github/stars/btkrausen/AWS)| [![contributors](https://badgen.net/github/contributors/btkrausen/AWS)](https://badgen.net/github/contributors/btkrausen/AWS)[![watchers](https://badgen.net/github/watchers/btkrausen/AWS)](https://badgen.net/github/watchers/btkrausen/AWS)[![last-commit](https://badgen.net/github/last-commit/btkrausen/AWS)](https://badgen.net/github/last-commit/btkrausen/AWS) [![open-issues](https://badgen.net/github/open-issues/btkrausen/AWS)](https://badgen.net/github/open-issues/btkrausen/AWS) [![closed-issues](https://badgen.net/github/closed-issues/btkrausen/AWS)](https://badgen.net/github/closed-issues/btkrausen/AWS) |\n| **[Watchmen](https://github.com/iagcl/watchmen)** | AWS account compliance using centrally managed Config Rules |[![stars](https://badgen.net/github/stars/iagcl/watchmen)](https://badgen.net/github/stars/iagcl/watchmen)| [![contributors](https://badgen.net/github/contributors/iagcl/watchmen)](https://badgen.net/github/contributors/iagcl/watchmen)[![watchers](https://badgen.net/github/watchers/iagcl/watchmen)](https://badgen.net/github/watchers/iagcl/watchmen)[![last-commit](https://badgen.net/github/last-commit/iagcl/watchmen)](https://badgen.net/github/last-commit/iagcl/watchmen) [![open-issues](https://badgen.net/github/open-issues/iagcl/watchmen)](https://badgen.net/github/open-issues/iagcl/watchmen) [![closed-issues](https://badgen.net/github/closed-issues/iagcl/watchmen)](https://badgen.net/github/closed-issues/iagcl/watchmen) |\n| **[ElectricEye](https://github.com/jonrau1/ElectricEye)** | Continuously monitor your AWS services for configurations that can lead to degradation of confidentiality, integrity or availability | [![stars](https://badgen.net/github/stars/jonrau1/ElectricEye)](https://badgen.net/github/stars/jonrau1/ElectricEye) | [![contributors](https://badgen.net/github/contributors/jonrau1/ElectricEye)](https://badgen.net/github/contributors/jonrau1/ElectricEye) [![watchers](https://badgen.net/github/watchers/jonrau1/ElectricEye)](https://badgen.net/github/watchers/jonrau1/ElectricEye) [![last-commit](https://badgen.net/github/last-commit/jonrau1/ElectricEye)](https://badgen.net/github/last-commit/jonrau1/ElectricEye) [![open-issues](https://badgen.net/github/open-issues/jonrau1/ElectricEye)](https://badgen.net/github/open-issues/jonrau1/ElectricEye) [![closed-issues](https://badgen.net/github/closed-issues/jonrau1/ElectricEye)](https://badgen.net/github/closed-issues/jonrau1/ElectricEye) |\n| **[SyntheticSun](https://github.com/jonrau1/SyntheticSun)** | a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, managed AWS security services and, serverless technologies to continuously prevent, detect and respond to threats | [![stars](https://badgen.net/github/stars/jonrau1/SyntheticSun)](https://badgen.net/github/stars/jonrau1/SyntheticSun) | [![contributors](https://badgen.net/github/contributors/jonrau1/SyntheticSun)](https://badgen.net/github/contributors/jonrau1/SyntheticSun) [![watchers](https://badgen.net/github/watchers/jonrau1/SyntheticSun)](https://badgen.net/github/watchers/jonrau1/SyntheticSun) [![last-commit](https://badgen.net/github/last-commit/jonrau1/SyntheticSun)](https://badgen.net/github/last-commit/jonrau1/SyntheticSun) [![open-issues](https://badgen.net/github/open-issues/jonrau1/SyntheticSun)](https://badgen.net/github/open-issues/jonrau1/SyntheticSun) [![closed-issues](https://badgen.net/github/closed-issues/jonrau1/SyntheticSun)](https://badgen.net/github/closed-issues/jonrau1/SyntheticSun) |\n| **[CloudQuery](https://github.com/cloudquery/cloudquery/)** | cloudquery exposes your cloud configuration and metadata as sql tables, providing powerful analysis and monitoring for compliance and security |[![stars](https://badgen.net/github/stars/cloudquery/cloudquery/)](https://badgen.net/github/stars/cloudquery/cloudquery/)| [![contributors](https://badgen.net/github/contributors/cloudquery/cloudquery/)](https://badgen.net/github/contributors/cloudquery/cloudquery/)[![watchers](https://badgen.net/github/watchers/cloudquery/cloudquery/)](https://badgen.net/github/watchers/cloudquery/cloudquery/)[![last-commit](https://badgen.net/github/last-commit/cloudquery/cloudquery/)](https://badgen.net/github/last-commit/cloudquery/cloudquery/) [![open-issues](https://badgen.net/github/open-issues/cloudquery/cloudquery/)](https://badgen.net/github/open-issues/cloudquery/cloudquery/) [![closed-issues](https://badgen.net/github/closed-issues/cloudquery/cloudquery/)](https://badgen.net/github/closed-issues/cloudquery/cloudquery/) |\n| **[PrismX](https://github.com/omaidf/PrismX)** | Cloud Security Dashboard for AWS - based on ScoutSuite | [![stars](https://badgen.net/github/stars/omaidf/PrismX)](https://badgen.net/github/stars/omaidf/PrismX) | [![contributors](https://badgen.net/github/contributors/omaidf/PrismX)](https://badgen.net/github/contributors/omaidf/PrismX) [![watchers](https://badgen.net/github/watchers/omaidf/PrismX)](https://badgen.net/github/watchers/omaidf/PrismX) [![last-commit](https://badgen.net/github/last-commit/omaidf/PrismX)](https://badgen.net/github/last-commit/omaidf/PrismX) [![open-issues](https://badgen.net/github/open-issues/omaidf/PrismX)](https://badgen.net/github/open-issues/omaidf/PrismX) [![closed-issues](https://badgen.net/github/closed-issues/omaidf/PrismX)](https://badgen.net/github/closed-issues/omaidf/PrismX) |\n| **[Falco](https://github.com/falcosecurity/falco)** | Threat detection and response for containers, hosts, Kubernetes and the cloud | [![stars](https://badgen.net/github/stars/falcosecurity/falco)](https://badgen.net/github/stars/falcosecurity/falco) | [![contributors](https://badgen.net/github/contributors/falcosecurity/falco)](https://badgen.net/github/contributors/falcosecurity/falco) [![watchers](https://badgen.net/github/watchers/falcosecurity/falco)](https://badgen.net/github/watchers/falcosecurity/falco) [![last-commit](https://badgen.net/github/last-commit/falcosecurity/falco)](https://badgen.net/github/last-commit/falcosecurity/falco) [![open-issues](https://badgen.net/github/open-issues/falcosecurity/falco)](https://badgen.net/github/open-issues/falcosecurity/falco) [![closed-issues](https://badgen.net/github/closed-issues/falcosecurity/falco)](https://badgen.net/github/closed-issues/falcosecurity/falco) |\n\n## Digital Forensics and Incident Response\n| Name | Description | Popularity | Metadata |\n| ---------- | :---------- | :----------: | :----------: |\n| **[AWS IR](https://github.com/ThreatResponse/aws_ir)** | AWS specific Incident Response and Forensics Tool |[![stars](https://badgen.net/github/stars/ThreatResponse/aws_ir)](https://badgen.net/github/stars/ThreatResponse/aws_ir)| [![contributors](https://badgen.net/github/contributors/ThreatResponse/aws_ir)](https://badgen.net/github/contributors/ThreatResponse/aws_ir)[![watchers](https://badgen.net/github/watchers/ThreatResponse/aws_ir)](https://badgen.net/github/watchers/ThreatResponse/aws_ir)[![last-commit](https://badgen.net/github/last-commit/ThreatResponse/aws_ir)](https://badgen.net/github/last-commit/ThreatResponse/aws_ir) [![open-issues](https://badgen.net/github/open-issues/ThreatResponse/aws_ir)](https://badgen.net/github/open-issues/ThreatResponse/aws_ir) [![closed-issues](https://badgen.net/github/closed-issues/ThreatResponse/aws_ir)](https://badgen.net/github/closed-issues/ThreatResponse/aws_ir) |\n| **[Margaritashotgun](https://github.com/ThreatResponse/margaritashotgun)** | Linux memory remote acquisition tool |[![stars](https://badgen.net/github/stars/ThreatResponse/margaritashotgun)](https://badgen.net/github/stars/ThreatResponse/margaritashotgun)| [![contributors](https://badgen.net/github/contributors/ThreatResponse/margaritashotgun)](https://badgen.net/github/contributors/ThreatResponse/margaritashotgun)[![watchers](https://badgen.net/github/watchers/ThreatResponse/margaritashotgun)](https://badgen.net/github/watchers/ThreatResponse/margaritashotgun)[![last-commit](https://badgen.net/github/last-commit/ThreatResponse/margaritashotgun)](https://badgen.net/github/last-commit/ThreatResponse/margaritashotgun) [![open-issues](https://badgen.net/github/open-issues/ThreatResponse/margaritashotgun)](https://badgen.net/github/open-issues/ThreatResponse/margaritashotgun) [![closed-issues](https://badgen.net/github/closed-issues/ThreatResponse/margaritashotgun)](https://badgen.net/github/closed-issues/ThreatResponse/margaritashotgun) |\n| **[Diffy](https://github.com/Netflix-Skunkworks/diffy)** | Triage tool used during cloud-centric security incidents |[![stars](https://badgen.net/github/stars/Netflix-Skunkworks/diffy)](https://badgen.net/github/stars/Netflix-Skunkworks/diffy)| [![contributors](https://badgen.net/github/contributors/Netflix-Skunkworks/diffy)](https://badgen.net/github/contributors/Netflix-Skunkworks/diffy)[![watchers](https://badgen.net/github/watchers/Netflix-Skunkworks/diffy)](https://badgen.net/github/watchers/Netflix-Skunkworks/diffy)[![last-commit](https://badgen.net/github/last-commit/Netflix-Skunkworks/diffy)](https://badgen.net/github/last-commit/Netflix-Skunkworks/diffy) [![open-issues](https://badgen.net/github/open-issues/Netflix-Skunkworks/diffy)](https://badgen.net/github/open-issues/Netflix-Skunkworks/diffy) [![closed-issues](https://badgen.net/github/closed-issues/Netflix-Skunkworks/diffy)](https://badgen.net/github/closed-issues/Netflix-Skunkworks/diffy) |\n| **[AWS Security Automation](https://github.com/awslabs/aws-security-automation)** | AWS scripts and resources for DevSecOps and automated incident response |[![stars](https://badgen.net/github/stars/awslabs/aws-security-automation)](https://badgen.net/github/stars/awslabs/aws-security-automation)| [![contributors](https://badgen.net/github/contributors/awslabs/aws-security-automation)](https://badgen.net/github/contributors/awslabs/aws-security-automation)[![watchers](https://badgen.net/github/watchers/awslabs/aws-security-automation)](https://badgen.net/github/watchers/awslabs/aws-security-automation)[![last-commit](https://badgen.net/github/last-commit/awslabs/aws-security-automation)](https://badgen.net/github/last-commit/awslabs/aws-security-automation) [![open-issues](https://badgen.net/github/open-issues/awslabs/aws-security-automation)](https://badgen.net/github/open-issues/awslabs/aws-security-automation) [![closed-issues](https://badgen.net/github/closed-issues/awslabs/aws-security-automation)](https://badgen.net/github/closed-issues/awslabs/aws-security-automation) |\n| **[GDPatrol](https://github.com/ansorren/GDPatrol)** | Automated Incident Response based off AWS GuardDuty findings |[![stars](https://badgen.net/github/stars/ansorren/GDPatrol)](https://badgen.net/github/stars/ansorren/GDPatrol)| [![contributors](https://badgen.net/github/contributors/ansorren/GDPatrol)](https://badgen.net/github/contributors/ansorren/GDPatrol)[![watchers](https://badgen.net/github/watchers/ansorren/GDPatrol)](https://badgen.net/github/watchers/ansorren/GDPatrol)[![last-commit](https://badgen.net/github/last-commit/ansorren/GDPatrol)](https://badgen.net/github/last-commit/ansorren/GDPatrol) [![open-issues](https://badgen.net/github/open-issues/ansorren/GDPatrol)](https://badgen.net/github/open-issues/ansorren/GDPatrol) [![closed-issues](https://badgen.net/github/closed-issues/ansorren/GDPatrol)](https://badgen.net/github/closed-issues/ansorren/GDPatrol) |\n| **[AWSlog](https://github.com/jaksi/awslog)** | Show the history and changes between configuration versions of AWS resources using AWS Config  |[![stars](https://badgen.net/github/stars/jaksi/awslog)](https://badgen.net/github/stars/jaksi/awslog)| [![contributors](https://badgen.net/github/contributors/jaksi/awslog)](https://badgen.net/github/contributors/jaksi/awslog)[![watchers](https://badgen.net/github/watchers/jaksi/awslog)](https://badgen.net/github/watchers/jaksi/awslog)[![last-commit](https://badgen.net/github/last-commit/jaksi/awslog)](https://badgen.net/github/last-commit/jaksi/awslog) [![open-issues](https://badgen.net/github/open-issues/jaksi/awslog)](https://badgen.net/github/open-issues/jaksi/awslog) [![closed-issues](https://badgen.net/github/closed-issues/jaksi/awslog)](https://badgen.net/github/closed-issues/jaksi/awslog) |\n| **[DataCop](https://github.com/damienjburks/DataCop)** | Automated IR process that mitigates vulnerable AWS S3 buckets that are defined by AWS Macie results. | [![stars](https://badgen.net/github/stars/damienjburks/datacop)](https://badgen.net/github/stars/damienjburks/datacop)| [![contributors](https://badgen.net/github/contributors/damienjburks/datacop)](https://badgen.net/github/contributors/damienjburks/datacop) [![watchers](https://badgen.net/github/watchers/damienjburks/datacop)](https://badgen.net/github/watchers/damienjburks/datacop) [![last-commit](https://img.shields.io/github/last-commit/damienjburks/datacop)](https://img.shields.io/github/last-commit/damienjburks/datacop) [![open-issues](https://badgen.net/github/open-issues/damienjburks/datacop)](https://badgen.net/github/open-issues/damienjburks/datacop) [![closed-issues](https://badgen.net/github/closed-issues/damienjburks/datacop)](https://badgen.net/github/closed-issues/damienjburks/datacop) |\n| **[AWS_Responder](https://github.com/prolsen/aws_responder)** | AWS Digital Forensic and Incident Response (DFIR) Response Python Scripts |[![stars](https://badgen.net/github/stars/prolsen/aws_responder)](https://badgen.net/github/stars/prolsen/aws_responder)| [![contributors](https://badgen.net/github/contributors/prolsen/aws_responder)](https://badgen.net/github/contributors/prolsen/aws_responder)[![watchers](https://badgen.net/github/watchers/prolsen/aws_responder)](https://badgen.net/github/watchers/prolsen/aws_responder)[![last-commit](https://badgen.net/github/last-commit/prolsen/aws_responder)](https://badgen.net/github/last-commit/prolsen/aws_responder) [![open-issues](https://badgen.net/github/open-issues/prolsen/aws_responder)](https://badgen.net/github/open-issues/prolsen/aws_responder) [![closed-issues](https://badgen.net/github/closed-issues/prolsen/aws_responder)](https://badgen.net/github/closed-issues/prolsen/aws_responder) |\n| **[SSM-Acquire](https://github.com/mozilla/ssm-acquire)** | A python module for orchestrating content acquisitions and analysis via Amazon SSM |[![stars](https://badgen.net/github/stars/mozilla/ssm-acquire)](https://badgen.net/github/stars/mozilla/ssm-acquire)| [![contributors](https://badgen.net/github/contributors/mozilla/ssm-acquire)](https://badgen.net/github/contributors/mozilla/ssm-acquire)[![watchers](https://badgen.net/github/watchers/mozilla/ssm-acquire)](https://badgen.net/github/watchers/mozilla/ssm-acquire)[![last-commit](https://badgen.net/github/last-commit/mozilla/ssm-acquire)](https://badgen.net/github/last-commit/mozilla/ssm-acquire) [![open-issues](https://badgen.net/github/open-issues/mozilla/ssm-acquire)](https://badgen.net/github/open-issues/mozilla/ssm-acquire) [![closed-issues](https://badgen.net/github/closed-issues/mozilla/ssm-acquire)](https://badgen.net/github/closed-issues/mozilla/ssm-acquire) |\n| **[cloudtrail-partitioner](https://github.com/duo-labs/cloudtrail-partitioner)** | This project sets up partitioned Athena tables for your CloudTrail logs and updates the partitions nightly. Makes CloudTrail logs queries easier. | [![stars](https://badgen.net/github/stars/duo-labs/cloudtrail-partitioner)](https://badgen.net/github/stars/duo-labs/cloudtrail-partitioner)| [![contributors](https://badgen.net/github/contributors/duo-labs/cloudtrail-partitioner)](https://badgen.net/github/contributors/duo-labs/cloudtrail-partitioner)[![watchers](https://badgen.net/github/watchers/duo-labs/cloudtrail-partitioner)](https://badgen.net/github/watchers/duo-labs/cloudtrail-partitioner)[![last-commit](https://badgen.net/github/last-commit/duo-labs/cloudtrail-partitioner)](https://badgen.net/github/last-commit/duo-labs/cloudtrail-partitioner) [![open-issues](https://badgen.net/github/open-issues/duo-labs/cloudtrail-partitioner)](https://badgen.net/github/open-issues/duo-labs/cloudtrail-partitioner) [![closed-issues](https://badgen.net/github/closed-issues/duo-labs/cloudtrail-partitioner)](https://badgen.net/github/closed-issues/duo-labs/cloudtrail-partitioner) |\n| **[fargate-ir](https://github.com/andrewkrug/fargate-ir)** | Proof