Prowler is the world’s most widely used open-source cloud security platform that automates security and compliance across any cloud environment.

Security configuration scanner for Claude Code

AI agent for autonomous cyber operations

OCSF (https://schema.ocsf.io/) models in Python using Pydantic.

MetaHub is an automated contextual security findings enrichment and impact evaluation tool for vulnerability management.

Automating situational awareness for cloud penetration tests.

Empowering People Ethically 🚀 — Matomo is hiring! Join us → https://matomo.org/jobs Matomo is the leading open-source alternative to Google Analytics, giving you complete control and built-in priva…

SDLC evidence store and policy engine for your Software Supply Chain attestations, SBOMs, VEX, SARIF, QA reports, and more

The de facto GitHub star history graph.

This solutions facilitates rapid deployment of Prowler, full AWS Organization analysis, and finding processing as part of a security posture report.

[ARCHIVED] Templates that create needed permissions in an account to be scanned by ProwlerPro

PyPI downloads analytics dashboard

Compliance automation framework, focused on SOC2

Protect your data in AWS S3 with DataCop!

An encyclopedia for offensive and defensive security knowledge in cloud native technologies.

The easiest way to access AWS.

Assisted Log Enabler for AWS - Find AWS resources that are not logging, and turn them on.

Testing TLS/SSL encryption anywhere on any port

CloudSpec is an open source tool for validating your resources in your cloud providers using a logical language.

SyntheticSun is a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, managed AWS security services and, serverless technologies to c…

Guard offers a policy-as-code domain-specific language (DSL) to write rules and validate JSON- and YAML-formatted data such as CloudFormation Templates, K8s configurations, and Terraform JSON plans…

kube-scan: Octarine k8s cluster risk assessment tool

AWS Security Tools (AST) in a simple Docker container. 📦

An enterprise friendly way of detecting and preventing secrets in code.

A list of covert channels and steganography/steganalysis resources (books, papers & tools)