Actionable analytics designed to combat threats

Financial data platform for analysts, quants and AI agents.

Automated Forensics Orchestrator for Amazon EC2 and EKS is a self-service AWS Guidance implementation that enterprise customers can deploy to quickly set up and configure an automated orchestration…

A policy management tool for interacting with Gatekeeper

Write tests against structured configuration data using the Open Policy Agent Rego query language

ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring supporting 100s of services and evaluations to harden your CSP…

An open project to list all publicly known cloud vulnerabilities and CSP security issues

RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services.

Re-play Security Events

☁️ ⚡ Granular, Actionable Adversary Emulation for the Cloud

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

Build smaller, faster, and more secure desktop and mobile applications with a web frontend.

The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

A collection of manifests that will create pods with elevated privileges.

Security Remediation Guides

A container image that exfiltrates the underlying container runtime to a remote server

This repo has been replaced by https://www.cloudvulndb.org

Sycamore - An app. for managing Deciduous Attack Trees

Static analysis for CloudFormation templates to identify common misconfiguration

High-Performance Serverless event and data processing platform

Analyzes an Ubuntu system and checks for unpatched vulnerabilities.

Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.

Deprecated: See README

Nuclei templates for K8S security scanning

A simple bastion host setup designed for cloud-hosted lab environments.

🤔 What happens when I type kubectl run?

The most advanced free and open-source browser fingerprinting library

API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites

Prometheus / OpenMetrics exporter for GitLab CI pipelines insights