of concept incident response demo using SSM and AWS Fargate. |[![stars](https://badgen.net/github/stars/andrewkrug/fargate-ir)](https://badgen.net/github/stars/andrewkrug/fargate-ir)| [![contributors](https://badgen.net/github/contributors/andrewkrug/fargate-ir)](https://badgen.net/github/contributors/andrewkrug/fargate-ir) [![watchers](https://badgen.net/github/watchers/andrewkrug/fargate-ir)](https://badgen.net/github/watchers/andrewkrug/fargate-ir) [![last-commit](https://badgen.net/github/last-commit/andrewkrug/fargate-ir)](https://badgen.net/github/last-commit/andrewkrug/fargate-ir) [![open-issues](https://badgen.net/github/open-issues/andrewkrug/fargate-ir)](https://badgen.net/github/open-issues/andrewkrug/fargate-ir) [![closed-issues](https://badgen.net/github/closed-issues/andrewkrug/fargate-ir)](https://badgen.net/github/closed-issues/andrewkrug/fargate-ir) |\n| **[aws-logsearch](https://github.com/endgameinc/aws-logsearch)** | Search AWS CloudWatch logs all at once on the command line. | [![stars](https://badgen.net/github/stars/endgameinc/aws-logsearch)](https://badgen.net/github/stars/endgameinc/aws-logsearch) | [![contributors](https://badgen.net/github/contributors/endgameinc/aws-logsearch)](https://badgen.net/github/contributors/endgameinc/aws-logsearch) [![watchers](https://badgen.net/github/watchers/endgameinc/aws-logsearch)](https://badgen.net/github/watchers/endgameinc/aws-logsearch) [![last-commit](https://badgen.net/github/last-commit/endgameinc/aws-logsearch)](https://badgen.net/github/last-commit/endgameinc/aws-logsearch) [![open-issues](https://badgen.net/github/open-issues/endgameinc/aws-logsearch)](https://badgen.net/github/open-issues/endgameinc/aws-logsearch) [![closed-issues](https://badgen.net/github/closed-issues/endgameinc/aws-logsearch)](https://badgen.net/github/closed-issues/endgameinc/aws-logsearch) |\n| **[Varna](https://github.com/endgameinc/varna)** | Quick & Cheap AWS CloudTrail Monitoring with Event Query Language (EQL) | [![stars](https://badgen.net/github/stars/endgameinc/varna)](https://badgen.net/github/stars/endgameinc/varna) | [![contributors](https://badgen.net/github/contributors/endgameinc/varna)](https://badgen.net/github/contributors/endgameinc/varna) [![watchers](https://badgen.net/github/watchers/endgameinc/varna)](https://badgen.net/github/watchers/endgameinc/varna) [![last-commit](https://badgen.net/github/last-commit/endgameinc/varna)](https://badgen.net/github/last-commit/endgameinc/varna) [![open-issues](https://badgen.net/github/open-issues/endgameinc/varna)](https://badgen.net/github/open-issues/endgameinc/varna) [![closed-issues](https://badgen.net/github/closed-issues/endgameinc/varna)](https://badgen.net/github/closed-issues/endgameinc/varna) |\n| **[aws-auto-remediate](https://github.com/servian/aws-auto-remediate)** | Open source application to instantly remediate common security issues through the use of AWS Config  | [![stars](https://badgen.net/github/stars/servian/aws-auto-remediate)](https://badgen.net/github/stars/servian/aws-auto-remediate) | [![contributors](https://badgen.net/github/contributors/servian/aws-auto-remediate)](https://badgen.net/github/contributors/servian/aws-auto-remediate) [![watchers](https://badgen.net/github/watchers/servian/aws-auto-remediate)](https://badgen.net/github/watchers/servian/aws-auto-remediate) [![last-commit](https://badgen.net/github/last-commit/servian/aws-auto-remediate)](https://badgen.net/github/last-commit/servian/aws-auto-remediate) [![open-issues](https://badgen.net/github/open-issues/servian/aws-auto-remediate)](https://badgen.net/github/open-issues/servian/aws-auto-remediate) [![closed-issues](https://badgen.net/github/closed-issues/servian/aws-auto-remediate)](https://badgen.net/github/closed-issues/servian/aws-auto-remediate) |\n| **[panther-labs](https://github.com/panther-labs/panther-analysis)** | Detect threats with log data and improve cloud security posture | [![stars](https://badgen.net/github/stars/panther-labs/panther-analysis)](https://badgen.net/github/stars/panther-labs/panther-analysis) | [![contributors](https://badgen.net/github/contributors/panther-labs/panther-analysis)](https://badgen.net/github/contributors/panther-labs/panther-analysis) [![watchers](https://badgen.net/github/watchers/panther-labs/panther-analysis)](https://badgen.net/github/watchers/panther-labs/panther-analysis) [![last-commit](https://badgen.net/github/last-commit/panther-labs/panther-analysis)](https://badgen.net/github/last-commit/panther-labs/panther-analysis) [![open-issues](https://badgen.net/github/open-issues/panther-labs/panther-analysis)](https://badgen.net/github/open-issues/panther-labs/panther-analysis) [![closed-issues](https://badgen.net/github/closed-issues/panther-labs/panther-analysis)](https://badgen.net/github/closed-issues/panther-labs/panther-analysis) |\n| **[aws-incident-response](https://github.com/easttimor/aws-incident-response)** | This page is a collection of useful things to look for in CloudTrail using Athena for AWS incident response | [![stars](https://badgen.net/github/stars/easttimor/aws-incident-response)](https://badgen.net/github/stars/easttimor/aws-incident-response) | [![contributors](https://badgen.net/github/contributors/easttimor/aws-incident-response)](https://badgen.net/github/contributors/easttimor/aws-incident-response) [![watchers](https://badgen.net/github/watchers/easttimor/aws-incident-response)](https://badgen.net/github/watchers/easttimor/aws-incident-response) [![last-commit](https://badgen.net/github/last-commit/easttimor/aws-incident-response)](https://badgen.net/github/last-commit/easttimor/aws-incident-response) [![open-issues](https://badgen.net/github/open-issues/easttimor/aws-incident-response)](https://badgen.net/github/open-issues/easttimor/aws-incident-response) [![closed-issues](https://badgen.net/github/closed-issues/easttimor/aws-incident-response)](https://badgen.net/github/closed-issues/easttimor/aws-incident-response) |\n| **[cloud-forensics-utils](https://github.com/google/cloud-forensics-utils)** | Python library to carry out DFIR analysis on the Cloud  | [![stars](https://badgen.net/github/stars/google/cloud-forensics-utils)](https://badgen.net/github/stars/google/cloud-forensics-utils) | [![contributors](https://badgen.net/github/contributors/google/cloud-forensics-utils)](https://badgen.net/github/contributors/google/cloud-forensics-utils) [![watchers](https://badgen.net/github/watchers/google/cloud-forensics-utils)](https://badgen.net/github/watchers/google/cloud-forensics-utils) [![last-commit](https://badgen.net/github/last-commit/google/cloud-forensics-utils)](https://badgen.net/github/last-commit/google/cloud-forensics-utils) [![open-issues](https://badgen.net/github/open-issues/google/cloud-forensics-utils)](https://badgen.net/github/open-issues/google/cloud-forensics-utils) [![closed-issues](https://badgen.net/github/closed-issues/google/cloud-forensics-utils)](https://badgen.net/github/closed-issues/google/cloud-forensics-utils) |\n| **[aws-fast-fixes](https://github.com/WarnerMedia/aws-fast-fixes)** | Scripts to quickly fix security and compliance issues | [![stars](https://badgen.net/github/stars/WarnerMedia/aws-fast-fixes)](https://badgen.net/github/stars/WarnerMedia/aws-fast-fixes) | [![contributors](https://badgen.net/github/contributors/WarnerMedia/aws-fast-fixes)](https://badgen.net/github/contributors/WarnerMedia/aws-fast-fixes) [![watchers](https://badgen.net/github/watchers/WarnerMedia/aws-fast-fixes)](https://badgen.net/github/watchers/WarnerMedia/aws-fast-fixes) [![last-commit](https://badgen.net/github/last-commit/WarnerMedia/aws-fast-fixes)](https://badgen.net/github/last-commit/WarnerMedia/aws-fast-fixes) [![open-issues](https://badgen.net/github/open-issues/WarnerMedia/aws-fast-fixes)](https://badgen.net/github/open-issues/WarnerMedia/aws-fast-fixes) [![closed-issues](https://badgen.net/github/closed-issues/WarnerMedia/aws-fast-fixes)](https://badgen.net/github/closed-issues/WarnerMedia/aws-fast-fixes) |\n\n\n## Development Security\n| Name | Description | Popularity | Metadata |\n| ---------- | :---------- | :----------: | :----------: |\n| **[Automated Security Helper (ASH)](https://github.com/aws-samples/automated-security-helper)** |  ASH is a one stop shop for code security scans, and does not require any installation. It will identify the relevant frameworks, and download the relevant, up to date tools. ASH is running on isolated Docker containers, keeping the user environment clean, with a single aggregated report. The following frameworks are supported: Git, Python, Javascript, Cloudformation, Terraform and Jupyter notebook. |[![stars](https://badgen.net/github/stars/aws-samples/automated-security-helper)](https://badgen.net/github/stars/aws-samples/automated-security-helper)| [![contributors](https://badgen.net/github/contributors/aws-samples/automated-security-helper)](https://badgen.net/github/contributors/aws-samples/automated-security-helper)[![watchers](https://badgen.net/github/watchers/aws-samples/automated-security-helper)](https://badgen.net/github/watchers/aws-samples/automated-security-helper)[![last-commit](https://badgen.net/github/last-commit/aws-samples/automated-security-helper)](https://badgen.net/github/last-commit/aws-samples/automated-security-helper) [![open-issues](https://badgen.net/github/open-issues/aws-samples/automated-security-helper)](https://badgen.net/github/open-issues/aws-samples/automated-security-helper) [![closed-issues](https://badgen.net/github/closed-issues/aws-samples/automated-security-helper)](https://badgen.net/github/closed-issues/aws-samples/automated-security-helper) |\n| **[CFN NAG](https://github.com/stelligent/cfn_nag)** |  CloudFormation security test (Ruby) |[![stars](https://badgen.net/github/stars/stelligent/cfn_nag)](https://badgen.net/github/stars/stelligent/cfn_nag)| [![contributors](https://badgen.net/github/contributors/stelligent/cfn_nag)](https://badgen.net/github/contributors/stelligent/cfn_nag)[![watchers](https://badgen.net/github/watchers/stelligent/cfn_nag)](https://badgen.net/github/watchers/stelligent/cfn_nag)[![last-commit](https://badgen.net/github/last-commit/stelligent/cfn_nag)](https://badgen.net/github/last-commit/stelligent/cfn_nag) [![open-issues](https://badgen.net/github/open-issues/stelligent/cfn_nag)](https://badgen.net/github/open-issues/stelligent/cfn_nag) [![closed-issues](https://badgen.net/github/closed-issues/stelligent/cfn_nag)](https://badgen.net/github/closed-issues/stelligent/cfn_nag) |\n| **[Git-secrets](https://github.com/awslabs/git-secrets)** |  |[![stars](https://badgen.net/github/stars/awslabs/git-secrets)](https://badgen.net/github/stars/awslabs/git-secrets)| [![contributors](https://badgen.net/github/contributors/awslabs/git-secrets)](https://badgen.net/github/contributors/awslabs/git-secrets)[![watchers](https://badgen.net/github/watchers/awslabs/git-secrets)](https://badgen.net/github/watchers/awslabs/git-secrets)[![last-commit](https://badgen.net/github/last-commit/awslabs/git-secrets)](https://badgen.net/github/last-commit/awslabs/git-secrets) [![open-issues](https://badgen.net/github/open-issues/awslabs/git-secrets)](https://badgen.net/github/open-issues/awslabs/git-secrets) [![closed-issues](https://badgen.net/github/closed-issues/awslabs/git-secrets)](https://badgen.net/github/closed-issues/awslabs/git-secrets) |\n| **[Repository of sample Custom Rules for AWS Config](https://github.com/awslabs/aws-config-rules)** |  |[![stars](https://badgen.net/github/stars/awslabs/aws-config-rules)](https://badgen.net/github/stars/awslabs/aws-config-rules)| [![contributors](https://badgen.net/github/contributors/awslabs/aws-config-rules)](https://badgen.net/github/contributors/awslabs/aws-config-rules)[![watchers](https://badgen.net/github/watchers/awslabs/aws-config-rules)](https://badgen.net/github/watchers/awslabs/aws-config-rules)[![last-commit](https://badgen.net/github/last-commit/awslabs/aws-config-rules)](https://badgen.net/github/last-commit/awslabs/aws-config-rules) [![open-issues](https://badgen.net/github/open-issues/awslabs/aws-config-rules)](https://badgen.net/github/open-issues/awslabs/aws-config-rules) [![closed-issues](https://badgen.net/github/closed-issues/awslabs/aws-config-rules)](https://badgen.net/github/closed-issues/awslabs/aws-config-rules) |\n| **[CFripper](https://github.com/Skyscanner/cfripper)** | \"Lambda function to \"\"rip apart\"\" a CloudFormation template and check it for security compliance.\" |[![stars](https://badgen.net/github/stars/Skyscanner/cfripper)](https://badgen.net/github/stars/Skyscanner/cfripper)| [![contributors](https://badgen.net/github/contributors/Skyscanner/cfripper)](https://badgen.net/github/contributors/Skyscanner/cfripper)[![watchers](https://badgen.net/github/watchers/Skyscanner/cfripper)](https://badgen.net/github/watchers/Skyscanner/cfripper)[![last-commit](https://badgen.net/github/last-commit/Skyscanner/cfripper)](https://badgen.net/github/last-commit/Skyscanner/cfripper) [![open-issues](https://badgen.net/github/open-issues/Skyscanner/cfripper)](https://badgen.net/github/open-issues/Skyscanner/cfripper) [![closed-issues](https://badgen.net/github/closed-issues/Skyscanner/cfripper)](https://badgen.net/github/closed-issues/Skyscanner/cfripper) |\n| **[Assume](https://github.com/SanderKnape/assume)** | A simple CLI utility that makes it easier to switch between different AWS roles |[![stars](https://badgen.net/github/stars/SanderKnape/assume)](https://badgen.net/github/stars/SanderKnape/assume)| [![contributors](https://badgen.net/github/contributors/SanderKnape/assume)](https://badgen.net/github/contributors/SanderKnape/assume)[![watchers](https://badgen.net/github/watchers/SanderKnape/assume)](https://badgen.net/github/watchers/SanderKnape/assume)[![last-commit](https://badgen.net/github/last-commit/SanderKnape/assume)](https://badgen.net/github/last-commit/SanderKnape/assume) [![open-issues](https://badgen.net/github/open-issues/SanderKnape/assume)](https://badgen.net/github/open-issues/SanderKnape/assume) [![closed-issues](https://badgen.net/github/closed-issues/SanderKnape/assume)](https://badgen.net/github/closed-issues/SanderKnape/assume) |\n| **[Terrascan](https://github.com/cesar-rodriguez/terrascan)** | A collection of security and best practice tests for static code analysis of terraform templates using terraform_validate |[![stars](https://badgen.net/github/stars/cesar-rodriguez/terrascan)](https://badgen.net/github/stars/cesar-rodriguez/terrascan)| [![contributors](https://badgen.net/github/contributors/cesar-rodriguez/terrascan)](https://badgen.net/github/contributors/cesar-rodriguez/terrascan)[![watchers](https://badgen.net/github/watchers/cesar-rodriguez/terrascan)](https://badgen.net/github/watchers/cesar-rodriguez/terrascan)[![last-commit](https://badgen.net/github/last-commit/cesar-rodriguez/terrascan)](https://badgen.net/github/last-commit/cesar-rodriguez/terrascan) [![open-issues](https://badgen.net/github/open-issues/cesar-rodriguez/terrascan)](https://badgen.net/github/open-issues/cesar-rodriguez/terrascan) [![closed-issues](https://badgen.net/github/closed-issues/cesar-rodriguez/terrascan)](https://badgen.net/github/closed-issues/cesar-rodriguez/terrascan) |\n| **[tfsec](https://github.com/liamg/tfsec)** | Provides static analysis of your terraform templates to spot potential security issues |[![stars](https://badgen.net/github/stars/liamg/tfsec)](https://badgen.net/github/stars/liamg/tfsec)| [![contributors](https://badgen.net/github/contributors/liamg/tfsec)](https://badgen.net/github/contributors/liamg/tfsec)[![watchers](https://badgen.net/github/watchers/liamg/tfsec)](https://badgen.net/github/watchers/liamg/tfsec)[![last-commit](https://badgen.net/github/last-commit/liamg/tfsec)](https://badgen.net/github/last-commit/liamg/tfsec) [![open-issues](https://badgen.net/github/open-issues/liamg/tfsec)](https://badgen.net/github/open-issues/liamg/tfsec) [![closed-issues](https://badgen.net/github/closed-issues/liamg/tfsec)](https://badgen.net/github/closed-issues/liamg/tfsec) |\n| **[Checkov](https://github.com/bridgecrewio/checkov)** | Terraform, Cloudformation