Scrapy, a fast high-level web crawling & scraping framework for Python.

⏬ Dumb downloader that scrapes the web

A framework for managing and maintaining multi-language pre-commit hooks.

Prowler is the world’s most widely used open-source cloud security platform that automates security and compliance across any cloud environment.

Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.

A library that allows you to easily mock out tests based on AWS infrastructure.

Easy & Flexible Alerting With ElasticSearch

A utility for arming (creating) many bees (micro EC2 instances) to attack (load test) targets (web applications).

"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

An enterprise friendly way of detecting and preventing secrets in code.

Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database.

A Central Control Plane for AWS Permissions and Access

Text outlining and task management for Vim based on Emacs' Org-Mode

StreamAlert is a serverless, realtime data analysis framework which empowers you to ingest, analyze, and alert on data from any environment, using datasources and alerting logic you define.

The strictest and most opinionated python linter ever!

IAM Least Privilege Policy Generator

An open, distributed platform as a service

A tool for quickly evaluating IAM permissions in AWS.

BinaryAlert: Serverless, Real-time & Retroactive Malware Detection.

Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automa…

AWS IAM linting library

A graph-based tool for visualizing effective access and resource relationships in AWS environments.

Distributed alerting for the masses!

Real-time, container-based file scanning at enterprise scale

CloudTracker helps you find over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies.

Slack Enumeration and Extraction Tool - extract sensitive information from a Slack Workspace

Password spraying using AWS Lambda for IP rotation

A proxy for AWS's metadata service that gives out scoped IAM credentials from STS

Parse and Process AWS IAM Policies, Statements, ARNs, and wildcards.