Chan9390's Stars
rebuy-de/aws-nuke
Nuke a whole AWS account and delete all its resources.
TracecatHQ/tracecat
The open source Tines / Splunk SOAR alternative for security engineers.
DataDog/stratus-red-team
:cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud
threatexpress/malleable-c2
Cobalt Strike Malleable C2 Design and Reference Guide
rootsecdev/Azure-Red-Team
Azure Security Resources and Notes
ssh-mitm/ssh-mitm
SSH-MITM - ssh audits made simple
pushsecurity/saas-attacks
Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face. #nolockdown
common-fate/granted
The easiest way to access your cloud.
stackrox/stackrox
The StackRox Kubernetes Security Platform performs a risk analysis of the container environment, delivers visibility and runtime alerts, and provides recommendations to proactively improve security by hardening the environment.
hausec/PowerZure
PowerShell framework to assess Azure security
dafthack/MSOLSpray
A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, if the account is locked, or if the account is disabled.
OWASP/DevSecOpsGuideline
The OWASP DevSecOps Guideline can help us to embedding security as a part of the development pipeline.
zoph-io/aws-security-survival-kit
Bare minimum AWS Security Alerting and Configuration
mvelazc0/BadZure
BadZure orchestrates the setup of Azure AD tenants, populating them with diverse entities while also introducing common security misconfigurations to create vulnerable tenants with multiple attack paths.
domain-protect/domain-protect
OWASP Domain Protect - prevent subdomain takeover
easttimor/aws-incident-response
mondoohq/cnspec
An open source, cloud-native security to protect everything from build to runtime
awslabs/aws-security-analytics-bootstrap
AWS Security Analytics Bootstrap enables customers to perform security investigations on AWS service logs by providing an Amazon Athena analysis environment that's quick to deploy, ready to use, and easy to maintain.
mludvig/aws-ssm-tools
Handy tools for AWS Systems Manager - ssm-session, ecs-session, ssm-ssh and ssm-tunnel
ScaleSec/terraform_aws_scp
AWS Organizations Service Control Policies (SCPs) written in HashiCorp Terraform.
NetSPI/gcpwn
Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @WebbinRoot
lawndoc/Respotter
Respotter is a Responder honeypot. Detect Responder in your environment as soon as it's spun up.
primeharbor/sensitive_iam_actions
Crowdsourced list of sensitive IAM Actions
SecurityRunners/CloudCommotion
Cloud Commotion intends to cause chaos to simulate security incidents
adanalvarez/TrailDiscover
An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and security implications
zmallen/cloudtrail2sightings
Convert cloudtrail data to MITRE ATT&CK Sightings
ekristen/azure-nuke
Remove all resources from an Azure Tenant and it's Subscriptions.
primeharbor/aws-fast-fixes
Scripts to quickly fix security and compliance issues
FogSecurity/aws-default-encryption-tracker
Tracker for Encryption by Default for AWS Resources
salecharohit/my-cloud-desktop
My Cloud Desktop based on Ubuntu