and Kubernetes static analysis written in python  |[![stars](https://badgen.net/github/stars/bridgecrewio/checkov)](https://badgen.net/github/stars/bridgecrewio/checkov)| [![contributors](https://badgen.net/github/contributors/bridgecrewio/checkov)](https://badgen.net/github/contributors/bridgecrewio/checkov)[![watchers](https://badgen.net/github/watchers/bridgecrewio/checkov)](https://badgen.net/github/watchers/bridgecrewio/checkov)[![last-commit](https://badgen.net/github/last-commit/bridgecrewio/checkov)](https://badgen.net/github/last-commit/bridgecrewio/checkov) [![open-issues](https://badgen.net/github/open-issues/bridgecrewio/checkov)](https://badgen.net/github/open-issues/bridgecrewio/checkov) [![closed-issues](https://badgen.net/github/closed-issues/bridgecrewio/checkov)](https://badgen.net/github/closed-issues/bridgecrewio/checkov) |\n| **[Yor](https://github.com/bridgecrewio/yor)** | Automatically tag and trace infrastructure as code frameworks (Terraform, Cloudformation and Serverless)  |[![stars](https://badgen.net/github/stars/bridgecrewio/yor)](https://badgen.net/github/stars/bridgecrewio/yor)| [![contributors](https://badgen.net/github/contributors/bridgecrewio/yor)](https://badgen.net/github/contributors/bridgecrewio/yor)[![watchers](https://badgen.net/github/watchers/bridgecrewio/yor)](https://badgen.net/github/watchers/bridgecrewio/yor)[![last-commit](https://badgen.net/github/last-commit/bridgecrewio/yor)](https://badgen.net/github/last-commit/bridgecrewio/yor) [![open-issues](https://badgen.net/github/open-issues/bridgecrewio/yor)](https://badgen.net/github/open-issues/bridgecrewio/yor) [![closed-issues](https://badgen.net/github/closed-issues/bridgecrewio/yor)](https://badgen.net/github/closed-issues/bridgecrewio/yor) |\n| **[pytest-services](https://github.com/mozilla-services/pytest-services)** | Unit testing framework for test driven security of AWS configurations and more |[![stars](https://badgen.net/github/stars/mozilla-services/pytest-services)](https://badgen.net/github/stars/mozilla-services/pytest-services)| [![contributors](https://badgen.net/github/contributors/mozilla-services/pytest-services)](https://badgen.net/github/contributors/mozilla-services/pytest-services)[![watchers](https://badgen.net/github/watchers/mozilla-services/pytest-services)](https://badgen.net/github/watchers/mozilla-services/pytest-services)[![last-commit](https://badgen.net/github/last-commit/mozilla-services/pytest-services)](https://badgen.net/github/last-commit/mozilla-services/pytest-services) [![open-issues](https://badgen.net/github/open-issues/mozilla-services/pytest-services)](https://badgen.net/github/open-issues/mozilla-services/pytest-services) [![closed-issues](https://badgen.net/github/closed-issues/mozilla-services/pytest-services)](https://badgen.net/github/closed-issues/mozilla-services/pytest-services) |\n| **[IAM Least-Privileged Role Generator](https://github.com/puresec/serverless-puresec-cli)** | A Serverless framework plugin that statically analyzes AWS Lambda function code and automagically generates least-privileged IAM roles. |[![stars](https://badgen.net/github/stars/puresec/serverless-puresec-cli)](https://badgen.net/github/stars/puresec/serverless-puresec-cli)| [![contributors](https://badgen.net/github/contributors/puresec/serverless-puresec-cli)](https://badgen.net/github/contributors/puresec/serverless-puresec-cli)[![watchers](https://badgen.net/github/watchers/puresec/serverless-puresec-cli)](https://badgen.net/github/watchers/puresec/serverless-puresec-cli)[![last-commit](https://badgen.net/github/last-commit/puresec/serverless-puresec-cli)](https://badgen.net/github/last-commit/puresec/serverless-puresec-cli) [![open-issues](https://badgen.net/github/open-issues/puresec/serverless-puresec-cli)](https://badgen.net/github/open-issues/puresec/serverless-puresec-cli) [![closed-issues](https://badgen.net/github/closed-issues/puresec/serverless-puresec-cli)](https://badgen.net/github/closed-issues/puresec/serverless-puresec-cli) |\n| **[AWS Vault](https://github.com/99designs/aws-vault)** | A vault for securely storing and accessing AWS credentials in development environments  |[![stars](https://badgen.net/github/stars/99designs/aws-vault)](https://badgen.net/github/stars/99designs/aws-vault)| [![contributors](https://badgen.net/github/contributors/99designs/aws-vault)](https://badgen.net/github/contributors/99designs/aws-vault)[![watchers](https://badgen.net/github/watchers/99designs/aws-vault)](https://badgen.net/github/watchers/99designs/aws-vault)[![last-commit](https://badgen.net/github/last-commit/99designs/aws-vault)](https://badgen.net/github/last-commit/99designs/aws-vault) [![open-issues](https://badgen.net/github/open-issues/99designs/aws-vault)](https://badgen.net/github/open-issues/99designs/aws-vault) [![closed-issues](https://badgen.net/github/closed-issues/99designs/aws-vault)](https://badgen.net/github/closed-issues/99designs/aws-vault) |\n| **[AWS Service Control Policies](https://github.com/jchrisfarris/aws-service-control-policies)** | Collection of semi-useful Service Control Policies and scripts to manage them  |[![stars](https://badgen.net/github/stars/jchrisfarris/aws-service-control-policies)](https://badgen.net/github/stars/jchrisfarris/aws-service-control-policies)| [![contributors](https://badgen.net/github/contributors/jchrisfarris/aws-service-control-policies)](https://badgen.net/github/contributors/jchrisfarris/aws-service-control-policies)[![watchers](https://badgen.net/github/watchers/jchrisfarris/aws-service-control-policies)](https://badgen.net/github/watchers/jchrisfarris/aws-service-control-policies)[![last-commit](https://badgen.net/github/last-commit/jchrisfarris/aws-service-control-policies)](https://badgen.net/github/last-commit/jchrisfarris/aws-service-control-policies) [![open-issues](https://badgen.net/github/open-issues/jchrisfarris/aws-service-control-policies)](https://badgen.net/github/open-issues/jchrisfarris/aws-service-control-policies) [![closed-issues](https://badgen.net/github/closed-issues/jchrisfarris/aws-service-control-policies)](https://badgen.net/github/closed-issues/jchrisfarris/aws-service-control-policies) |\n| **[Terraform-compliance](https://github.com/eerkunt/terraform-compliance)** | A lightweight security focused BDD test framework against terraform (with helpful code for AWS) |[![stars](https://badgen.net/github/stars/eerkunt/terraform-compliance)](https://badgen.net/github/stars/eerkunt/terraform-compliance)| [![contributors](https://badgen.net/github/contributors/eerkunt/terraform-compliance)](https://badgen.net/github/contributors/eerkunt/terraform-compliance)[![watchers](https://badgen.net/github/watchers/eerkunt/terraform-compliance)](https://badgen.net/github/watchers/eerkunt/terraform-compliance)[![last-commit](https://badgen.net/github/last-commit/eerkunt/terraform-compliance)](https://badgen.net/github/last-commit/eerkunt/terraform-compliance) [![open-issues](https://badgen.net/github/open-issues/eerkunt/terraform-compliance)](https://badgen.net/github/open-issues/eerkunt/terraform-compliance) [![closed-issues](https://badgen.net/github/closed-issues/eerkunt/terraform-compliance)](https://badgen.net/github/closed-issues/eerkunt/terraform-compliance) |\n| **[Get a List of AWS Managed Policies](https://github.com/RyPeck/aws_managed_policies)** | a way to get a list of all AWS managed policies |[![stars](https://badgen.net/github/stars/RyPeck/aws_managed_policies)](https://badgen.net/github/stars/RyPeck/aws_managed_policies)| [![contributors](https://badgen.net/github/contributors/RyPeck/aws_managed_policies)](https://badgen.net/github/contributors/RyPeck/aws_managed_policies)[![watchers](https://badgen.net/github/watchers/RyPeck/aws_managed_policies)](https://badgen.net/github/watchers/RyPeck/aws_managed_policies)[![last-commit](https://badgen.net/github/last-commit/RyPeck/aws_managed_policies)](https://badgen.net/github/last-commit/RyPeck/aws_managed_policies) [![open-issues](https://badgen.net/github/open-issues/RyPeck/aws_managed_policies)](https://badgen.net/github/open-issues/RyPeck/aws_managed_policies) [![closed-issues](https://badgen.net/github/closed-issues/RyPeck/aws_managed_policies)](https://badgen.net/github/closed-issues/RyPeck/aws_managed_policies) |\n| **[Parliament](https://github.com/duo-labs/parliament)** | AWS IAM linting library  |[![stars](https://badgen.net/github/stars/duo-labs/parliament)](https://badgen.net/github/stars/duo-labs/parliament)| [![contributors](https://badgen.net/github/contributors/duo-labs/parliament)](https://badgen.net/github/contributors/duo-labs/parliament)[![watchers](https://badgen.net/github/watchers/duo-labs/parliament)](https://badgen.net/github/watchers/duo-labs/parliament) [![last-commit](https://badgen.net/github/last-commit/duo-labs/parliament)](https://badgen.net/github/last-commit/duo-labs/parliament) [![open-issues](https://badgen.net/github/open-issues/duo-labs/parliament)](https://badgen.net/github/open-issues/duo-labs/parliament) [![closed-issues](https://badgen.net/github/closed-issues/duo-labs/parliament)](https://badgen.net/github/closed-issues/duo-labs/parliament) |\n| **[AWS-ComplianceMachineDontStop](https://github.com/jonrau1/AWS-ComplianceMachineDontStop)** | Proof of Value Terraform Scripts to utilize Amazon Web Services (AWS) Security  Identity & Compliance Services to Support your AWS Account Security Posture |[![stars](https://badgen.net/github/stars/jonrau1/AWS-ComplianceMachineDontStop)](https://badgen.net/github/stars/jonrau1/AWS-ComplianceMachineDontStop)| [![contributors](https://badgen.net/github/contributors/jonrau1/AWS-ComplianceMachineDontStop)](https://badgen.net/github/contributors/jonrau1/AWS-ComplianceMachineDontStop)[![watchers](https://badgen.net/github/watchers/jonrau1/AWS-ComplianceMachineDontStop)](https://badgen.net/github/watchers/jonrau1/AWS-ComplianceMachineDontStop)[![last-commit](https://badgen.net/github/last-commit/jonrau1/AWS-ComplianceMachineDontStop)](https://badgen.net/github/last-commit/jonrau1/AWS-ComplianceMachineDontStop) [![open-issues](https://badgen.net/github/open-issues/jonrau1/AWS-ComplianceMachineDontStop)](https://badgen.net/github/open-issues/jonrau1/AWS-ComplianceMachineDontStop) [![closed-issues](https://badgen.net/github/closed-issues/jonrau1/AWS-ComplianceMachineDontStop)](https://badgen.net/github/closed-issues/jonrau1/AWS-ComplianceMachineDontStop) |\n| **[detect-secrets](https://github.com/Yelp/detect-secrets)** | An enterprise friendly way of detecting and preventing secrets in code. |[![stars](https://badgen.net/github/stars/yelp/detect-secrets)](https://badgen.net/github/stars/yelp/detect-secrets)| [![contributors](https://badgen.net/github/contributors/yelp/detect-secrets)](https://badgen.net/github/contributors/yelp/detect-secrets)[![watchers](https://badgen.net/github/watchers/yelp/detect-secrets)](https://badgen.net/github/watchers/yelp/detect-secrets)[![last-commit](https://badgen.net/github/last-commit/yelp/detect-secrets)](https://badgen.net/github/last-commit/yelp/detect-secrets) [![open-issues](https://badgen.net/github/open-issues/yelp/detect-secrets)](https://badgen.net/github/open-issues/yelp/detect-secrets) [![closed-issues](https://badgen.net/github/closed-issues/yelp/detect-secrets)](https://badgen.net/github/closed-issues/yelp/detect-secrets) |\n| **[tf-parliament](https://github.com/rdkls/tf-parliament)** | Run Parliament AWS IAM Checker on Terraform Files |[![stars](https://badgen.net/github/stars/rdkls/tf-parliament)](https://badgen.net/github/stars/rdkls/tf-parliament)| [![contributors](https://badgen.net/github/contributors/rdkls/tf-parliament)](https://badgen.net/github/contributors/rdkls/tf-parliament) [![watchers](https://badgen.net/github/watchers/rdkls/tf-parliament)](https://badgen.net/github/watchers/rdkls/tf-parliament) [![last-commit](https://badgen.net/github/last-commit/rdkls/tf-parliament)](https://badgen.net/github/last-commit/rdkls/tf-parliament)  [![open-issues](https://badgen.net/github/open-issues/rdkls/tf-parliament)](https://badgen.net/github/open-issues/rdkls/tf-parliament) [![closed-issues](https://badgen.net/github/closed-issues/rdkls/tf-parliament)](https://badgen.net/github/closed-issues/rdkls/tf-parliament) |\n| **[aws-gate](https://github.com/xen0l/aws-gate)** | Better AWS SSM Session manager CLI client | [![stars](https://badgen.net/github/stars/xen0l/aws-gate)](https://badgen.net/github/stars/xen0l/aws-gate)| [![contributors](https://badgen.net/github/contributors/xen0l/aws-gate)](https://badgen.net/github/contributors/xen0l/aws-gate) [![watchers](https://badgen.net/github/watchers/xen0l/aws-gate)](https://badgen.net/github/watchers/xen0l/aws-gate) [![last-commit](https://badgen.net/github/last-commit/xen0l/aws-gate)](https://badgen.net/github/last-commit/xen0l/aws-gate)  [![open-issues](https://badgen.net/github/open-issues/xen0l/aws-gate)](https://badgen.net/github/open-issues/xen0l/aws-gate) [![closed-issues](https://badgen.net/github/closed-issues/xen0l/aws-gate)](https://badgen.net/github/closed-issues/xen0l/aws-gate) |\n| **[iam-lint](https://github.com/xen0l/iam-lint)** | Github action for linting AWS IAM policy documents for correctness and possible security issues |[![stars](https://badgen.net/github/stars/xen0l/iam-lint)](https://badgen.net/github/stars/xen0l/iam-lint) | [![contributors](https://badgen.net/github/contributors/xen0l/iam-lint)](https://badgen.net/github/contributors/xen0l/iam-lint) [![watchers](https://badgen.net/github/watchers/xen0l/iam-lint)](https://badgen.net/github/watchers/xen0l/iam-lint) [![last-commit](https://badgen.net/github/last-commit/xen0l/iam-lint)](https://badgen.net/github/last-commit/xen0l/iam-lint) [![open-issues](https://badgen.net/github/open-issues/xen0l/iam-lint)](https://badgen.net/github/open-issues/xen0l/iam-lint) [![closed-issues](https://badgen.net/github/closed-issues/xen0l/iam-lint)](https://badgen.net/github/closed-issues/xen0l/iam-lint) |\n| **[Regula](https://github.com/fugue/regula)** | Regula checks Terraform for AWS security and compliance using Open Policy Agent/Rego | [![stars](https://badgen.net/github/stars/fugue/regula)](https://badgen.net/github/stars/fugue/regula) | [![contributors](https://badgen.net/github/contributors/fugue/regula)](https://badgen.net/github/contributors/fugue/regula) [![watchers](https://badgen.net/github/watchers/fugue/regula)](https://badgen.net/github/watchers/fugue/regula) [![last-commit](https://badgen.net/github/last-commit/fugue/regula)](https://badgen.net/github/last-commit/fugue/regula) [![open-issues](https://badgen.net/github/open-issues/fugue/regula)](https://badgen.net/github/open-issues/fugue/regula) [![closed-issues](https://badgen.net/github/closed-issues/fugue/regula)](https://badgen.net/github/closed-issues/fugue/regula) |\n| **[whispers](https://github.com/Skyscanner/whispers)** | Identify hardcoded secrets and dangerous behaviours | [![stars](https://badgen.net/github/stars/Skyscanner/whispers)](https://badgen.net/github/stars/Skyscanner/whispers) | [![contributors](https://badgen.net/github/contributors/Skyscanner/whispers)](https://badgen.net/github/contributors/Skyscanner/whispers) [![watchers](https://badgen.net/github/watchers/Skyscanner/whispers)](https://badgen.net/github/watchers/Skyscanner/whispers) [![last-commit](https://badgen.net/github/last-commit/Skyscanner/whispers)](https://badgen.net/github/last-commit/Skyscanner/whispers) [![open-issues](https://badgen.net/github/open-issues/Skyscanner/whispers)](https://badgen.net/github/open-issues/Skyscanner/whispers) [![closed-issues](https://badgen.net/github/closed-issues/Skyscanner/whispers)](https://badgen.net/github/closed-issues/Skyscanner/whispers) |\n| **[cloudformation-guard](https://github.com/aws-cloudformation/cloudformation-guard)** | A set of tools to check AWS CloudFormation templates for policy compliance using a simple, policy-as-code, declarative