paulschwarzenberger

paulschwarzenberger's Stars

• prowler-cloud/prowler

  Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more

  Language:Python10.6k1289181.5k

• projectdiscovery/subfinder

  Fast passive subdomain enumeration tool.

  Language:Go10k1554461.3k

• hashicorp/terraform-provider-aws

  The AWS Provider enables Terraform to manage AWS resources.

  Language:Go9.8k44119.2k9.1k

• getmoto/moto

  A library that allows you to easily mock out tests based on AWS infrastructure.

  Language:Python7.6k662.9k2k

• OWASP/wstg

  The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

  Language:Dockerfile7.2k3303441.3k

• nccgroup/ScoutSuite

  Multi-Cloud Security Auditing Tool

  Language:Python6.6k1368711.1k

• michenriksen/aquatone

  A Tool for Domain Flyovers

  Language:Go5.6k1360874

• cloud-custodian/cloud-custodian

  Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources

  Language:Python5.4k1674.1k1.5k

• philips-labs/terraform-aws-github-runner

  Terraform module for scalable GitHub action runners on AWS

  Language:HCL2.5k33555608

• common-fate/granted

  The easiest way to access your cloud.

  Language:Go1k930694

• SummitRoute/csp_security_mistakes

  This repo has been replaced by https://www.cloudvulndb.org

  718914052

• ramimac/aws-customer-security-incidents

  A repository of breaches of AWS customers

  6914719140

• ovotech/gitoops

  all paths lead to clouds

  Language:Go63018849

• domain-protect/domain-protect

  OWASP Domain Protect - prevent subdomain takeover

  Language:Python394124864

• hashishrajan/cloud-security-vulnerabilities

  List of all the Publicly disclosed vulnerabilities of Public Cloud Provider like Amazon Web Services (AWS), Microsoft Azure, Google Cloud, Oracle Cloud, IBM Cloud etc

  35715235

• aws-actions/aws-secretsmanager-get-secrets

  Language:TypeScript14461939

• connelldave/botocove

  A simple decorator to run Python functions across multiple AWS accounts, OUs and/or regions, with or without an AWS Organization.

  Language:Python976278

• domain-protect/domain-protect-gcp

  Protect against subdomain takeover

  Language:Python913711

• serverless-ca/terraform-aws-ca

  Terraform module for serverless certificate authority on AWS

  Language:Python875147

• Macmod/STARS

  A multi-cloud DNS record scanner that aims to help cybersecurity/IT analysts identify dangling CNAME records in their cloud DNS services that could possibly lead to subdomain takeover scenarios.

  Language:Python49405

• c-icap/c-icap-server

  Language:C4453933

• serverless-ca/cloud-ca

  Cloud CA built using AWS CA Terraform Module

  Language:Python8001

• domain-protect/domain-protect-deploy

  Deploy Domain Protect in your AWS Organization using GitHub Actions

  7303

• ovotech/kiss

  AWS-based secrets management for Kubernetes

  Language:Go6560

• OWASP/www-project-domain-protect

  OWASP Foundation Web Respository

  Language:HTML6401

• ovotech/VertFlow

  Run Docker containers on Airflow using green energy.

  Language:Python5281

• daniel-infosec/csp-ip-lookup

  API and Website to check if an IP address belongs to a Cloud Service Provider

  Language:Python4201

• Celidor/aws-iam-roles-anywhere

  Testing AWS IAM Roles Anywhere

  Language:Python2

• domain-protect/domain-protect-gcp-deploy

  Deploy Domain Protect in your GCP Organization using GitHub Actions

  2300

• serverless-ca/alb

  AWS Application Load Balancer for testing mTLS with open-source cloud Certificate Authority

  Language:HCL21