cloud-security
There are 265 repositories under cloud-security topic.
wazuh/wazuh
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
madhuakula/kubernetes-goat
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀
tenable/terrascan
Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
Hack-with-Github/Free-Security-eBooks
Free Security and Hacking eBooks
Netflix/consoleme
A Central Control Plane for AWS Permissions and Access
4ndersonLin/awesome-cloud-security
🛡️ Awesome Cloud Security Resources ⚔️
Hacking-the-Cloud/hackingthe.cloud
An encyclopedia for offensive and defensive security knowledge in cloud native technologies.
BishopFox/cloudfox
Automating situational awareness for cloud penetration tests.
DataDog/stratus-red-team
:cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud
salesforce/cloudsplaining
Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.
teamssix/awesome-cloud-security
awesome cloud security 收集一些国内外不错的云安全资源,该项目主要面向国内的安全人员
chaitin/veinmind-tools
veinmind-tools 是由长亭科技自研,基于 veinmind-sdk 打造的容器安全工具集
matanolabs/matano
Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS
jassics/awesome-aws-security
Curated list of links, references, books videos, tutorials (Free or Paid), Exploit, CTFs, Hacking Practices etc. which are related to AWS Security
tmobile/pacbot
PacBot (Policy as Code Bot)
common-fate/granted
The easiest way to access your cloud.
bridgecrewio/terragoat
TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
SecurityFTW/cs-suite
Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.
paralus/paralus
All-in-one Kubernetes access manager. User-level credentials, RBAC, SSO, audit logs.
edgelesssys/constellation
Constellation is the first Confidential Kubernetes. Constellation shields entire Kubernetes clusters from the (cloud) infrastructure using confidential computing.
0xsha/CloudBrute
Awesome cloud enumerator
jonrau1/ElectricEye
ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring supporting 100s of services and evaluations to harden your CSP & SaaS environments with controls mapped to over 20 industry, regulatory, and best practice controls frameworks
Zeyad-Azima/Offensive-Resources
A Huge Learning Resources with Labs For Offensive Security Players
cyberark/SkyArk
SkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS
stackql/stackql
Query, provision and operate Cloud and SaaS resources and APIs using an extensible SQL based framework
aquasecurity/cloud-security-remediation-guides
Security Remediation Guides
Funkmyster/awesome-cloud-security
A curated list of awesome cloud security blogs, podcasts, standards, projects, and examples.
opengovern/opensecurity
opensecurity: open-source security and compliance. See and secure your cloud, containers, code, networks, deployments, devices. Define your rules, get precise checks, fix gaps fast. Streamlined audits. No fluff.
HXSecurity/TerraformGoat
TerraformGoat is HXSecurity research lab's "Vulnerable by Design" multi cloud deployment tool.
Esonhugh/Attack_Code
文章 Attack Code 的详细全文。安全和开发总是具有伴生属性,尤其是云的安全方向,本篇文章是希望能帮助到读者的云安全入门材料。Full text of the article Attack Code. Security and development always have concomitant attributes, and this is especially true with the security direction of the cloud. This article is an introduction to cloud security that I hope will help readers.
vectra-ai-research/MAAD-AF
MAAD Attack Framework - An attack tool for simple, fast & effective security testing of M365 & Entra ID (Azure AD).
Aabyss-Team/awsKeyTools
AWS云平台 AccessKey 泄漏利用工具
jassics/security-interview-questions
Security interview questions with possible explanation for roles in AppSec, Pentesting, Cloud Security, DevSecOps, Network Security and so on
jassics/cybersecurity-roadmap
Skills and career roadmap for various security roles like application security, cloud security, DevSecOps, security engineer, security researchers, pentesting, api security, network security, mobile security and so on with helpful resources, guidelines
BishopFox/smogcloud
Find cloud assets that no one wants exposed 🔎 ☁️
AabyssZG/Docker-TCP-Scan
旨在以攻促防,针对Docker TCP socket的开源利用工具