syntax. | [![stars](https://badgen.net/github/stars/aws-cloudformation/cloudformation-guard)](https://badgen.net/github/stars/aws-cloudformation/cloudformation-guard) | [![contributors](https://badgen.net/github/contributors/aws-cloudformation/cloudformation-guard)](https://badgen.net/github/contributors/aws-cloudformation/cloudformation-guard) [![watchers](https://badgen.net/github/watchers/aws-cloudformation/cloudformation-guard)](https://badgen.net/github/watchers/aws-cloudformation/cloudformation-guard) [![last-commit](https://badgen.net/github/last-commit/aws-cloudformation/cloudformation-guard)](https://badgen.net/github/last-commit/aws-cloudformation/cloudformation-guard) [![open-issues](https://badgen.net/github/open-issues/aws-cloudformation/cloudformation-guard)](https://badgen.net/github/open-issues/aws-cloudformation/cloudformation-guard) [![closed-issues](https://badgen.net/github/closed-issues/aws-cloudformation/cloudformation-guard)](https://badgen.net/github/closed-issues/aws-cloudformation/cloudformation-guard) |\n| **[IAMFinder](https://github.com/prisma-cloud/IAMFinder)** | Enumerates and finds users and IAM roles in a target AWS account | [![stars](https://badgen.net/github/stars/prisma-cloud/IAMFinder)](https://badgen.net/github/stars/prisma-cloud/IAMFinder)| [![contributors](https://badgen.net/github/contributors/prisma-cloud/IAMFinder)](https://badgen.net/github/contributors/prisma-cloud/IAMFinder) [![watchers](https://badgen.net/github/watchers/prisma-cloud/IAMFinder)](https://badgen.net/github/watchers/prisma-cloud/IAMFinder) [![last-commit](https://badgen.net/github/last-commit/prisma-cloud/IAMFinder)](https://badgen.net/github/last-commit/prisma-cloud/IAMFinder) [![open-issues](https://badgen.net/github/open-issues/prisma-cloud/IAMFinder)](https://badgen.net/github/open-issues/prisma-cloud/IAMFinder) [![closed-issues](https://badgen.net/github/closed-issues/prisma-cloud/IAMFinder)](https://badgen.net/github/closed-issues/prisma-cloud/IAMFinder) |\n| **[iamlive](https://github.com/iann0036/iamlive)** | Generate a basic IAM policy from AWS client-side monitoring (CSM) | [![stars](https://badgen.net/github/stars/iann0036/iamlive)](https://badgen.net/github/stars/iann0036/iamlive) | [![contributors](https://badgen.net/github/contributors/iann0036/iamlive)](https://badgen.net/github/contributors/iann0036/iamlive) [![watchers](https://badgen.net/github/watchers/iann0036/iamlive)](https://badgen.net/github/watchers/iann0036/iamlive) [![last-commit](https://badgen.net/github/last-commit/iann0036/iamlive)](https://badgen.net/github/last-commit/iann0036/iamlive) [![open-issues](https://badgen.net/github/open-issues/iann0036/iamlive)](https://badgen.net/github/open-issues/iann0036/iamlive) [![closed-issues](https://badgen.net/github/closed-issues/iann0036/iamlive)](https://badgen.net/github/closed-issues/iann0036/iamlive) |\n| **[aws-allowlister](https://github.com/salesforce/aws-allowlister)** | Automatically compile an AWS Service Control Policy that ONLY allows AWS services that are compliant with your preferred compliance frameworks. | [![stars](https://badgen.net/github/stars/salesforce/aws-allowlister)](https://badgen.net/github/stars/salesforce/aws-allowlister) | [![contributors](https://badgen.net/github/contributors/salesforce/aws-allowlister)](https://badgen.net/github/contributors/salesforce/aws-allowlister) [![watchers](https://badgen.net/github/watchers/salesforce/aws-allowlister)](https://badgen.net/github/watchers/salesforce/aws-allowlister) [![last-commit](https://badgen.net/github/last-commit/salesforce/aws-allowlister)](https://badgen.net/github/last-commit/salesforce/aws-allowlister) [![open-issues](https://badgen.net/github/open-issues/salesforce/aws-allowlister)](https://badgen.net/github/open-issues/salesforce/aws-allowlister) [![closed-issues](https://badgen.net/github/closed-issues/salesforce/aws-allowlister)](https://badgen.net/github/closed-issues/salesforce/aws-allowlister) |\n| **[Leapp](https://github.com/Noovolari/leapp)** | Cross-platform app for managing AWS credentials programmatically, based on Electron |[![stars](https://badgen.net/github/stars/Noovolari/leapp)](https://badgen.net/github/stars/Noovolari/leapp)| [![contributors](https://badgen.net/github/contributors/Noovolari/leapp)](https://badgen.net/github/contributors/Noovolari/leapp)[![watchers](https://badgen.net/github/watchers/Noovolari/leapp)](https://badgen.net/github/watchers/Noovolari/leapp)[![last-commit](https://badgen.net/github/last-commit/Noovolari/leapp)](https://badgen.net/github/last-commit/Noovolari/leapp) [![open-issues](https://badgen.net/github/open-issues/Noovolari/leapp)](https://badgen.net/github/open-issues/Noovolari/leapp) [![closed-issues](https://badgen.net/github/closed-issues/Noovolari/leapp)](https://badgen.net/github/closed-issues/Noovolari/leapp) |\n| **[KICS](https://github.com/Checkmarx/kics)** | Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code |[![stars](https://badgen.net/github/stars/Checkmarx/kics)](https://badgen.net/github/stars/Checkmarx/kics)| [![contributors](https://badgen.net/github/contributors/Checkmarx/kics)](https://badgen.net/github/contributors/Checkmarx/kics)[![watchers](https://badgen.net/github/watchers/Checkmarx/kics)](https://badgen.net/github/watchers/Checkmarx/kics)[![last-commit](https://badgen.net/github/last-commit/Checkmarx/kics)](https://badgen.net/github/last-commit/Checkmarx/kics) [![open-issues](https://badgen.net/github/open-issues/Checkmarx/kics)](https://badgen.net/github/open-issues/Checkmarx/kics) [![closed-issues](https://badgen.net/github/closed-issues/Checkmarx/kics)](https://badgen.net/github/closed-issues/Checkmarx/kics) |\n| **[SecurityHub CIS Compliance Automator](https://github.com/NickTheSecurityDude/AWS-SecurityHub-CIS-Compliance-Automation)** | Automatically configure your AWS Account to meet 95% of the 200+ controls for CIS Compliance, PCI DSS Compliance and AWS Security Best Practice |[![stars](https://badgen.net/github/stars/NickTheSecurityDude/AWS-SecurityHub-CIS-Compliance-Automation)](https://badgen.net/github/stars/NickTheSecurityDude/AWS-SecurityHub-CIS-Compliance-Automation)| [![contributors](https://badgen.net/github/contributors/NickTheSecurityDude/AWS-SecurityHub-CIS-Compliance-Automation)](https://badgen.net/github/contributors/NickTheSecurityDude/AWS-SecurityHub-CIS-Compliance-Automation)[![watchers](https://badgen.net/github/watchers/NickTheSecurityDude/AWS-SecurityHub-CIS-Compliance-Automation)](https://badgen.net/github/watchers/NickTheSecurityDude/AWS-SecurityHub-CIS-Compliance-Automation)[![last-commit](https://badgen.net/github/last-commit/NickTheSecurityDude/AWS-SecurityHub-CIS-Compliance-Automation)](https://badgen.net/github/last-commit/NickTheSecurityDude/AWS-SecurityHub-CIS-Compliance-Automation) [![open-issues](https://badgen.net/github/open-issues/NickTheSecurityDude/AWS-SecurityHub-CIS-Compliance-Automation)](https://badgen.net/github/open-issues/NickTheSecurityDude/AWS-SecurityHub-CIS-Compliance-Automation) [![closed-issues](https://badgen.net/github/closed-issues/NickTheSecurityDude/AWS-SecurityHub-CIS-Compliance-Automation)](https://badgen.net/github/closed-issues/NickTheSecurityDude/AWS-SecurityHub-CIS-Compliance-Automation) |\n| **[SCPkit](https://github.com/aquia-inc/scpkit)** | A SCP management tool that helps condense policies |[![stars](https://badgen.net/github/stars/aquia-inc/scpkit)](https://badgen.net/github/stars/aquia-inc/scpkit)| [![contributors](https://badgen.net/github/contributors/aquia-inc/scpkit)](https://badgen.net/github/contributors/aquia-inc/scpkit)[![watchers](https://badgen.net/github/watchers/aquia-inc/scpkit)](https://badgen.net/github/watchers/aquia-inc/scpkit)[![last-commit](https://badgen.net/github/last-commit/aquia-inc/scpkit)](https://badgen.net/github/last-commit/aquia-inc/scpkit) [![open-issues](https://badgen.net/github/open-issues/aquia-inc/scpkit)](https://badgen.net/github/open-issues/aquia-inc/scpkit) [![closed-issues](https://badgen.net/github/closed-issues/aquia-inc/scpkit)](https://badgen.net/github/closed-issues/aquia-inc/scpkit) |\n| **[Codemodder](https://github.com/pixee/codemodder-java)** | A pluggable framework for building expressive codemods. Use Codemodder when you need more than a linter or code formatting tool. Use it to fix non-trivial security issues and other code quality problems |[![stars](https://badgen.net/github/stars/pixee/codemodder-java)](https://badgen.net/github/stars/pixee/codemodder-java) |[![contributors](https://badgen.net/github/contributors/pixee/codemodder-java)](https://badgen.net/github/stars/pixee/codemodder-java) [![watchers](https://badgen.net/github/watchers/pixee/codemodder-java)](https://badgen.net/github/watchers/pixee/codemodder-java) [![last-commit](https://badgen.net/github/last-commit/pixee/codemodder-java)](https://badgen.net/github/last-commit/pixee/codemodder-java) [![open-issues](https://badgen.net/github/open-issues/pixee/codemodder-java)](https://badgen.net/github/open-issues/pixee/codemodder-java) [![closed-issues](https://badgen.net/github/closed-issues/pixee/codemodder-java)](https://badgen.net/github/closed-issues/pixee/codemodder-java) |\n\n## S3 Buckets Auditing\n| Name | Description | Popularity | Metadata |\n| ---------- | :---------- | :----------: | :----------: |\n| **[mass3](https://github.com/smiegles/mass3)** | enumerate through a pre-compiled list of AWS S3 buckets using DNS instead of HTTP with a list of DNS resolvers and multi-threading |[![stars](https://badgen.net/github/stars/smiegles/mass3)](https://badgen.net/github/stars/smiegles/mass3)| [![contributors](https://badgen.net/github/contributors/smiegles/mass3)](https://badgen.net/github/contributors/smiegles/mass3)[![watchers](https://badgen.net/github/watchers/smiegles/mass3)](https://badgen.net/github/watchers/smiegles/mass3)[![last-commit](https://badgen.net/github/last-commit/smiegles/mass3)](https://badgen.net/github/last-commit/smiegles/mass3) [![open-issues](https://badgen.net/github/open-issues/smiegles/mass3)](https://badgen.net/github/open-issues/smiegles/mass3) [![closed-issues](https://badgen.net/github/closed-issues/smiegles/mass3)](https://badgen.net/github/closed-issues/smiegles/mass3) |\n| **[teh_s3_bucketeers](https://github.com/tomdev/teh_s3_bucketeers)** |  |[![stars](https://badgen.net/github/stars/tomdev/teh_s3_bucketeers)](https://badgen.net/github/stars/tomdev/teh_s3_bucketeers)| [![contributors](https://badgen.net/github/contributors/tomdev/teh_s3_bucketeers)](https://badgen.net/github/contributors/tomdev/teh_s3_bucketeers)[![watchers](https://badgen.net/github/watchers/tomdev/teh_s3_bucketeers)](https://badgen.net/github/watchers/tomdev/teh_s3_bucketeers)[![last-commit](https://badgen.net/github/last-commit/tomdev/teh_s3_bucketeers)](https://badgen.net/github/last-commit/tomdev/teh_s3_bucketeers) [![open-issues](https://badgen.net/github/open-issues/tomdev/teh_s3_bucketeers)](https://badgen.net/github/open-issues/tomdev/teh_s3_bucketeers) [![closed-issues](https://badgen.net/github/closed-issues/tomdev/teh_s3_bucketeers)](https://badgen.net/github/closed-issues/tomdev/teh_s3_bucketeers) |\n| **[bucket-stream](https://github.com/eth0izzle/bucket-stream)** | Find interesting Amazon S3 Buckets by watching certificate transparency logs |[![stars](https://badgen.net/github/stars/eth0izzle/bucket-stream)](https://badgen.net/github/stars/eth0izzle/bucket-stream)| [![contributors](https://badgen.net/github/contributors/eth0izzle/bucket-stream)](https://badgen.net/github/contributors/eth0izzle/bucket-stream)[![watchers](https://badgen.net/github/watchers/eth0izzle/bucket-stream)](https://badgen.net/github/watchers/eth0izzle/bucket-stream)[![last-commit](https://badgen.net/github/last-commit/eth0izzle/bucket-stream)](https://badgen.net/github/last-commit/eth0izzle/bucket-stream) [![open-issues](https://badgen.net/github/open-issues/eth0izzle/bucket-stream)](https://badgen.net/github/open-issues/eth0izzle/bucket-stream) [![closed-issues](https://badgen.net/github/closed-issues/eth0izzle/bucket-stream)](https://badgen.net/github/closed-issues/eth0izzle/bucket-stream) |\n| **[s3-buckets-finder](https://github.com/gwen001/s3-buckets-finder)** | brute force Amazon S3 bucket |[![stars](https://badgen.net/github/stars/gwen001/s3-buckets-finder)](https://badgen.net/github/stars/gwen001/s3-buckets-finder)| [![contributors](https://badgen.net/github/contributors/gwen001/s3-buckets-finder)](https://badgen.net/github/contributors/gwen001/s3-buckets-finder)[![watchers](https://badgen.net/github/watchers/gwen001/s3-buckets-finder)](https://badgen.net/github/watchers/gwen001/s3-buckets-finder)[![last-commit](https://badgen.net/github/last-commit/gwen001/s3-buckets-finder)](https://badgen.net/github/last-commit/gwen001/s3-buckets-finder) [![open-issues](https://badgen.net/github/open-issues/gwen001/s3-buckets-finder)](https://badgen.net/github/open-issues/gwen001/s3-buckets-finder) [![closed-issues](https://badgen.net/github/closed-issues/gwen001/s3-buckets-finder)](https://badgen.net/github/closed-issues/gwen001/s3-buckets-finder) |\n| **[s3find](https://github.com/aaparmeggiani/s3find)** | find S3 public buckets |[![stars](https://badgen.net/github/stars/aaparmeggiani/s3find)](https://badgen.net/github/stars/aaparmeggiani/s3find)| [![contributors](https://badgen.net/github/contributors/aaparmeggiani/s3find)](https://badgen.net/github/contributors/aaparmeggiani/s3find)[![watchers](https://badgen.net/github/watchers/aaparmeggiani/s3find)](https://badgen.net/github/watchers/aaparmeggiani/s3find)[![last-commit](https://badgen.net/github/last-commit/aaparmeggiani/s3find)](https://badgen.net/github/last-commit/aaparmeggiani/s3find) [![open-issues](https://badgen.net/github/open-issues/aaparmeggiani/s3find)](https://badgen.net/github/open-issues/aaparmeggiani/s3find) [![closed-issues](https://badgen.net/github/closed-issues/aaparmeggiani/s3find)](https://badgen.net/github/closed-issues/aaparmeggiani/s3find) |\n| **[slurp-robbie](https://github.com/random-robbie/slurp)** | Enumerate S3 buckets via certstream, domain, or keywords  |[![stars](https://badgen.net/github/stars/random-robbie/slurp)](https://badgen.net/github/stars/random-robbie/slurp)| [![contributors](https://badgen.net/github/contributors/random-robbie/slurp)](https://badgen.net/github/contributors/random-robbie/slurp)[![watchers](https://badgen.net/github/watchers/random-robbie/slurp)](https://badgen.net/github/watchers/random-robbie/slurp)[![last-commit](https://badgen.net/github/last-commit/random-robbie/slurp)](https://badgen.net/github/last-commit/random-robbie/slurp) [![open-issues](https://badgen.net/github/open-issues/random-robbie/slurp)](https://badgen.net/github/open-issues/random-robbie/slurp) [![closed-issues](https://badgen.net/github/closed-issues/random-robbie/slurp)](https://badgen.net/github/closed-issues/random-robbie/slurp) |\n| **[s3-inspector](https://github.com/clario-tech/s3-inspector)** | check AWS S3 bucket permissions |[![stars](https://badgen.net/github/stars/clario-tech/s3-inspector)](https://badgen.net/github/stars/clario-tech/s3-inspector)| [![contributors](https://badgen.net/github/contributors/clario-tech/s3-inspector)](https://badgen.net/github/contributors/clario-tech/s3-inspector)[![watchers](https://badgen.net/github/watchers/clario-tech/s3-inspector)](https://badgen.net/github/watchers/clario-tech/s3-inspector)[![last-commit](https://badgen.net/github/last-commit/clario-tech/s3-inspector)](https://badgen.net/github/last-commit/clario-tech/s3-inspector) [![open-issues](https://badgen.net/github/open-issues/clario-tech/s3-inspector)](https://badgen.net/github/open-issues/clario-tech/s3-inspector) [![closed-issues](https://badgen.net/github/closed-issues/clario-tech/s3-inspector)](https://badgen.net/github/closed-issues/clario-tech/s3-inspector) |\n| **[s3-fuzzer](https://github.com/pbnj/s3-fuzzer)** |  |[![stars](https://badgen.net/github/stars/pbnj/s3-fuzzer)](https://badgen.net/github/stars/pbnj/s3-fuzzer)| [![contributors](https://badgen.net/github/contributors/pbnj/s3-fuzzer)](https://badgen.net/github/contributors/pbnj/s3-fuzzer)[![watchers](https://badgen.net/github/watchers/pbnj/s3-fuzzer)](https://badgen.net/github/watchers/pbnj/s3-fuzzer)[![last-commit](https://badgen.net/github/last-commit/pbnj/s3-fuzzer)](https://badgen.net/github/last-commit/pbnj/s3-fuzzer) [![open-issues](https://badgen.net/github/open-issues/pbnj/s3-fuzzer)](https://badgen.net/github/open-issues/pbnj/s3-fuzzer) [![closed-issues](https://badgen.net/github/closed-issues/pbnj/s3-fuzzer)](https://badgen.net/github/closed-issues/pbnj/s3-fuzzer) |\n| **[AWSBucketDump](https://github.com/jordanpotti/AWSBucketDump)** | Look For Interesting Files in S3 Buckets  |[![stars](https://badgen.net/github/stars/jordanpotti/AWSBucketDump)](https://badgen.net/github/stars/jordanpotti/AWSBucketDump)| [![contributors](https://badgen.net/github/contributors/jordanpotti/AWSBucketDump)](https://badgen.net/github/contributors/jordanpotti/AWSBucketDump)[![watchers](https://badgen.net/github/watchers/jordanpotti/AWSBucketDump)](https://badgen.net/github/watchers/jordanpotti/AWSBucketDump)[![last-commit](https://badgen.net/github/last-commit/jordanpotti/AWSBucketDump)](https://badgen.net/github/last-commit/jordanpotti/AWSBucketDump) [![open-issues](https://badgen.net/github/open-issues/jordanpotti/AWSBucketDump)](https://badgen.net/github/open-issues/jordanpotti/AWSBucketDump) [![closed-issues](https://badgen.net/github/closed-issues/jordanpotti/AWSBucketDump)](https://badgen.net/github/closed-issues/jordanpotti/AWSBucketDump) |\n| **[s3scan](https://github.com/bear/s3scan)** | scan s3 buckets for security issues  |[![stars](https://badgen.net/github/stars/bear/s3scan)](https://badgen.net/github/stars/bear/s3scan)| [![contributors](https://badgen.net/github/contributors/bear/s3scan)](https://badgen.net/github/contributors/bear/s3scan)[![watchers](https://badgen.net/github/watchers/bear/s3scan)](https://badgen.net/github/watchers/bear/s3scan)[![last-commit](https://badgen.net/github/last-commit/bear/s3scan)](https://badgen.net/github/last-commit/bear/s3scan) [![open-issues](https://badgen.net/github/open-issues/bear/s3scan)](https://badgen.net/github/open-issues/bear/s3scan) [![closed-issues](https://badgen.net/github/closed-issues/bear/s3scan)](https://badgen.net/github/closed-issues/bear/s3scan) |\n| **[S3Scanner](https://github.com/sa7mon/S3Scanner)** | Scan for open AWS S3 buckets and dump the contents  |[![stars](https://badgen.net/github/stars/sa7mon/S3Scanner)](https://badgen.net/github/stars/sa7mon/S3Scanner)| [![contributors](https://badgen.net/github/contributors/sa7mon/S3Scanner)](https://badgen.net/github/contributors/sa7mon/S3Scanner)[![watchers](https://badgen.net/github/watchers/sa7mon/S3Scanner)](https://badgen.net/github/watchers/sa7mon/S3Scanner)[![last-commit](https://badgen.net/github/last-commit/sa7mon/S3Scanner)](https://badgen.net/github/last-commit/sa7mon/S3Scanner) [![open-issues](https://badgen.net/github/open-issues/sa7mon/S3Scanner)](https://badgen.net/github/open-issues/sa7mon/S3Scanner) [![closed-issues](https://badgen.net/github/closed-issues/sa7mon/S3Scanner)](https://badgen.net/github/closed-issues/sa7mon/S3Scanner) |\n| **[s3finder](https://github.com/magisterquis/s3finder)** | open S3 bucket finder  |[![stars](https://badgen.net/github/stars/magisterquis/s3finder)](https://badgen.net/github/stars/magisterquis/s3finder)| [![contributors](https://badgen.net/github/contributors/magisterquis/s3finder)](https://badgen.net/github/contributors/magisterquis/s3finder)[![watchers](https://badgen.net/github/watchers/magisterquis/s3finder)](https://badgen.net/github/watchers/magisterquis/s3finder)[![last-commit](https://badgen.net/github/last-commit/magisterquis/s3finder)](https://badgen.net/github/last-commit/magisterquis/s3finder) [![open-issues](https://badgen.net/github/open-issues/magisterquis/s3finder)](https://badgen.net/github/open-issues/magisterquis/s3finder) [![closed-issues](https://badgen.net/github/closed-issues/magisterquis/s3finder)](https://badgen.net/github/closed-issues/magisterquis/s3finder) |\n| **[S3Scan](https://github.com/abhn/S3Scan)** | spider a website and find publicly open S3 buckets |[![stars](https://badgen.net/github/stars/abhn/S3Scan)](https://badgen.net/github/stars/abhn/S3Scan)| [![contributors](https://badgen.net/github/contributors/abhn/S3Scan)](https://badgen.net/github/contributors/abhn/S3Scan)[![watchers](https://badgen.net/github/watchers/abhn/S3Scan)](https://badgen.net/github/watchers/abhn/S3Scan)[![last-commit](https://badgen.net/github/last-commit/abhn/S3Scan)](https://badgen.net/github/last-commit/abhn/S3Scan) [![open-issues](https://badgen.net/github/open-issues/abhn/S3Scan)](https://badgen.net/github/open-issues/abhn/S3Scan) [![closed-issues](https://badgen.net/github/closed-issues/abhn/S3Scan)](https://badgen.net/github/closed-issues/abhn/S3Scan) |\n| **[s3-meta](https://github.com/whitfin/s3-meta)** | Gather metadata about your S3 buckets |[![stars](https://badgen.net/github/stars/whitfin/s3-meta)](https://badgen.net/github/stars/whitfin/s3-meta)| [![contributors](https://badgen.net/github/contributors/whitfin/s3-meta)](https://badgen.net/github/contributors/whitfin/s3-meta)[![watchers](https://badgen.net/github/watchers/whitfin/s3-meta)](https://badgen.net/github/watchers/whitfin/s3-meta)[![last-commit](https://badgen.net/github/last-commit/whitfin/s3-meta)](https://badgen.net/github/last-commit/whitfin/s3-meta) [![open-issues](https://badgen.net/github/open-issues/whitfin/s3-meta)](https://badgen.net/github/open-issues/whitfin/s3-meta) [![closed-issues](https://badgen.net/github/closed-issues/whitfin/s3-meta)](https://badgen.net/github/closed-issues/whitfin/s3-meta) |\n| **[s3-utils](https://github.com/whitfin/s3-utils)** |  Utilities and tools based around Amazon S3 to provide convenience APIs in a CLI |[![stars](https://badgen.net/github/stars/whitfin/s3-utils)](https://badgen.net/github/stars/whitfin/s3-utils)| [![contributors](https://badgen.net/github/contributors/whitfin/s3-utils)](https://badgen.net/github/contributors/whitfin/s3-utils)[![watchers](https://badgen.net/github/watchers/whitfin/s3-utils)](https://badgen.net/github/watchers/whitfin/s3-utils)[![last-commit](https://badgen.net/github/last-commit/whitfin/s3-utils)](https://badgen.net/github/last-commit/whitfin/s3-utils) [![open-issues](https://badgen.net/github/open-issues/whitfin/s3-utils)](https://badgen.net/github/open-issues/whitfin/s3-utils) [![closed-issues](https://badgen.net/github/closed-issues/whitfin/s3-utils)](https://badgen.net/github/closed-issues/whitfin/s3-utils) |\n| **[S3PublicBucketsCheck](https://github.com/vr00n/Amazon-Web-Shenanigans)** | A lambda function that checks your account for Public buckets and emails you whenever a new public s3 bucket is created |[![stars](https://badgen.net/github/stars/vr00n/Amazon-Web-Shenanigans)](https://badgen.net/github/stars/vr00n/Amazon-Web-Shenanigans)| [![contributors](https://badgen.net/github/contributors/vr00n/Amazon-Web-Shenanigans)](https://badgen.net/github/contributors/vr00n/Amazon-Web-Shenanigans)[![watchers](https://badgen.net/github/watchers/vr00n/Amazon-Web-Shenanigans)](https://badgen.net/github/watchers/vr00n/Amazon-Web-Shenanigans)[![last-commit](https://badgen.net/github/last-commit/vr00n/Amazon-Web-Shenanigans)](https://badgen.net/github/last-commit/vr00n/Amazon-Web-Shenanigans) [![open-issues](https://badgen.net/github/open-issues/vr00n/Amazon-Web-Shenanigans)](https://badgen.net/github/open-issues/vr00n/Amazon-Web-Shenanigans) [![closed-issues](https://badgen.net/github/closed-issues/vr00n/Amazon-Web-Shenanigans)](https://badgen.net/github/closed-issues/vr00n/Amazon-Web-Shenanigans) |\n| **[bucket_finder](https://github.com/FishermansEnemy/bucket_finder)** | Amazon bucket brute force tool  |[![stars](https://badgen.net/github/stars/FishermansEnemy/bucket_finder)](https://badgen.net/github/stars/FishermansEnemy/bucket_finder)| [![contributors](https://badgen.net/github/contributors/FishermansEnemy/bucket_finder)](https://badgen.net/github/contributors/FishermansEnemy/bucket_finder)[![watchers](https://badgen.net/github/watchers/FishermansEnemy/bucket_finder)](https://badgen.net/github/watchers/FishermansEnemy/bucket_finder)[![last-commit](https://badgen.net/github/last-commit/FishermansEnemy/bucket_finder)](https://badgen.net/github/last-commit/FishermansEnemy/bucket_finder) [![open-issues](https://badgen.net/github/open-issues/FishermansEnemy/bucket_finder)](https://badgen.net/github/open-issues/FishermansEnemy/bucket_finder) [![closed-issues](https://badgen.net/github/closed-issues/FishermansEnemy/bucket_finder)](https://badgen.net/github/closed-issues/FishermansEnemy/bucket_finder) |\n| **[inSp3ctor](https://github.com/brianwarehime/inSp3ctor)** | AWS S3 Bucket/Object Finder  |[![stars](https://badgen.net/github/stars/brianwarehime/inSp3ctor)](https://badgen.net/github/stars/brianwarehime/inSp3ctor)| [![contributors](https://badgen.net/github/contributors/brianwarehime/inSp3ctor)](https://badgen.net/github/contributors/brianwarehime/inSp3ctor)[![watchers](https://badgen.net/github/watchers/brianwarehime/inSp3ctor)](https://badgen.net/github/watchers/brianwarehime/inSp3ctor)[![last-commit](https://badgen.net/github/last-commit/brianwarehime/inSp3ctor)](https://badgen.net/github/last-commit/brianwarehime/inSp3ctor) [![open-issues](https://badgen.net/github/open-issues/brianwarehime/inSp3ctor)](https://badgen.net/github/open-issues/brianwarehime/inSp3ctor) [![closed-issues](https://badgen.net/github/closed-issues/brianwarehime/inSp3ctor)](https://badgen.net/github/closed-issues/brianwarehime/inSp3ctor) |\n| **[bucketcat](https://github.com/Atticuss/bucketcat)** | Brute-forces objects within a given bucket using Hashcat mask-like syntax |[![stars](https://badgen.net/github/stars/Atticuss/bucketcat)](https://badgen.net/github/stars/Atticuss/bucketcat)| [![contributors](https://badgen.net/github/contributors/Atticuss/bucketcat)](https://badgen.net/github/contributors/Atticuss/bucketcat)[![watchers](https://badgen.net/github/watchers/Atticuss/bucketcat)](https://badgen.net/github/watchers/Atticuss/bucketcat)[![last-commit](https://badgen.net/github/last-commit/Atticuss/bucketcat)](https://badgen.net/github/last-commit/Atticuss/bucketcat) [![open-issues](https://badgen.net/github/open-issues/Atticuss/bucketcat)](https://badgen.net/github/open-issues/Atticuss/bucketcat) [![closed-issues](https://badgen.net/github/closed-issues/Atticuss/bucketcat)](https://badgen.net/github/closed-issues/Atticuss/bucketcat) |\n| **[aws-s3-data-finder](https://github.com/Ucnt/aws-s3-data-finder)** | AWS S3 Sensitive Data Search |[![stars](https://badgen.net/github/stars/Ucnt/aws-s3-data-finder)](https://badgen.net/github/stars/Ucnt/aws-s3-data-finder)| [![contributors](https://badgen.net/github/contributors/Ucnt/aws-s3-data-finder)](https://badgen.net/github/contributors/Ucnt/aws-s3-data-finder)[![watchers](https://badgen.net/github/watchers/Ucnt/aws-s3-data-finder)](https://badgen.net/github/watchers/Ucnt/aws-s3-data-finder)[![last-commit](https://badgen.net/github/last-commit/Ucnt/aws-s3-data-finder)](https://badgen.net/github/last-commit/Ucnt/aws-s3-data-finder) [![open-issues](https://badgen.net/github/open-issues/Ucnt/aws-s3-data-finder)](https://badgen.net/github/open-issues/Ucnt/aws-s3-data-finder) [![closed-issues](https://badgen.net/github/closed-issues/Ucnt/aws-s3-data-finder)](https://badgen.net/github/closed-issues/Ucnt/aws-s3-data-finder) |\n| **[lazys3](https://github.com/nahamsec/lazys3)** | bruteforce AWS s3 buckets using different permutations |[![stars](https://badgen.net/github/stars/nahamsec/lazys3)](https://badgen.net/github/stars/nahamsec/lazys3)| [![contributors](https://badgen.net/github/contributors/nahamsec/lazys3)](https://badgen.net/github/contributors/nahamsec/lazys3)[![watchers](https://badgen.net/github/watchers/nahamsec/lazys3)](https://badgen.net/github/watchers/nahamsec/lazys3)[![last-commit](https://badgen.net/github/last-commit/nahamsec/lazys3)](https://badgen.net/github/last-commit/nahamsec/lazys3) [![open-issues](https://badgen.net/github/open-issues/nahamsec/lazys3)](https://badgen.net/github/open-issues/nahamsec/lazys3) [![closed-issues](https://badgen.net/github/closed-issues/nahamsec/lazys3)](https://badgen.net/github/closed-issues/nahamsec/lazys3) |\n| **[BucketScanner](https://github.com/securing/BucketScanner)** | Test objects' permissions in AWS buckets |[![stars](https://badgen.net/github/stars/securing/BucketScanner)](https://badgen.net/github/stars/securing/BucketScanner)| [![contributors](https://badgen.net/github/contributors/securing/BucketScanner)](https://badgen.net/github/contributors/securing/BucketScanner)[![watchers](https://badgen.net/github/watchers/securing/BucketScanner)](https://badgen.net/github/watchers/securing/BucketScanner)[![last-commit](https://badgen.net/github/last-commit/securing/BucketScanner)](https://badgen.net/github/last-commit/securing/BucketScanner) [![open-issues](https://badgen.net/github/open-issues/securing/BucketScanner)](https://badgen.net/github/open-issues/securing/BucketScanner) [![closed-issues](https://badgen.net/github/closed-issues/securing/BucketScanner)](https://badgen.net/github/closed-issues/securing/BucketScanner) |\n| **[aws-externder-cli](https://github.com/VirtueSecurity/aws-extender-cli)** | Test S3 buckets as well as Google Storage buckets and Azure Storage containers to find interesting files |[![stars](https://badgen.net/github/stars/VirtueSecurity/aws-extender-cli)](https://badgen.net/github/stars/VirtueSecurity/aws-extender-cli)| [![contributors](https://badgen.net/github/contributors/VirtueSecurity/aws-extender-cli)](https://badgen.net/github/contributors/VirtueSecurity/aws-extender-cli)[![watchers](https://badgen.net/github/watchers/VirtueSecurity/aws-extender-cli)](https://badgen.net/github/watchers/VirtueSecurity/aws-extender-cli)[![last-commit](https://badgen.net/github/last-commit/VirtueSecurity/aws-extender-cli)](https://badgen.net/github/last-commit/VirtueSecurity/aws-extender-cli) [![open-issues](https://badgen.net/github/open-issues/VirtueSecurity/aws-extender-cli)](https://badgen.net/github/open-issues/VirtueSecurity/aws-extender-cli) [![closed-issues](https://badgen.net/github/closed-issues/VirtueSecurity/aws-extender-cli)](https://badgen.net/github/closed-issues/VirtueSecurity/aws-extender-cli) |\n| **[festin](https://github.com/cr0hn/festin)** | S3 bucket weakness discovery | [![stars](https://badgen.net/github/stars/cr0hn/festin)](https://badgen.net/github/stars/cr0hn/festin) | [![contributors](https://badgen.net/github/contributors/cr0hn/festin)](https://badgen.net/github/contributors/cr0hn/festin) [![watchers](https://badgen.net/github/watchers/cr0hn/festin)](https://badgen.net/github/watchers/cr0hn/festin) [![last-commit](https://badgen.net/github/last-commit/cr0hn/festin)](https://badgen.net/github/last-commit/cr0hn/festin) [![open-issues](https://badgen.net/github/open-issues/cr0hn/festin)](https://badgen.net/github/open-issues/cr0hn/festin) [![closed-issues](https://badgen.net/github/closed-issues/cr0hn/festin)](https://badgen.net/github/closed-issues/cr0hn/festin) |\n| **[S3Insights](https://github.com/kurmiashish/S3Insights)** | a platform for efficiently deriving security insights about S3 data through metadata analysis  | [![stars](https://badgen.net/github/stars/kurmiashish/S3Insights)](https://badgen.net/github/stars/kurmiashish/S3Insights) | [![contributors](https://badgen.net/github/contributors/kurmiashish/S3Insights)](https://badgen.net/github/contributors/kurmiashish/S3Insights) [![watchers](https://badgen.net/github/watchers/kurmiashish/S3Insights)](https://badgen.net/github/watchers/kurmiashish/S3Insights) [![last-commit](https://badgen.net/github/last-commit/kurmiashish/S3Insights)](https://badgen.net/github/last-commit/kurmiashish/S3Insights) [![open-issues](https://badgen.net/github/open-issues/kurmiashish/S3Insights)](https://badgen.net/github/open-issues/kurmiashish/S3Insights) [![closed-issues](https://badgen.net/github/closed-issues/kurmiashish/S3Insights)](https://badgen.net/github/closed-issues/kurmiashish/S3Insights) |\n| **[s3_objects_check](https://github.com/nccgroup/s3_objects_check)** | Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.  | [![stars](https://badgen.net/github/stars/nccgroup/s3_objects_check)](https://badgen.net/github/stars/nccgroup/s3_objects_check) | [![contributors](https://badgen.net/github/contributors/nccgroup/s3_objects_check)](https://badgen.net/github/contributors/nccgroup/s3_objects_check) [![watchers](https://badgen.net/github/watchers/nccgroup/s3_objects_check)](https://badgen.net/github/watchers/nccgroup/s3_objects_check) [![last-commit](https://badgen.net/github/last-commit/nccgroup/s3_objects_check)](https://badgen.net/github/last-commit/nccgroup/s3_objects_check) [![open-issues](https://badgen.net/github/open-issues/nccgroup/s3_objects_check)](https://badgen.net/github/open-issues/nccgroup/s3_objects_check) [![closed-issues](https://badgen.net/github/closed-issues/nccgroup/s3_objects_check)](https://badgen.net/github/closed-issues/nccgroup/s3_objects_check) |\n| **[s3dns](https://github.com/olizimmermann/s3dns)** | Passive DNS-based discovery of S3 (and other cloud) buckets by resolving CNAMEs and IPs during recon—ideal for stealthy and early identification of cloud storage exposures | [![stars](https://badgen.net/github/stars/olizimmermann/s3dns)](https://badgen.net/github/stars/olizimmermann/s3dns) | [![contributors](https://badgen.net/github/contributors/nccgroup/s3_objects_check)](https://badgen.net/github/contributors/olizimmermann/s3dns) [![watchers](https://badgen.net/github/watchers/olizimmermann/s3dns)](https://badgen.net/github/watchers/olizimmermann/s3dns) [![last-commit](https://badgen.net/github/last-commit/olizimmermann/s3dns)](https://badgen.net/github/last-commit/olizimmermann/s3dns) [![open-issues](https://badgen.net/github/open-issues/olizimmermann/s3dns)](https://badgen.net/github/open-issues/olizimmermann/s3dns) [![closed-issues](https://badgen.net/github/closed-issues/olizimmermann/s3dns)](https://badgen.net/github/closed-issues/olizimmermann/s3dns) |\n\n## Training\n| Name | Description | Popularity | Metadata |\n| ---------- | :---------- | :----------: | :----------: |\n| **[Flaws.cloud](http://flaws.cloud/)** | flAWS challenge to learn through a series of levels about common mistakes and gotchas when using AWS | | | | | |\n| **[Flaws2.cloud](http://flaws2.cloud/)** | flAWS 2 has two paths this time Attacker and Defender! In the Attacker path  you'll exploit your way through misconfigurations in serverless (Lambda) and containers (ECS Fargate). In the Defender path   that target is now viewed as the victim and you'll work as an incident responder for that same app  understanding how an attack happened | | | | | |\n| **[CloudGoat](https://github.com/RhinoSecurityLabs/cloudgoat)** | Vulnerable by Design AWS infrastructure setup tool |[![stars](https://badgen.net/github/stars/RhinoSecurityLabs/cloudgoat)](https://badgen.net/github/stars/RhinoSecurityLabs/cloudgoat)| [![contributors](https://badgen.net/github/contributors/RhinoSecurityLabs/cloudgoat)](https://badgen.net/github/contributors/RhinoSecurityLabs/cloudgoat)[![watchers](https://badgen.net/github/watchers/RhinoSecurityLabs/cloudgoat)](https://badgen.net/github/watchers/RhinoSecurityLabs/cloudgoat)[![last-commit](https://badgen.net/github/last-commit/RhinoSecurityLabs/cloudgoat)](https://badgen.net/github/last-commit/RhinoSecurityLabs/cloudgoat) [![open-issues](https://badgen.net/github/open-issues/RhinoSecurityLabs/cloudgoat)](https://badgen.net/github/open-issues/RhinoSecurityLabs/cloudgoat) [![closed-issues](https://badgen.net/github/closed-issues/RhinoSecurityLabs/cloudgoat)](https://badgen.net/github/closed-issues/RhinoSecurityLabs/cloudgoat) |\n| **[dvca](https://github.com/m6a-UdS/dvca)** | Damn Vulnerable Cloud Application [more info](https://medium.com/poka-techblog/privilege-escalation-in-the-cloud-from-ssrf-to-global-account-administrator-fd943cf5a2f6) |[![stars](https://badgen.net/github/stars/m6a-UdS/dvca)](https://badgen.net/github/stars/m6a-UdS/dvca)| [![contributors](https://badgen.net/github/contributors/m6a-UdS/dvca)](https://badgen.net/github/contributors/m6a-UdS/dvca)[![watchers](https://badgen.net/github/watchers/m6a-UdS/dvca)](https://badgen.net/github/watchers/m6a-UdS/dvca)[![last-commit](https://badgen.net/github/last-commit/m6a-UdS/dvca)](https://badgen.net/github/last-commit/m6a-UdS/dvca) [![open-issues](https://badgen.net/github/open-issues/m6a-UdS/dvca)](https://badgen.net/github/open-issues/m6a-UdS/dvca) [![closed-issues](https://badgen.net/github/closed-issues/m6a-UdS/dvca)](https://badgen.net/github/closed-issues/m6a-UdS/dvca) |\n| **[AWSDetonationLab](https://github.com/sonofagl1tch/AWSDetonationLab)** | Scripts and templates to generate some basic detections of the AWS security services |[![stars](https://badgen.net/github/stars/sonofagl1tch/AWSDetonationLab)](https://badgen.net/github/stars/sonofagl1tch/AWSDetonationLab)| [![contributors](https://badgen.net/github/contributors/sonofagl1tch/AWSDetonationLab)](https://badgen.net/github/contributors/sonofagl1tch/AWSDetonationLab)[![watchers](https://badgen.net/github/watchers/sonofagl1tch/AWSDetonationLab)](https://badgen.net/github/watchers/sonofagl1tch/AWSDetonationLab)[![last-commit](https://badgen.net/github/last-commit/sonofagl1tch/AWSDetonationLab)](https://badgen.net/github/last-commit/sonofagl1tch/AWSDetonationLab) [![open-issues](https://badgen.net/github/open-issues/sonofagl1tch/AWSDetonationLab)](https://badgen.net/github/open-issues/sonofagl1tch/AWSDetonationLab) [![closed-issues](https://badgen.net/github/closed-issues/sonofagl1tch/AWSDetonationLab)](https://badgen.net/github/closed-issues/sonofagl1tch/AWSDetonationLab) |\n| **[OWASPServerlessGoat](https://github.com/OWASP/Serverless-Goat)** | OWASP ServerlessGoat is a deliberately insecure realistic AWS Lambda serverless application  maintained by OWASP for educational purposes. Single click installation through the AWS Serverless Application Repository. |[![stars](https://badgen.net/github/stars/OWASP/Serverless-Goat)](https://badgen.net/github/stars/OWASP/Serverless-Goat)| [![contributors](https://badgen.net/github/contributors/OWASP/Serverless-Goat)](https://badgen.net/github/contributors/OWASP/Serverless-Goat)[![watchers](https://badgen.net/github/watchers/OWASP/Serverless-Goat)](https://badgen.net/github/watchers/OWASP/Serverless-Goat)[![last-commit](https://badgen.net/github/last-commit/OWASP/Serverless-Goat)](https://badgen.net/github/last-commit/OWASP/Serverless-Goat) [![open-issues](https://badgen.net/github/open-issues/OWASP/Serverless-Goat)](https://badgen.net/github/open-issues/OWASP/Serverless-Goat) [![closed-issues](https://badgen.net/github/closed-issues/OWASP/Serverless-Goat)](https://badgen.net/github/closed-issues/OWASP/Serverless-Goat) |\n| **[Sadcloud](https://github.com/nccgroup/sadcloud)** | A tool for spinning up insecure AWS infrastructure with Terraform. It supports approx. 84 misconfigurations across 22 AWS Services.|[![stars](https://badgen.net/github/stars/nccgroup/sadcloud)](https://badgen.net/github/stars/nccgroup/sadcloud)| [![contributors](https://badgen.net/github/contributors/nccgroup/sadcloud)](https://badgen.net/github/contributors/nccgroup/sadcloud)[![watchers](https://badgen.net/github/watchers/nccgroup/sadcloud)](https://badgen.net/github/watchers/nccgroup/sadcloud)[![last-commit](https://badgen.net/github/last-commit/nccgroup/sadcloud)](https://badgen.net/github/last-commit/nccgroup/sadcloud) [![open-issues](https://badgen.net/github/open-issues/nccgroup/sadcloud)](https://badgen.net/github/open-issues/nccgroup/sadcloud) [![closed-issues](https://badgen.net/github/closed-issues/nccgroup/sadcloud)](https://badgen.net/github/closed-issues/nccgroup/sadcloud) |\n| **[BigOrange Actions](https://bigorange.cloud/actions/)** | Paste your IAM Policy and get a list of Actions it can effectively perform | | | | | |\n| **[IncidentResponseGenerator](https://github.com/disruptops/IncidentResponseGenerator)** | Incident response generator for training classes  |[![stars](https://badgen.net/github/stars/disruptops/IncidentResponseGenerator)](https://badgen.net/github/stars/disruptops/IncidentResponseGenerator)| [![contributors](https://badgen.net/github/contributors/disruptops/IncidentResponseGenerator)](https://badgen.net/github/contributors/disruptops/IncidentResponseGenerator)[![watchers](https://badgen.net/github/watchers/disruptops/IncidentResponseGenerator)](https://badgen.net/github/watchers/disruptops/IncidentResponseGenerator)[![last-commit](https://badgen.net/github/last-commit/disruptops/IncidentResponseGenerator)](https://badgen.net/github/last-commit/disruptops/IncidentResponseGenerator) [![open-issues](https://badgen.net/github/open-issues/disruptops/IncidentResponseGenerator)](https://badgen.net/github/open-issues/disruptops/IncidentResponseGenerator) [![closed-issues](https://badgen.net/github/closed-issues/disruptops/IncidentResponseGenerator)](https://badgen.net/github/closed-issues/disruptops/IncidentResponseGenerator) |\n| **[Breaking and Pwning Apps and Servers on AWS and Azure](https://github.com/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training)** | Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training! |[![stars](https://badgen.net/github/stars/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training)](https://badgen.net/github/stars/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training)| [![contributors](https://badgen.net/github/contributors/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training)](https://badgen.net/github/contributors/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training)[![watchers](https://badgen.net/github/watchers/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training)](https://badgen.net/github/watchers/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training)[![last-commit](https://badgen.net/github/last-commit/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training)](https://badgen.net/github/last-commit/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training) [![open-issues](https://badgen.net/github/open-issues/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training)](https://badgen.net/github/open-issues/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training) [![closed-issues](https://badgen.net/github/closed-issues/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training)](https://badgen.net/github/closed-issues/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training) |\n| **[terragoat](https://github.com/bridgecrewio/terragoat)** | \"Vulnerable by Design\" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments. | [![stars](https://badgen.net/github/stars/bridgecrewio/terragoat)](https://badgen.net/github/stars/bridgecrewio/terragoat) | [![contributors](https://badgen.net/github/contributors/bridgecrewio/terragoat)](https://badgen.net/github/contributors/bridgecrewio/terragoat) [![watchers](https://badgen.net/github/watchers/bridgecrewio/terragoat)](https://badgen.net/github/watchers/bridgecrewio/terragoat) [![last-commit](https://badgen.net/github/last-commit/bridgecrewio/terragoat)](https://badgen.net/github/last-commit/bridgecrewio/terragoat) [![open-issues](https://badgen.net/github/open-issues/bridgecrewio/terragoat)](https://badgen.net/github/open-issues/bridgecrewio/terragoat) [![closed-issues](https://badgen.net/github/closed-issues/bridgecrewio/terragoat)](https://badgen.net/github/closed-issues/bridgecrewio/terragoat) |\n| **[cfngoat](https://github.com/bridgecrewio/cfngoat)** | \"Vulnerable by Design\" cloudformation repository. CfnGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments. | [![stars](https://badgen.net/github/stars/bridgecrewio/cfngoat)](https://badgen.net/github/stars/bridgecrewio/cfngoat) | [![contributors](https://badgen.net/github/contributors/bridgecrewio/cfngoat)](https://badgen.net/github/contributors/bridgecrewio/cfngoat) [![watchers](https://badgen.net/github/watchers/bridgecrewio/cfngoat)](https://badgen.net/github/watchers/bridgecrewio/cfngoat) [![last-commit](https://badgen.net/github/last-commit/bridgecrewio/cfngoat)](https://badgen.net/github/last-commit/bridgecrewio/cfngoat) [![open-issues](https://badgen.net/github/open-issues/bridgecrewio/cfngoat)](https://badgen.net/github/open-issues/bridgecrewio/cfngoat) [![closed-issues](https://badgen.net/github/closed-issues/bridgecrewio/cfngoat)](https://badgen.net/github/closed-issues/bridgecrewio/cfngoat) |\n| **[CDKgoat](https://github.com/bridgecrewio/cdkgoat)** | \"Vulnerable by Design\" AWS CDK repository. CDKGoat is a learning and training project that demonstrates how common configuration errors can find their way into impartive IAC such as AWS CDK. | [![stars](https://badgen.net/github/stars/bridgecrewio/cdkgoat)](https://badgen.net/github/stars/bridgecrewio/cdkgoat) | [![contributors](https://badgen.net/github/contributors/bridgecrewio/cdkgoat)](https://badgen.net/github/contributors/bridgecrewio/cdkgoat) [![watchers](https://badgen.net/github/watchers/bridgecrewio/cdkgoat)](https://badgen.net/github/watchers/bridgecrewio/cdkgoat) [![last-commit](https://badgen.net/github/last-commit/bridgecrewio/cdkgoat)](https://badgen.net/github/last-commit/bridgecrewio/cdkgoat) [![open-issues](https://badgen.net/github/open-issues/bridgecrewio/cdkgoat)](https://badgen.net/github/open-issues/bridgecrewio/cdkgoat) [![closed-issues](https://badgen.net/github/closed-issues/bridgecrewio/cdkgoat)](https://badgen.net/github/closed-issues/bridgecrewio/cdkgoat) |\n| **[aws_exposable_resources](https://github.com/SummitRoute/aws_exposable_resources)** | Resource types that can be publicly exposed on AWS  | [![stars](https://badgen.net/github/stars/SummitRoute/aws_exposable_resources)](https://badgen.net/github/stars/SummitRoute/aws_exposable_resources) | [![contributors](https://badgen.net/github/contributors/SummitRoute/aws_exposable_resources)](https://badgen.net/github/contributors/SummitRoute/aws_exposable_resources) [![watchers](https://badgen.net/github/watchers/SummitRoute/aws_exposable_resources)](https://badgen.net/github/watchers/SummitRoute/aws_exposable_resources) [![last-commit](https://badgen.net/github/last-commit/SummitRoute/aws_exposable_resources)](https://badgen.net/github/last-commit/SummitRoute/aws_exposable_resources) [![open-issues](https://badgen.net/github/open-issues/SummitRoute/aws_exposable_resources)](https://badgen.net/github/open-issues/SummitRoute/aws_exposable_resources) [![closed-issues](https://badgen.net/github/closed-issues/SummitRoute/aws_exposable_resources)](https://badgen.net/github/closed-issues/SummitRoute/aws_exposable_resources) |\n| **[IAM Vulnerable](https://github.com/BishopFox/iam-vulnerable)** | Use Terraform to create your own vulnerable by design AWS IAM privilege escalation playground  | [![stars](https://badgen.net/github/stars/BishopFox/iam-vulnerable)](https://badgen.net/github/stars/BishopFox/iam-vulnerable) | [![contributors](https://badgen.net/github/contributors/BishopFox/iam-vulnerable)](https://badgen.net/github/contributors/BishopFox/iam-vulnerable) [![watchers](https://badgen.net/github/watchers/BishopFox/iam-vulnerable)](https://badgen.net/github/watchers/BishopFox/iam-vulnerable) [![last-commit](https://badgen.net/github/last-commit/BishopFox/iam-vulnerable)](https://badgen.net/github/last-commit/BishopFox/iam-vulnerable) [![open-issues](https://badgen.net/github/open-issues/BishopFox/iam-vulnerable)](https://badgen.net/github/open-issues/BishopFox/iam-vulnerable) [![closed-issues](https://badgen.net/github/closed-issues/BishopFox/iam-vulnerable)](https://badgen.net/github/closed-issues/BishopFox/iam-vulnerable) |\n| **[PenTesting.Cloud](https://pentesting.cloud/)** | Free AWS Security Labs - CTF Style  |  | |\n| **[AWSGoat : A Damn Vulnerable AWS Infrastructure](https://github.com/ine-labs/AWSGoat)** | AWSGoat is a vulnerable by design AWS infrastructure featuring OWASP Top 10 web application security risks (2021) and AWS service based misconfigurations. | [![stars](https://badgen.net/github/stars/ine-labs/AWSGoat)](https://badgen.net/github/stars/ine-labs/AWSGoat) | [![contributors](https://badgen.net/github/contributors/ine-labs/AWSGoat)](https://badgen.net/github/contributors/ine-labs/AWSGoat) [![watchers](https://badgen.net/github/watchers/ine-labs/AWSGoat)](https://badgen.net/github/watchers/ine-labs/AWSGoat) [![last-commit](https://badgen.net/github/last-commit/ine-labs/AWSGoat)](https://badgen.net/github/last-commit/ine-labs/AWSGoat) [![open-issues](https://badgen.net/github/open-issues/ine-labs/AWSGoat)](https://badgen.net/github/open-issues/ine-labs/AWSGoat) [![closed-issues](https://badgen.net/github/closed-issues/ine-labs/AWSGoat)](https://badgen.net/github/closed-issues/ine-labs/AWSGoat) |\n\n\n## Other interesting tools/code\n\n**Honey-token:**\n\n* [https://bitbucket.org/asecurityteam/spacecrab](https://bitbucket.org/asecurityteam/spacecrab)\n* [https://breachinsider.com/honey-buckets/](https://breachinsider.com/honey-buckets/)\n* [https://github.com/0x4D31/honeyLambda](https://github.com/0x4D31/honeyLambda)\n* [https://github.com/thinkst/canarytokens-docker](https://github.com/thinkst/canarytokens-docker)\n\n**More Resources:**\n\n* **asecure.cloud** [https://github.com/asecure.cloud](https://github.com/asecure.cloud) A repository of cutomizable AWS security configurations (Cloudformation and CLI templates)\n* **s3-leaks** [https://github.com/nagwww/s3-leaks](https://github.com/nagwww/s3-leaks) - a list of some biggest leaks recorded\n* **Model Risk AWS** [https://magoo.github.io/model-risk-aws/](https://magoo.github.io/model-risk-aws/) - POC about probabilistic risk model for AWS\n* **asecure.cloud** [https://asecure.cloud/](https://asecure.cloud/) - a great place for security resources regarding AWS Security.