/my-arsenal-of-GCP-security-ops-Tools

my arsenal of GCP security/ops Tools

Primary LanguageShellApache License 2.0Apache-2.0

Table of Contents

Contribute

Do you want to contribute to this list? Feel free to send a PR and make sure your tool is Open Source.

Name URL Description Popularity Metadata
My Arsenal of GCP Security/Operations Tools https://github.com/Rahulsharma0810/my-arsenal-of-GCP-security-ops-Tools This list of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc. stars contributors watchers last-commit open-issues closed-issues

Defensive: Hardening, Security Assessment and Inventory

Name URL Description Popularity Metadata
Good-Cloud-Practice https://github.com/Liodeus/Good-Cloud-Practice GCP non compliance scanner stars contributors watchers last-commit open-issues closed-issues
OS-Login managing-instance-access#gcloud OS Login lets you use Compute Engine IAM roles to grant or revoke SSH access to your Linux instances. OS Login is an alternative to managing instance access by adding and removing SSH keys in metadata.
Binary Authorization Binary Authorization Deploy only trusted containers on Google Kubernetes Engine.

Offensive

Name URL Description Popularity Metadata
GitLeaks https://github.com/zricethezav/gitleaks Audit git repos for secrets stars contributorswatcherslast-commit open-issues closed-issues
DumpsterDiver https://github.com/securing/DumpsterDiver Tool to search secrets in various filetypes. stars contributorswatcherslast-commit open-issues closed-issues
CCAT https://github.com/RhinoSecurityLabs/ccat Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments stars contributorswatcherslast-commit open-issues closed-issues
whispers https://github.com/Skyscanner/whispers Identify hardcoded secrets and dangerous behaviours stars contributors watchers last-commit open-issues closed-issues
CloudBrute https://github.com/0xsha/cloudbrute A tool to find a company (target) infrastructure, files, and apps on the top cloud providers stars contributors watchers last-commit open-issues closed-issues

Continuous Security Auditing

Name URL Description Popularity Metadata
Security Monkey https://github.com/Netflix/security_monkey stars contributorswatcherslast-commit open-issues closed-issues
CloudCustodian https://github.com/cloud-custodian/cloud-custodian/ Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources stars contributorswatcherslast-commit open-issues closed-issues
Wazuh CloudTrail module https://github.com/wazuh/wazuh stars contributorswatcherslast-commit open-issues closed-issues
CloudQuery https://github.com/cloudquery/cloudquery/ cloudquery exposes your cloud configuration and metadata as sql tables, providing powerful analysis and monitoring for compliance and security stars contributorswatcherslast-commit open-issues closed-issues

Digital Forensics and Incident Response

Name URL Description Popularity Metadata
Margaritashotgun https://github.com/ThreatResponse/margaritashotgun Linux memory remote acquisition tool stars contributorswatcherslast-commit open-issues closed-issues
cloud-forensics-utils https://github.com/google/cloud-forensics-utils Python library to carry out DFIR analysis on the Cloud stars contributors watchers last-commit open-issues closed-issues

Development Security

Name URL Description Popularity Metadata
Git-secrets https://github.com/awslabs/git-secrets stars contributorswatcherslast-commit open-issues closed-issues
Terrascan https://github.com/cesar-rodriguez/terrascan A collection of security and best practice tests for static code analysis of terraform templates using terraform_validate stars contributorswatcherslast-commit open-issues closed-issues
tfsec https://github.com/liamg/tfsec Provides static analysis of your terraform templates to spot potential security issues stars contributorswatcherslast-commit open-issues closed-issues
Checkov https://github.com/bridgecrewio/checkov Terraform, Cloudformation and Kubernetes static analysis written in python stars contributorswatcherslast-commit open-issues closed-issues
pytest-services https://github.com/mozilla-services/pytest-services Unit testing framework for test driven security of AWS configurations and more stars contributorswatcherslast-commit open-issues closed-issues
Terraform-compliance https://github.com/eerkunt/terraform-compliance A lightweight security focused BDD test framework against terraform (with helpful code for AWS) stars contributorswatcherslast-commit open-issues closed-issues
detect-secrets https://github.com/Yelp/detect-secrets An enterprise friendly way of detecting and preventing secrets in code. stars contributorswatcherslast-commit open-issues closed-issues
Regula https://github.com/fugue/regula Regula checks infrastructure as code templates (Terraform, CloudFormation) for AWS, Azure and Google Cloud security and compliance using Open Policy Agent/Rego stars contributors watchers last-commit open-issues closed-issues
whispers https://github.com/Skyscanner/whispers Identify hardcoded secrets and dangerous behaviours stars contributors watchers last-commit open-issues closed-issues
KICS https://github.com/Checkmarx/kics Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code stars contributorswatcherslast-commit open-issues closed-issues

GCP Storage Auditing

Name URL Description Popularity Metadata
aws-externder-cli https://github.com/VirtueSecurity/aws-extender-cli Test S3 buckets as well as Google Storage buckets and Azure Storage containers to find interesting files stars contributorswatcherslast-commit open-issues closed-issues

Training

Name URL Description Popularity Metadata
CloudPentestCheatsheets https://github.com/dafthack/CloudPentestCheatsheets/blob/master/cheatsheets/GCP.md This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers. stars
Map of GCP Services Article Link Map Link map illustrating the services of Google Cloud and how they relate
terragoat https://github.com/bridgecrewio/terragoat "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments. stars contributors watchers last-commit open-issues closed-issues

Other interesting tools/code

Honey-token:

More Resources: