houey Goto Github PK

access

Access, a centralized portal for employees to transparently discover, request, and manage their access for all internal systems needed to do their jobs

airiam

Least privilege AWS IAM Terraformer

alternat

High availability implementation of AWS NAT instances.

amalgamous

Shell and Pen-testing Tool

amass

In-depth DNS Enumeration and Network Mapping

astra

Automated Security Testing For REST API's

awesome-secure-defaults

Awesome secure by default libraries to help you eliminate bug classes!

awesome-service-control-policies

Listing of resources for example AWS Service Control Policies (SCPs)

awesome_firebase_domainfront

Firebase Domain Front Code

aws-account-automation

Tools to help automate your AWS Accounts

aws-api-models

A collection of documented and undocumented AWS API models

aws-cheatsheet

A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.

aws-data-wrangler

Pandas on AWS - Easy integration with Athena, Glue, Redshift, Timestream, QuickSight, Chime, CloudWatchLogs, DynamoDB, EMR, SecretManager, PostgreSQL, MySQL, SQLServer and S3 (Parquet, CSV, JSON and EXCEL).

aws-iam-permissions-guardrails

AWS IAM Permissions Guardrails https://aws-samples.github.io/aws-iam-permissions-guardrails/

aws-lambda-container-image-converter

The AWS Lambda container image converter tool (img2lambda) repackages container images (such as Docker images) into AWS Lambda layers, and publishes them as new layer versions.

aws-loot

Pull secrets from an AWS environment

aws-metadata-proxy

AWS Metadata Proxy for protection against SSRF

aws-request-signer

A chrome extension that signs requests to AWS endpoints (using Signature Version 4 signing process)

aws-scanner

Scans a list of websites for Cloudfront or S3 Buckets

aws-scps-for-sandbox-and-training-accounts

aws-security-analytics-bootstrap

AWS Security Analytics Bootstrap enables customers to perform security investigations on AWS service logs by providing an Amazon Athena analysis environment that's quick to deploy, ready to use, and easy to maintain.

aws-security-assessment-solution

aws-sso-util

Smooth out the rough edges of AWS SSO (temporarily, until AWS makes it better).

aws_pwn

A collection of AWS penetration testing junk

awslambdaproxy

An AWS Lambda powered HTTP/SOCKS web proxy

awsrolejuggler

A toolset to juggle AWS roles for persistent access

awssecurity

for AWS Security material

azucar

Security auditing tool for Azure environments

backup-and-bcp-for-aws

A collection of scripts & tooling that's executed from Lambda to backup your AWS Services such as Route53, EBS, RDS, EFS, etc into a S3 bucket allowing you to sync into Google Cloud for Business Continuity.

badblood

BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active Directory. Each time this tool runs, it produces different results. The domain, users, groups, computers and permissions are different. Every. Single. Time.