\n* **honeybuckets** [https://github.com/honey-buckets/](https://github.com/honey-buckets/)\n* **thebuckhacker** [https://github.com/thebuckhacker](https://github.com/thebuckhacker)\n* **buckets.grayhatwarfare** [https://github.com/buckets.grayhatwarfare](https://github.com/buckets.grayhatwarfare)\n* **Cloud Security Newsletter by Marco Lancini** [https://cloudseclist.com/](https://cloudseclist.com/)\n* **Cloud Security Podcast by Ashish Rajan** [https://www.cloudsecuritypodcast.tv](www.cloudsecuritypodcast.tv)\n* **AWS Security Primer By Michael Wittig** [https://cloudonaut.io/aws-security-primer/](https://cloudonaut.io/aws-security-primer/)\n* **Hacking The Cloud** [https://hackingthe.cloud/](https://hackingthe.cloud/)\n* **ThreatModel for Amazon S3** [https://github.com/trustoncloud/threatmodel-for-aws-s3](https://github.com/trustoncloud/threatmodel-for-aws-s3) - Library of all the attack scenarios on Amazon S3 and how to mitigate them, following a risk-based approach \n"
  },
  {
    "path": "ami/Makefile",
    "content": "KUBERNETES_VERSION ?= 1.10.3\n\nDATE ?= $(shell date +%Y-%m-%d)\n\n# Defaults to Amazon Linux 2  AMI\n# * use the us-east-1 image\n# https://aws.amazon.com/amazon-linux-2/release-notes/\nSOURCE_AMI_ID ?= ami-b70554c8\n\nAWS_DEFAULT_REGION = us-east-1\n\nPACKER_CONFIG_FILE = my-aws-security-arsenal-packer-config.json\n\nall: ami\n\nvalidate:\n\tpacker validate $(PACKER_CONFIG_FILE)\n\nami: validate\n\tpacker build -var source_ami_id=$(SOURCE_AMI_ID) $(PACKER_CONFIG_FILE)\n"
  },
  {
    "path": "ami/README.md",
    "content": "# Create an AMI with all security tools in the arsenal list\n\nConfiguration scripts for building a custom Amazon AMI with [HashiCorp Packer](https://www.packer.io/).\n\n**NOT WORKING YET** \t\nStill in development\n\n## Setup\n\n* You must have [Packer](https://www.packer.io/) installed on your local system.\nFor more information, see [Installing Packer](https://www.packer.io/docs/install/index.html)\nin the Packer documentation.\n\n* You must also have AWS account credentials configured so that Packer can make\ncalls to AWS API operations on your behalf. For more information, see [Authentication](https://www.packer.io/docs/builders/amazon.html#specifying-amazon-credentials)\nin the Packer documentation.\n\n**Note**\n\nThe default region used is to build this AMI is `us-east-1` and the instance\ntype is a `t2.medium` (4GB RAM, 2vCPUs, EBS only and $0.046400 hourly) and does\nnot qualify for the AWS free tier. You are charged for any instances created\nwhen building this AMI. The base AMI used is `ami-b70554c8`, Amazon Linux 2.\n\n## Building the AMI\n\nA Makefile is provided to build the AMI, but it is just a small wrapper around\ninvoking Packer directly. You can initiate the build process by running the\nfollowing command in the root of this repository:\n\n```bash\nmake\n```\n\nThe Makefile runs Packer with the `my-aws-security-arsenal-packer-config.json`\nbuild specification template and the [amazon-ebs](https://www.packer.io/docs/builders/amazon-ebs.html)\nbuilder. An instance is launched and the Packer [Shell\nProvisioner](https://www.packer.io/docs/provisioners/shell.html) runs the\n`install-tools.sh` script on the instance to install software and perform other\nnecessary configuration tasks.  Then, Packer creates an AMI from the instance\nand terminates the instance after the AMI is created.\n\n## Using the AMI\n\nIf you are just getting started with security tools, visit [https://github.com/toniblyx/my-arsenal-of-aws-security-tools](https://github.com/toniblyx/my-arsenal-of-aws-security-tools)\nand get familiar with every tool that you are interested in.\n\nLaunch an instance with the new AMI ID that is returned when Packer finishes building.\n\n## Reference\n\nSome code is taken as reference from here [https://github.com/awslabs/amazon-eks-ami](https://github.com/awslabs/amazon-eks-ami)\n"
  },
  {
    "path": "ami/install-tools.sh",
    "content": "#!/usr/bin/env bash\n\nset -o pipefail\nset -o nounset\nset -o errexit\nIFS=$'\\n\\t'\n\nTEMPLATE_DIR=${TEMPLATE_DIR:-/tmp/arsenal}\n\n################################################################################\n### Packages ###################################################################\n################################################################################\n\n# Update the OS to begin with to catch up to the latest packages.\nsudo yum update -y\n\n# Install necessary packages\nsudo yum install -y \\\n    aws-cfn-bootstrap \\\n    conntrack \\\n    curl \\\n    git \\\n    socat \\\n    unzip \\\n    wget\n\ncurl \"https://bootstrap.pypa.io/get-pip.py\" -o \"get-pip.py\"\nsudo python get-pip.py\nrm get-pip.py\nsudo pip install --upgrade awscli\n\n################################################################################\n### Docker #####################################################################\n################################################################################\n\nsudo yum install -y yum-utils device-mapper-persistent-data lvm2\nsudo amazon-linux-extras enable docker\nsudo yum install -y docker-17.06*\nsudo usermod -aG docker $USER\n\n# Clean up yum caches to reduce the image size\nsudo yum clean all\n\n# Enable docker daemon to start on boot.\nsudo systemctl daemon-reload\nsudo systemctl enable docker\n\n################################################################################\n### AWS Security Arsenal #######################################################\n################################################################################\n# get the latest list of tools from https://github.com/toniblyx/my-arsenal-of-aws-security-tools\n# and clone them in to the /opt/arsenal directory\ngit clone https://github.com/toniblyx/my-arsenal-of-aws-security-tools\ncd my-arsenal-of-aws-security-tools\n# skipping RhinoSecurityLabs/pacu since it is not public yet and billing alerts CFN templates\nTOOLS_URL_LIST=$(grep github.com README.md |awk -F '[' '{ print $2 }'| awk -F ']' '{ print $1 }' | grep -v pacu$|grep -v btkrausen)\nsudo mkdir -p /opt/arsenal\ncd /opt/arsenal\nfor tool_url in $TOOLS_URL_LIST; do\n  sudo git clone $tool_url || \\\n    sudo git clone $tool_url $(basename $tool_url)-$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 8 | head -n 1) || \\\n    :\ndone\n"
  },
  {
    "path": "ami/manifest.json",
    "content": "{\n  \"builds\": [\n    {\n      \"name\": \"amazon-ebs\",\n      \"builder_type\": \"amazon-ebs\",\n      \"build_time\": 1533335897,\n      \"files\": null,\n      \"artifact_id\": \"us-east-1:ami-05bbc777606893c06\",\n      \"packer_run_uuid\": \"d64c8557-ff41-86f1-c9a5-511a79216c9e\"\n    }\n  ],\n  \"last_run_uuid\": \"d64c8557-ff41-86f1-c9a5-511a79216c9e\"\n}"
  },
  {
    "path": "ami/my-aws-security-arsenal-packer-config.json",
    "content": "{\n  \"variables\": {\n    \"aws_region\": \"us-east-1\",\n    \"ami_name\": \"My-AWS-Security-Arsenal-v0.1-{{timestamp}}\",\n    \"creator\": \"toni@blyx.com\",\n    \"instance_type\": \"t2.medium\",\n    \"source_ami_id\": \"ami-b70554c8\"\n  },\n\n  \"builders\": [\n    {\n      \"type\": \"amazon-ebs\",\n      \"region\": \"{{user `aws_region`}}\",\n      \"source_ami\": \"{{user `source_ami_id`}}\",\n      \"source_ami_filter\": {\n        \"filters\": {\n          \"architecture\": \"x86_64\",\n          \"name\": \"amzn2-ami-hvm-*\",\n          \"owner-id\": \"137112412989\",\n          \"root-device-type\": \"ebs\",\n          \"state\": \"available\",\n          \"virtualization-type\": \"hvm\"\n        },\n        \"most_recent\": true\n      },\n      \"instance_type\": \"{{user `instance_type`}}\",\n      \"launch_block_device_mappings\": [\n        {\n          \"device_name\": \"/dev/xvda\",\n          \"volume_type\": \"gp2\",\n          \"volume_size\": 20,\n          \"delete_on_termination\": true\n        }\n      ],\n      \"ssh_username\": \"ec2-user\",\n      \"ssh_pty\": true,\n      \"run_tags\": {\n          \"creator\": \"{{user `creator`}}\"\n      },\n      \"tags\": {\n          \"created\": \"{{timestamp}}\"\n      },\n      \"ami_name\": \"{{user `ami_name`}}\",\n      \"ami_description\": \"My AWS Security Arsenal AMI with AmazonLinux2 image - toni@blyx.com\"\n    }\n  ],\n\n  \"provisioners\": [\n    {\n      \"type\": \"shell\",\n      \"inline\": [\"mkdir -p /tmp/arsenal/\"]\n    },\n    {\n      \"type\": \"shell\",\n      \"script\": \"install-tools.sh\"\n    }\n  ],\n  \"post-processors\": [\n    {\n      \"type\": \"manifest\",\n      \"output\": \"manifest.json\",\n      \"strip_path\": true\n    }\n  ]\n}\n"
  },
  {
    "path": "former-list.md",
    "content": "**Defensive (Hardening, Security Assessment, Inventory)**\n\n* **ScoutSuite**: [https://github.com/nccgroup/ScoutSuite](https://github.com/nccgroup/ScoutSuite) - Multi-Cloud Security auditing tool for AWS, Google Cloud and Azure environments (Python)\n* **Prowler**: [https://github.com/toniblyx/prowler](https://github.com/toniblyx/prowler) - CIS benchmarks and additional checks for security best practices in AWS (Shell Script)\n* **CloudSploit**: [https://github.com/cloudsploit/scans](https://github.com/cloudsploit/scans) - AWS security scanning checks (NodeJS)\n* **CloudMapper**: [https://github.com/duo-labs/cloudmapper](https://github.com/duo-labs/cloudmapper) - helps you analyze your AWS environments (Python)\n* **CloudTracker**: [https://github.com/duo-labs/cloudtracker](https://github.com/duo-labs/cloudtracker) - helps you find over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies (Python)\n* **AWS Security Benchmarks**: [https://github.com/awslabs/aws-security-benchmark](https://github.com/awslabs/aws-security-benchmark) - scrips and templates guidance related to the AWS CIS Foundation framework (Python)\n* **AWS Public IPs**: [https://github.com/arkadiyt/aws_public_ips](https://github.com/arkadiyt/aws_public_ips) - Fetch all public IP addresses tied to your AWS account. Works with IPv4/IPv6, Classic/VPC networking, and across all AWS services (Ruby)\n* **PMapper**: [https://github.com/nccgroup/PMapper](https://github.com/nccgroup/PMapper) - Advanced and Automated AWS IAM Evaluation (Python)\n* **nccgroup AWS-Inventory**: [https://github.com/nccgroup/aws-inventory](https://github.com/nccgroup/aws-inventory) - Make a inventory of all your resources across regions (Python)\n* **Resource Counter**: [https://github.com/disruptops/resource-counter](https://github.com/disruptops/resource-counter) - Counts number of resources in categories across regions\n* **ICE**: [https://github.com/Teevity/ice](https://github.com/Teevity/ice) - Ice provides insights from a usage and cost perspective, with high detail dashboards.\n* **SkyArk**: [https://github.com/cyberark/SkyArk](https://github.com/cyberark/SkyArk) - SkyArk provides advanced discovery and security assessment for the most privileged entities in the tested AWS. \n* **Trailblazer AWS**: [https://github.com/willbengtson/trailblazer-aws](https://github.com/willbengtson/trailblazer-aws) - Trailblazer AWS, determine what AWS API calls are logged by CloudTrail and what they are logged as. You can also use TrailBlazer as an attack simulation framework.\n* **Lunar**: [https://github.com/lateralblast/lunar](https://github.com/lateralblast/lunar) - Security auditing tool based on several security frameworks (it does some AWS checks)\n* **Cloud-reports**: [https://github.com/tensult/cloud-reports](https://github.com/tensult/cloud-reports) - Scans your AWS cloud resources and generates reports\n* **Pacbot**: [https://github.com/tmobile/pacbot](https://github.com/tmobile/pacbot) - Platform for continuous compliance monitoring, compliance reporting and security automation for the cloud\n* **cs-suite**: [https://github.com/SecurityFTW/cs-suite](https://github.com/SecurityFTW/cs-suite) - Integrates tools like Scout2 and Prowler among others \n* **aws-key-disabler**: [https://github.com/te-papa/aws-key-disabler](https://github.com/te-papa/aws-key-disabler) - A small lambda script that will disable access keys older than a given amount of days\n* **Antiope**: [https://github.com/turnerlabs/antiope/](https://github.com/turnerlabs/antiope/) - AWS Inventory and Compliance Framework\n* **FunctionShield**: [https://www.puresec.io/function-shield](https://www.puresec.io/function-shield) A free AWS Lambda security library for developers, providing runtime protection such as: outbound network blocking, disable shell processes, /tmp/ disk I/O operations and prevents leakage of the handler's source code.\n* **Cloud Reports**: [https://github.com/tensult/cloud-reports](https://github.com/tensult/cloud-reports) Scans your AWS cloud resources and generates reports, includes security best practices.\n* **Terraform AWS Secure Baseline**: [https://github.com/nozaq/terraform-aws-secure-baseline](https://github.com/nozaq/terraform-aws-secure-baseline) Terraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations. \n* **Cartography**: [https://github.com/lyft/cartography](https://github.com/lyft/cartography) - Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database. \n* **TrailScraper**: [https://github.com/flosell/trailscraper](https://github.com/flosell/trailscraper) - A command-line tool to get valuable information out of AWS CloudTrail\n* **LambdaGuard**: [https://github.com/Skyscanner/LambdaGuard](https://github.com/Skyscanner/LambdaGuard) - An AWS Lambda auditing tool designed to create asset visibility and provide actionable results.\n* **Komiser**: [https://github.com/mlabouardy/komiser](https://github.com/mlabouardy/komiser) - Cloud Environment Inspector, nalyze and manage cloud cost, usage, security, and governance in one place.\n* **Perimeterator**: [https://github.com/darkarnium/perimeterator](https://github.com/darkarnium/perimeterator) - AWS perimeter monitoring: Periodically scan internet facing AWS resources to detect misconfigured services\n* **PolicySentry**: [https://github.com/salesforce/policy_sentry](https://github.com/salesforce/policy_sentry) - IAM Least Privilege Policy Generator, auditor, and analysis database.