Pinned Repositories
awesome-serverless-security
A curated list of awesome serverless security resources such as (e)books, articles, whitepapers, blogs and research papers.
aws-parsecf
Parse AWS CloudFormation's intrinsic functions in the template
FunctionShield
A Serverless Security Library for Developers. Regain Control Over Your AWS Lambda & Google Cloud Functions Runtimes.
lambda-config-rules
4 AWS Config rules that will boost your AWS Lambda security posture. Created as a companion to the AWS Config blog post by PureSec.
lambda-proxy
Lambda-Proxy creates an HTTP proxy listening on localhost port 8082. When it receives an HTTP POST request with a very specific structure , it will parse the request, extract the relevant data required for the test, and will invoke your AWS Lambda function using the AWS SDK client.invoke() method. It was created for testing AWS Lambda functions with SQLMap as described here: https://www.puresec.io/blog/automated-sql-injection-testing-of-serverless-functions-on-a-shoestring-budget-and-some-good-music
puresec-cli
PureSec CLI tools for improving the security of your serverless applications.
puresec-s3-public-scanner
An AWS Lambda function that scans your account for S3 buckets with any kind of public permissions
sas-top-10
Serverless Architectures Security Top 10 Guide
serverless-puresec-cli
Serverless plugin for least privileges.
vulenrable-app
A sample vulnerable Node.js AWS Lambda function
PureSec's Repositories
puresec/awesome-serverless-security
A curated list of awesome serverless security resources such as (e)books, articles, whitepapers, blogs and research papers.
puresec/sas-top-10
Serverless Architectures Security Top 10 Guide
puresec/serverless-puresec-cli
Serverless plugin for least privileges.
puresec/FunctionShield
A Serverless Security Library for Developers. Regain Control Over Your AWS Lambda & Google Cloud Functions Runtimes.
puresec/lambda-proxy
Lambda-Proxy creates an HTTP proxy listening on localhost port 8082. When it receives an HTTP POST request with a very specific structure , it will parse the request, extract the relevant data required for the test, and will invoke your AWS Lambda function using the AWS SDK client.invoke() method. It was created for testing AWS Lambda functions with SQLMap as described here: https://www.puresec.io/blog/automated-sql-injection-testing-of-serverless-functions-on-a-shoestring-budget-and-some-good-music
puresec/lambda-config-rules
4 AWS Config rules that will boost your AWS Lambda security posture. Created as a companion to the AWS Config blog post by PureSec.
puresec/puresec-cli
PureSec CLI tools for improving the security of your serverless applications.
puresec/aws-parsecf
Parse AWS CloudFormation's intrinsic functions in the template
puresec/vulenrable-app
A sample vulnerable Node.js AWS Lambda function
puresec/node-csocket
Port for C's sys/socket.h methods for synchronous usage of sockets as file descriptors.
puresec/puresec-s3-public-scanner
An AWS Lambda function that scans your account for S3 buckets with any kind of public permissions
puresec/lambda-auth0-authorizer
An AWS Custom Authorizer for AWS Gateway that support Auth0 Bearer tokens.
puresec/Serverless-Goat
OWASP ServerlessGoat: a serverless application demonstrating common serverless security flaws
puresec/components
An easier way to build applications with cloud services. –
puresec/middy
🛵 The stylish Node.js middleware engine for AWS Lambda
puresec/serverless-sentry-lib
puresec/a-demo-app
puresec/csocket-linux
puresec/python-demo-app
puresec/addressparser-malicious
Parse e-mail address fields with node.js
puresec/hello-retail
“Hello, Retail!” is an open-source, mobile-first, 100% serverless functional proof-of-concept showcasing a complete event sourcing approach applied to the retail platform space.
puresec/incubator-openwhisk-runtime-docker
Apache openwhisk
puresec/KairoScope-Backend-Reading
The microservice for KairoScope. This service is in charge of reading's operations.
puresec/node-gyp-build
Build tool and bindings loader for node-gyp that supports prebuilds
puresec/secure-aws-lambda
puresec/serverless-application-model
AWS Serverless Application Model (AWS SAM) prescribes rules for expressing Serverless applications on AWS.
puresec/serverless-azure-functions
Serverless Azure Functions Plugin – Add Azure Functions support to the Serverless Framework
puresec/serverless-plugin-ifelse
A Serverless Plugin to write If Else conditions in serverless YAML file
puresec/serverless-sentry-plugin
This plugin adds automatic forwarding of errors and exceptions to Sentry (https://sentry.io) and Serverless (https://serverless.com)
puresec/wg-serverless
CNCF Serverless WG