A CLI tool that simplifies the process of launching, connecting and terminating an EC2 instance.

Awesome free cloud native security learning labs. Includes CTF, self-hosted workshops, guided vulnerability labs, and research labs.

Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...

Runs checks to see if an EKS cluster follows EKS Best Practices.

Access Undenied parses AWS AccessDenied CloudTrail events, explains the reasons for them, and offers actionable remediation steps. Open-sourced by Ermetic.

Unauthenticated enumeration of AWS, Azure, and GCP Principals

ThreatModel for Amazon S3 - Library of all the attack scenarios on Amazon S3, and how to mitigate them following a risk-based approach

Detects Critical Public resources misconfigured via AWS Policies

AWS Security Analytics Bootstrap enables customers to perform security investigations on AWS service logs by providing an Amazon Athena analysis environment that's quick to deploy, ready to use, an…

AWS Lambda Power Tuning is an open-source tool that can help you visualize and fine-tune the memory/power configuration of Lambda functions. It runs in your own AWS account - powered by AWS Step Fu…

A checklist of practices for organizations dealing with account takeover (ATO)

A production-friendly malware scanner for your AWS cloud

Internet connectivity for your VPC-attached Lambda functions without a NAT Gateway

AWS docs, guides, and other tools

Command Line Interface tool for Cloud Intelligence Dashboards deployment

Assume AWS IAM roles from GitHub Actions workflows with no stored secrets

AWS Organizations Service Control Policies (SCPs) written in HashiCorp Terraform.

Leapp is the DevTool to access your cloud

Ping, but with a graph

Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.

A curated list of awesome serverless security resources such as (e)books, articles, whitepapers, blogs and research papers.

A MITRE ATT&CK Navigator export for AWS GuardDuty Findings

Web-based reverse shell generator

An encyclopedia for offensive and defensive security knowledge in cloud native technologies.

The open source high performance ELT framework powered by Apache Arrow

Research on the enumeration of IAM permissions without logging to CloudTrail

S3Insights is a platform for efficiently deriving security insights about S3 data through metadata analysis