\n* **Zeus**: [https://github.com/DenizParlak/Zeus](https://github.com/DenizParlak/Zeus) - AWS Auditing & Hardening Tool \n* **janiko71 AWS-inventory**: [https://github.com/janiko71/aws-inventory](https://github.com/janiko71/aws-inventory) - Python script for AWS resources inventory\n* **awspx**: [https://github.com/fsecurelabs/awspx](https://github.com/fsecurelabs/awspx) - \nA graph-based tool for visualizing effective access and resource relationships in AWS environments\n\n \n**Offensive:**\n\n* **weirdALL**: [https://github.com/carnal0wnage/weirdAAL](https://github.com/carnal0wnage/weirdAAL) - AWS Attack Library\n* **Pacu**: [https://github.com/RhinoSecurityLabs/pacu](https://github.com/RhinoSecurityLabs/pacu) - AWS penetration testing toolkit\n* **Cred Scanner**: [https://github.com/disruptops/cred_scanner](https://github.com/disruptops/cred_scanner)\n* **AWS PWN**: [https://github.com/dagrz/aws_pwn](https://github.com/dagrz/aws_pwn)\n* **Cloudfrunt**: [https://github.com/MindPointGroup/cloudfrunt](https://github.com/MindPointGroup/cloudfrunt)\n* **Cloudjack**: [https://github.com/prevade/cloudjack](https://github.com/prevade/cloudjack)\n* **Nimbostratus**: [https://github.com/andresriancho/nimbostratus](https://github.com/andresriancho/nimbostratus)\n* **GitLeaks**: [https://github.com/zricethezav/gitleaks](https://github.com/zricethezav/gitleaks) - Audit git repos for secrets\n* **TruffleHog**: [https://github.com/dxa4481/truffleHog](https://github.com/dxa4481/truffleHog) - Searches through git repositories for high entropy strings and secrets, digging deep into commit history\n* **DumpsterDiver**: [https://github.com/securing/DumpsterDiver](https://github.com/securing/DumpsterDiver) - Tool to search secrets in various filetypes, like keys (e.g. AWS Access Key, Azure Share Key or SSH keys) or passwords.\n* **Mad-King**: [https://github.com/ThreatResponse/mad-king](https://github.com/ThreatResponse/mad-king) - Proof of Concept Zappa Based AWS Persistence and Attack Platform\n* **Cloud-Nuke**: [https://github.com/gruntwork-io/cloud-nuke](https://github.com/gruntwork-io/cloud-nuke) - A tool for cleaning up your cloud accounts by nuking (deleting) all resources within it\n* **MozDef: The Mozilla Defense Platform** [https://github.com/mozilla/MozDef](https://github.com/mozilla/MozDef) - The Mozilla Defense Platform (MozDef) seeks to automate the security incident handling process and facilitate the real-time activities of incident handlers.\n* **Lambdashell**: [http://www.lambdashell.com/](http://www.lambdashell.com/) - This is a simple AWS lambda function that does a straight exec. Essentially giving you a shell directly in my AWS infrastructure to just run your commands.\n* **Lambda-Proxy**: [https://github.com/puresec/lambda-proxy/] - A bridge between SQLMap and AWS Lambda, which lets you use SQLMap to natively test AWS Lambda functions for SQL Injection vulnerabilities.\n* **CloudCopy**: [https://github.com/Static-Flow/CloudCopy](https://github.com/Static-Flow/CloudCopy) - Cloud version of the Shadow Copy attack against domain controllers running in AWS using only the EC2:CreateSnapshot permission\n* **enumerate-iam**: [https://github.com/andresriancho/enumerate-iam](https://github.com/andresriancho/enumerate-iam) - Enumerate the permissions associated with AWS credential set\n* **Barq**: [https://github.com/Voulnet/barq](https://github.com/Voulnet/barq) - A post-exploitation framework that allows you to easily perform attacks on a running AWS infrastructure\n\n**Continuous Security Auditing:**\n\n* **Krampus** (as Security Monkey complement) [https://github.com/sendgrid/krampus](https://github.com/sendgrid/krampus)\n* **Cloud Inquisitor**: [https://github.com/RiotGames/cloud-inquisitor](https://github.com/RiotGames/cloud-inquisitor)\n* **CloudCustodian**: [https://github.com/capitalone/cloud-custodian](https://github.com/capitalone/cloud-custodian)\n* **Disable keys after X days**: [https://github.com/te-papa/aws-key-disabler](https://github.com/te-papa/aws-key-disabler)\n* **Repokid** Least Privilege: [https://github.com/Netflix/repokid](https://github.com/Netflix/repokid)\n* **Wazuh CloudTrail module**: [https://documentation.wazuh.com/current/amazon/index.html](https://documentation.wazuh.com/current/amazon/index.html)\n* **Hammer**: [https://github.com/dowjones/hammer](https://github.com/dowjones/hammer)\n* **Streamalert**: [https://github.com/airbnb/streamalert](https://github.com/airbnb/streamalert)\n* **Billing Alerts CFN templates**: [https://github.com/btkrausen/AWS/tree/master/CloudFormation/Billing%20Alerts](https://github.com/btkrausen/AWS/tree/master/CloudFormation/Billing%20Alerts)\n* **Watchmen**: [https://github.com/iagcl/watchmen](https://github.com/iagcl/watchmen) - AWS account compliance using centrally managed Config Rules\n\n**DFIR:**\n\n* **AWS IR**: [https://github.com/ThreatResponse/aws_ir](https://github.com/ThreatResponse/aws_ir) - AWS specific Incident Response and Forensics Tool\n* **Margaritashotgun**: [https://github.com/ThreatResponse/margaritashotgun](https://github.com/ThreatResponse/margaritashotgun) - Linux memory remote acquisition tool\n* **LiMEaide**: [https://kd8bny.github.io/LiMEaide/](https://kd8bny.github.io/LiMEaide/) - Linux memory remote acquisition tool\n* **Diffy**: [https://github.com/Netflix-Skunkworks/diffy](https://github.com/Netflix-Skunkworks/diffy) - Triage tool used during cloud-centric security incidents\n* **AWS Security Automation**: [https://github.com/awslabs/aws-security-automation](https://github.com/awslabs/aws-security-automation) - AWS scripts and resources for DevSecOps and automated incident response\n* **GDPatrol**: [https://github.com/ansorren/GDPatrol](https://github.com/ansorren/GDPatrol) - Automated Incident Response based off AWS GuardDuty findings\n* **AWSlog**: [https://github.com/jaksi/awslog](https://github.com/jaksi/awslog) - Show the history and changes between configuration versions of AWS resources using AWS Config \n* **AWS_Responder** [https://github.com/prolsen/aws_responder](https://github.com/prolsen/aws_responder) - AWS Digital Forensic and Incident Response (DFIR) Response Python Scripts\n* **SSM-Acquire**: [https://github.com/mozilla/ssm-acquire](https://github.com/mozilla/ssm-acquire) - A python module for orchestrating content acquisitions and analysis via Amazon SSM\n* **cloudtrail-partitioner**: [https://github.com/duo-labs/cloudtrail-partitioner](https://github.com/duo-labs/cloudtrail-partitioner) - This project sets up partitioned Athena tables for your CloudTrail logs and updates the partitions nightly. Makes CloudTrail logs queries easier.\n\n**Development Security:**\n\n* **CFN NAG**: [https://github.com/stelligent/cfn_nag](https://github.com/stelligent/cfn_nag) -  CloudFormation security test (Ruby)\n* **Git-secrets**: [https://github.com/awslabs/git-secrets](https://github.com/awslabs/git-secrets)\n* **Repository of sample Custom Rules for AWS Config**: [https://github.com/awslabs/aws-config-rules](https://github.com/awslabs/aws-config-rules)\n* **asecure.cloud**: [https://asecure.cloud](https://asecure.cloud) - A repository of cutomizable AWS security configurations (Cloudformation and CLI templates)\n* **CFripper**: [https://github.com/Skyscanner/cfripper/](https://github.com/Skyscanner/cfripper/) - Lambda function to \"rip apart\" a CloudFormation template and check it for security compliance.\n* **Assume**: [https://github.com/SanderKnape/assume](https://github.com/SanderKnape/assume) - A simple CLI utility that makes it easier to switch between different AWS roles\n* **Terrascan**: [https://github.com/cesar-rodriguez/terrascan](https://github.com/cesar-rodriguez/terrascan) - A collection of security and best practice tests for static code analysis of terraform templates using terraform_validate\n* **tfsec**: [https://github.com/liamg/tfsec](https://github.com/liamg/tfsec) - Provides static analysis of your terraform templates to spot potential security issues\n* **pytest-services**: [https://github.com/mozilla-services/pytest-services](https://github.com/mozilla-services/pytest-services) - Unit testing framework for test driven security of AWS configurations and more\n* **IAM Least-Privileged Role Generator**: [https://github.com/puresec/serverless-puresec-cli](https://github.com/puresec/serverless-puresec-cli) - A Serverless framework plugin that statically analyzes AWS Lambda function code and automagically generates least-privileged IAM roles.\n* **AWS Vault**: [https://github.com/99designs/aws-vault](https://github.com/99designs/aws-vault) - A vault for securely storing and accessing AWS credentials in development environments \n* **AWS Service Control Policies**: [https://github.com/jchrisfarris/aws-service-control-policies](https://github.com/jchrisfarris/aws-service-control-policies) - Collection of semi-useful Service Control Policies and scripts to manage them \n* **Half-Life**: [https://github.com/Skyscanner/halflife](https://github.com/Skyscanner/halflife) - AWS Lambda auditing tool that provides a meaningful overview in terms of statistical analysis, AWS service dependencies and configuration checks from the security perspective\n* **Terraform-compliance**: [https://github.com/eerkunt/terraform-compliance](https://github.com/eerkunt/terraform-compliance) - A lightweight, security focused, BDD test framework against terraform (with helpful code for AWS)\n* **Get a List of AWS Managed Policies**: [https://github.com/RyPeck/aws_managed_policies](https://github.com/RyPeck/aws_managed_policies) - a way to get a list of all AWS managed policies\n* **Parliament**: [https://github.com/duo-labs/parliament/](https://github.com/duo-labs/parliament/) - AWS IAM linting library \n* **AWS-ComplianceMachineDontStop**: [https://github.com/jonrau1/AWS-ComplianceMachineDontStop](https://github.com/jonrau1/AWS-ComplianceMachineDontStop) - Proof of Value Terraform Scripts to utilize Amazon Web Services (AWS) Security, Identity & Compliance Services to Support your AWS Account Security Posture\n\n**S3 Buckets Auditing:**\n\n* [https://github.com/Parasimpaticki/sandcastle](https://github.com/Parasimpaticki/sandcastle)\n* [https://github.com/smiegles/mass3](https://github.com/smiegles/mass3)\n* [https://github.com/koenrh/s3enum](https://github.com/koenrh/s3enum)\n* [https://github.com/tomdev/teh_s3_bucketeers/](https://github.com/tomdev/teh_s3_bucketeers/)\n* [https://github.com/Quikko/BuQuikker](https://github.com/Quikko/BuQuikker) (multi threading for teh_s3_bucketeers)\n* [https://github.com/eth0izzle/bucket-stream](https://github.com/eth0izzle/bucket-stream)\n* [https://github.com/gwen001/s3-buckets-finder](https://github.com/gwen001/s3-buckets-finder)\n* [https://github.com/aaparmeggiani/s3find](https://github.com/aaparmeggiani/s3find)\n* [https://github.com/bbb31/slurp](https://github.com/bbb31/slurp)\n* [https://github.com/random-robbie/slurp](https://github.com/random-robbie/slurp)\n* [https://github.com/kromtech/s3-inspector](https://github.com/kromtech/s3-inspector)\n* [https://github.com/petermbenjamin/s3-fuzzer](https://github.com/petermbenjamin/s3-fuzzer)\n* [https://github.com/jordanpotti/AWSBucketDump](https://github.com/jordanpotti/AWSBucketDump)\n* [https://github.com/bear/s3scan](https://github.com/bear/s3scan)\n* [https://github.com/sa7mon/S3Scanner](https://github.com/sa7mon/S3Scanner)\n* [https://github.com/magisterquis/s3finder](https://github.com/magisterquis/s3finder)\n* [https://github.com/abhn/S3Scan](https://github.com/abhn/S3Scan)\n* [https://breachinsider.com/honey-buckets/](https://breachinsider.com/honey-buckets/)\n* [https://www.buckhacker.com](https://www.buckhacker.com) [Currently Offline]\n* [https://www.thebuckhacker.com/](https://www.thebuckhacker.com/)\n* [https://buckets.grayhatwarfare.com/](https://buckets.grayhatwarfare.com/)\n* [https://github.com/whitfin/s3-meta](https://github.com/whitfin/s3-meta) \n* [https://github.com/vr00n/Amazon-Web-Shenanigans/tree/master/S3PublicBucketCheck](https://github.com/vr00n/Amazon-Web-Shenanigans/tree/master/S3PublicBucketCheck)\n* [https://github.com/FishermansEnemy/bucket_finder](https://github.com/FishermansEnemy/bucket_finder)\n* [https://github.com/brianwarehime/inSp3ctor](https://github.com/brianwarehime/inSp3ctor)\n* [https://github.com/Atticuss/bucketcat](https://github.com/Atticuss/bucketcat)\n* [https://github.com/Ucnt/aws-s3-bruteforce](https://github.com/Ucnt/aws-s3-bruteforce)\n* [https://github.com/nahamsec/lazys3](https://github.com/nahamsec/lazys3)\n* [https://github.com/securing/BucketScanner](https://github.com/securing/BucketScanner)\n* [https://digi.ninja/projects/bucket_finder.php](https://digi.ninja/projects/bucket_finder.php)\n* [https://github.com/VirtueSecurity/aws-extender-cli](https://github.com/VirtueSecurity/aws-extender-cli)\n\n**Training:**\n\n* [http://flaws.cloud/](http://flaws.cloud/) - flAWS challenge to learn through a series of levels about common mistakes and gotchas when using AWS\n* [http://flaws2.cloud/](http://flaws2.cloud/) - flAWS 2 has two paths this time: Attacker and Defender! In the Attacker path, you'll exploit your way through misconfigurations in serverless (Lambda) and containers (ECS Fargate). In the Defender path, that target is now viewed as the victim and you'll work as an incident responder for that same app, understanding how an attack happened. \n* [https://github.com/RhinoSecurityLabs/cloudgoat](https://github.com/RhinoSecurityLabs/cloudgoat) - Vulnerable by Design AWS infrastructure setup tool\n* [https://github.com/m6a-UdS/dvca](https://github.com/m6a-UdS/dvca) - Damn Vulnerable Cloud Application [more info](https://medium.com/poka-techblog/privilege-escalation-in-the-cloud-from-ssrf-to-global-account-administrator-fd943cf5a2f6)\n* [https://github.com/sonofagl1tch/AWSDetonationLab](https://github.com/sonofagl1tch/AWSDetonationLab) - Scripts and templates to generate some basic detections of the AWS security services\n* [OWASP ServerlessGoat](https://www.owasp.org/index.php/OWASP_Serverless_Goat) - OWASP ServerlessGoat is a deliberately insecure realistic AWS Lambda serverless application, maintained by OWASP for educational purposes. Single click installation through the AWS Serverless Application Repository.\n* [Sadcloud](https://github.com/nccgroup/sadcloud) - A tool for standing up (and tearing down!) purposefully insecure cloud infrastructure.\n\n**Honey-token:**\n\n* [https://bitbucket.org/asecurityteam/spacecrab](https://bitbucket.org/asecurityteam/spacecrab)\n* [https://breachinsider.com/honey-buckets/](https://breachinsider.com/honey-buckets/)\n* [https://github.com/0x4D31/honeyLambda](https://github.com/0x4D31/honeyLambda)\n* [https://github.com/thinkst/canarytokens-docker](https://github.com/thinkst/canarytokens-docker)\n\n**Others:**\n\n* [https://github.com/nagwww/s3-leaks](https://github.com/nagwww/s3-leaks) - a list of some biggest leaks recorded\n* **Model Risk AWS** [https://magoo.github.io/model-risk-aws/](https://magoo.github.io/model-risk-aws/) - POC about probabilistic risk model for AWS\n* **asecure.cloud** [https://asecure.cloud/](https://asecure.cloud/) - a great place for security resources regarding AWS Security.\n"
  },
  {
    "path": "kreator/arsenal-kreator.sh",
    "content": "#!/bin/bash\n\n# reads arsenal.csv with format name;username/repo;description\n# and generate all badges and table format to paste on the README.md\n\nwhile IFS=';' read NAME USERANDREPO DESC; do \n   echo \"| **$NAME** | [https://github.com/$USERANDREPO](https://github.com/$USERANDREPO) | ${DESC} | [![stars](https://badgen.net/github/stars/$USERANDREPO)](https://badgen.net/github/stars/$USERANDREPO) | [![contributors](https://badgen.net/github/contributors/$USERANDREPO)](https://badgen.net/github/contributors/$USERANDREPO) [![watchers](https://badgen.net/github/watchers/$USERANDREPO)](https://badgen.net/github/watchers/$USERANDREPO) [![last-commit](https://badgen.net/github/last-commit/$USERANDREPO)](https://badgen.net/github/last-commit/$USERANDREPO) [![open-issues](https://badgen.net/github/open-issues/$USERANDREPO)](https://badgen.net/github/open-issues/$USERANDREPO) [![closed-issues](https://badgen.net/github/closed-issues/$USERANDREPO)](https://badgen.net/github/closed-issues/$USERANDREPO) |\"\ndone < arsenal.csv\n"
  },
  {
    "path": "kreator/arsenal.csv",
    "content": "iamlive;iann0036/iamlive;Generate a basic IAM policy from AWS client-side monitoring (CSM)\naws-allowlister;salesforce/aws-allowlister;Automatically compile an AWS Service Control Policy that ONLY allows AWS services that are compliant with your preferred compliance frameworks.\n"
  }
]