Skip to content

Latest commit

 

History

History
258 lines (234 loc) · 176 KB

README.md

File metadata and controls

258 lines (234 loc) · 176 KB

AWS Tools for Cybersecurity

Welcome to the World of AWS Tools in Cybersecurity:

A collection of awesome software, libraries, frameworks, learning tutorials, documents, books, resources and cool stuff about AWS tools. Thanks to all contributors, you're awesome and wouldn't be possible without you! Our goal is to build a categorized community-driven collection of very well-known resources.

AWS Tools for Cybersecurity is an ongoing curated list of tools, frameworks, libraries, learning tutorials for infosec and security professionals

aws-security

Table of Contents

Defensive: Hardening, Security Assessment and Inventory

Name URL Description Popularity Metadata
ScoutSuite https://github.com/nccgroup/ScoutSuite Multi-Cloud Security auditing tool for AWS Google Cloud and Azure environments (python) stars contributorswatcherslast-commit open-issues closed-issues
Prowler https://github.com/toniblyx/prowler CIS benchmarks and additional checks for security best practices in AWS (bash and python components) stars contributorswatcherslast-commit open-issues closed-issues
CloudSploit Scans https://github.com/cloudsploit/scans AWS security scanning checks (NodeJS) stars contributorswatcherslast-commit open-issues closed-issues
CloudMapper https://github.com/duo-labs/cloudmapper helps you analyze your AWS environments (Python) stars contributorswatcherslast-commit open-issues closed-issues
CloudTracker https://github.com/duo-labs/cloudtracker helps you find over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies (Python) stars contributorswatcherslast-commit open-issues closed-issues
AWS Security Benchmarks https://github.com/awslabs/aws-security-benchmark scripts and templates guidance related to the AWS CIS Foundation framework (Python) stars contributorswatcherslast-commit open-issues closed-issues
AWS Public IPs https://github.com/arkadiyt/aws_public_ips Fetch all public IP addresses tied to your AWS account. Works with IPv4/IPv6 Classic/VPC networking and across all AWS services (Ruby) stars contributorswatcherslast-commit open-issues closed-issues
PMapper https://github.com/nccgroup/PMapper Advanced and Automated AWS IAM Evaluation (Python) stars contributorswatcherslast-commit open-issues closed-issues
nccgroup AWS-Inventory https://github.com/nccgroup/aws-inventory Make a inventory of all your resources across regions (Python) stars contributorswatcherslast-commit open-issues closed-issues
Resource Counter https://github.com/disruptops/resource-counter Counts number of resources in categories across regions stars contributorswatcherslast-commit open-issues closed-issues
ICE https://github.com/Teevity/ice Ice provides insights from a usage and cost perspective with high detail dashboards. stars contributorswatcherslast-commit open-issues closed-issues
SkyArk https://github.com/cyberark/SkyArk SkyArk provides advanced discovery and security assessment for the most privileged entities in the tested AWS. stars contributorswatcherslast-commit open-issues closed-issues
Trailblazer AWS https://github.com/willbengtson/trailblazer-aws Trailblazer AWS determine what AWS API calls are logged by CloudTrail and what they are logged as. You can also use TrailBlazer as an attack simulation framework. stars contributorswatcherslast-commit open-issues closed-issues
Lunar https://github.com/lateralblast/lunar Security auditing tool based on several security frameworks (it does some AWS checks) stars contributorswatcherslast-commit open-issues closed-issues
Cloud-reports https://github.com/tensult/cloud-reports Scans your AWS cloud resources and generates reports stars contributorswatcherslast-commit open-issues closed-issues
Pacbot https://github.com/tmobile/pacbot Platform for continuous compliance monitoring compliance reporting and security automation for the cloud stars contributorswatcherslast-commit open-issues closed-issues
cs-suite https://github.com/SecurityFTW/cs-suite Integrates tools like Scout2 and Prowler among others stars contributorswatcherslast-commit open-issues closed-issues
aws-key-disabler https://github.com/te-papa/aws-key-disabler A small lambda script that will disable access keys older than a given amount of days stars contributorswatcherslast-commit open-issues closed-issues
Antiope https://github.com/turnerlabs/antiope AWS Inventory and Compliance Framework stars contributorswatcherslast-commit open-issues closed-issues
Cloud Reports https://github.com/tensult/cloud-reports Scans your AWS cloud resources and generates reports and includes security best practices. stars contributorswatcherslast-commit open-issues closed-issues
Terraform AWS Secure Baseline https://github.com/nozaq/terraform-aws-secure-baseline Terraform module to set up your AWS account with the secure stars contributorswatcherslast-commit open-issues closed-issues
Cartography https://github.com/lyft/cartography Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database. stars contributorswatcherslast-commit open-issues closed-issues
TrailScraper https://github.com/flosell/trailscraper A command-line tool to get valuable information out of AWS CloudTrail stars contributorswatcherslast-commit open-issues closed-issues
LambdaGuard https://github.com/Skyscanner/LambdaGuard An AWS Lambda auditing tool designed to create asset visibility and provide actionable results. stars contributorswatcherslast-commit open-issues closed-issues
Komiser https://github.com/mlabouardy/komiser Cloud Environment Inspector analyze and manage cloud cost usage security and governance in one place. stars contributorswatcherslast-commit open-issues closed-issues
Perimeterator https://github.com/darkarnium/perimeterator AWS perimeter monitoring. Periodically scan internet facing AWS resources to detect misconfigured services stars contributorswatcherslast-commit open-issues closed-issues
PolicySentry https://github.com/salesforce/policy_sentry IAM Least Privilege Policy Generator auditor and analysis database stars contributorswatcherslast-commit open-issues closed-issues
Zeus https://github.com/DenizParlak/Zeus AWS Auditing & Hardening Tool stars contributorswatcherslast-commit open-issues closed-issues
janiko71 AWS-inventory https://github.com/janiko71/aws-inventory Python script for AWS resources inventory stars contributorswatcherslast-commit open-issues closed-issues
awspx https://github.com/fsecurelabs/awspx A graph-based tool for visualizing effective access and resource relationships in AWS environments stars contributorswatcherslast-commit open-issues closed-issues
clinv https://github.com/lyz-code/clinv DevSecOps command line asset inventory tool stars contributorswatcherslast-commit open-issues closed-issues
aws-gate https://github.com/xen0l/aws-gate Enhanced AWS SSM Session manager CLI client stars contributors watchers last-commit open-issues closed-issues
Detecting Credential Compromise https://github.com/Netflix-Skunkworks/aws-credential-compromise-detection Detecting of your compromised credential in AWS stars contributorswatcherslast-commit open-issues closed-issues
AWS-Security-Toolbox (AST) https://github.com/z0ph/aws-security-toolbox AWS Security Toolbox (Docker Image) for Security Assessments stars contributors watchers last-commit open-issues closed-issues
iam-lint https://github.com/xen0l/iam-lint Github action for linting AWS IAM policy documents for correctness and possible security issues stars contributors watchers last-commit open-issues closed-issues
aws-security-viz https://github.com/anaynayak/aws-security-viz A tool to visualize aws security groups. stars contributors watchers last-commit open-issues closed-issues
AirIAM https://github.com/bridgecrewio/AirIAM Least privilege AWS IAM using Terraform stars contributors watchers last-commit open-issues closed-issues
Cloudsplaining https://github.com/salesforce/cloudsplaining AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized HTML report. stars contributors watchers last-commit open-issues closed-issues
iam-policy-generator https://github.com/aletheia/iam-policy-generator A simple library to generate IAM policy statements with no need to remember all the actions APIs stars contributors watchers last-commit open-issues closed-issues
SkyWrapper https://github.com/cyberark/SkyWrapper SkyWrapper helps to discover suspicious creation forms and uses of temporary tokens in AWS stars contributors watchers last-commit open-issues closed-issues
aws-recon https://github.com/darkbitio/aws-recon Multi-threaded AWS inventory collection tool stars contributors watchers last-commit open-issues closed-issues
iam-policies-cli https://github.com/mhlabs/iam-policies-cli A CLI tool for building simple to complex IAM policies stars contributors watchers last-commit open-issues closed-issues
Aaia https://github.com/rams3sh/Aaia AWS Identity and Access Management Visualizer and Anomaly Finder stars contributors watchers last-commit open-issues closed-issues
iam-floyd https://github.com/udondan/iam-floyd IAM policy statement generator with fluent interface - Available for Node.js, Python, .Net and Java stars contributors watchers last-commit open-issues closed-issues
rpCheckup https://github.com/goldfiglabs/rpCheckup AWS resource policy security checkup tool that identifies public, external account access, intra-org account access, and private resources. stars contributors watchers last-commit open-issues closed-issues
S3 Exif Cleaner https://github.com/seisvelas/S3-Exif-Cleaner Remove EXIF data from all objects in an S3 bucket stars contributorswatcherslast-commit open-issues closed-issues
Steampipe https://github.com/turbot/steampipe Use SQL to instantly query your cloud services (AWS, Azure, GCP and more). Open source CLI. No DB required. (SQL) stars contributorswatcherslast-commit open-issues closed-issues

Offensive

Name URL Description Popularity Metadata
WeirdAAL https://github.com/carnal0wnage/weirdAAL AWS Attack Library stars contributorswatcherslast-commit open-issues closed-issues
Pacu https://github.com/RhinoSecurityLabs/pacu AWS penetration testing toolkit stars contributorswatcherslast-commit open-issues closed-issues
Cred Scanner https://github.com/disruptops/cred_scanner A simple file-based scanner to look for potential AWS access and secret keys in files stars contributorswatcherslast-commit open-issues closed-issues
AWS PWN https://github.com/dagrz/aws_pwn A collection of AWS penetration testing junk stars contributorswatcherslast-commit open-issues closed-issues
Cloudfrunt https://github.com/MindPointGroup/cloudfrunt A tool for identifying misconfigured CloudFront domains stars contributorswatcherslast-commit open-issues closed-issues
Cloudjack https://github.com/prevade/cloudjack Route53/CloudFront Vulnerability Assessment Utility stars contributorswatcherslast-commit open-issues closed-issues
Nimbostratus https://github.com/andresriancho/nimbostratus Tools for fingerprinting and exploiting Amazon cloud infrastructures stars contributorswatcherslast-commit open-issues closed-issues
GitLeaks https://github.com/zricethezav/gitleaks Audit git repos for secrets stars contributorswatcherslast-commit open-issues closed-issues
TruffleHog https://github.com/dxa4481/truffleHog Searches through git repositories for high entropy strings and secrets digging deep into commit history stars contributorswatcherslast-commit open-issues closed-issues
DumpsterDiver https://github.com/securing/DumpsterDiver "Tool to search secrets in various filetypes like keys (e.g. AWS Access Key Azure Share Key or SSH keys) or passwords." stars contributorswatcherslast-commit open-issues closed-issues
Mad-King https://github.com/ThreatResponse/mad-king Proof of Concept Zappa Based AWS Persistence and Attack Platform stars contributorswatcherslast-commit open-issues closed-issues
Cloud-Nuke https://github.com/gruntwork-io/cloud-nuke A tool for cleaning up your cloud accounts by nuking (deleting) all resources within it stars contributorswatcherslast-commit open-issues closed-issues
MozDef - The Mozilla Defense Platform https://github.com/mozilla/MozDef The Mozilla Defense Platform (MozDef) seeks to automate the security incident handling process and facilitate the real-time activities of incident handlers. stars contributorswatcherslast-commit open-issues closed-issues
Lambda-Proxy https://github.com/puresec/lambda-proxy A bridge between SQLMap and AWS Lambda which lets you use SQLMap to natively test AWS Lambda functions for SQL Injection vulnerabilities. stars contributorswatcherslast-commit open-issues closed-issues
CloudCopy https://github.com/Static-Flow/CloudCopy Cloud version of the Shadow Copy attack against domain controllers running in AWS using only the EC2:CreateSnapshot permission stars contributorswatcherslast-commit open-issues closed-issues
enumerate-iam https://github.com/andresriancho/enumerate-iam Enumerate the permissions associated with AWS credential set stars contributorswatcherslast-commit open-issues closed-issues
Barq https://github.com/Voulnet/barq A post-exploitation framework that allows you to easily perform attacks on a running AWS infrastructure stars contributorswatcherslast-commit open-issues closed-issues
CCAT https://github.com/RhinoSecurityLabs/ccat Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments stars contributorswatcherslast-commit open-issues closed-issues
Dufflebag https://github.com/bishopfox/dufflebag Search exposed EBS volumes for secrets stars contributors watchers last-commit open-issues closed-issues
attack_range https://github.com/splunk/attack_range A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data into Splunk stars contributors watchers last-commit open-issues closed-issues
whispers https://github.com/Skyscanner/whispers Identify hardcoded secrets and dangerous behaviours stars contributors watchers last-commit open-issues closed-issues
Redboto https://github.com/elitest/Redboto Red Team AWS Scripts stars contributors watchers last-commit open-issues closed-issues
CloudBrute https://github.com/0xsha/cloudbrute A tool to find a company (target) infrastructure, files, and apps on the top cloud providers stars contributors watchers last-commit open-issues closed-issues

Continuous Security Auditing

Name URL Description Popularity Metadata
Security Monkey https://github.com/Netflix/security_monkey stars contributorswatcherslast-commit open-issues closed-issues
Krampus https://github.com/sendgrid/krampus stars contributorswatcherslast-commit open-issues closed-issues
Cloud Inquisitor https://github.com/RiotGames/cloud-inquisitor stars contributorswatcherslast-commit open-issues closed-issues
CloudCustodian https://github.com/cloud-custodian/cloud-custodian/ Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources stars contributorswatcherslast-commit open-issues closed-issues
Disable keys after X days https://github.com/te-papa/aws-key-disabler stars contributorswatcherslast-commit open-issues closed-issues
Repokid Least Privilege https://github.com/Netflix/repokid stars contributorswatcherslast-commit open-issues closed-issues
Wazuh CloudTrail module https://github.com/wazuh/wazuh stars contributorswatcherslast-commit open-issues closed-issues
Hammer https://github.com/dowjones/hammer stars contributorswatcherslast-commit open-issues closed-issues
Streamalert https://github.com/airbnb/streamalert stars contributorswatcherslast-commit open-issues closed-issues
Billing Alerts CFN templates https://github.com/btkrausen/AWS stars contributorswatcherslast-commit open-issues closed-issues
Watchmen https://github.com/iagcl/watchmen AWS account compliance using centrally managed Config Rules stars contributorswatcherslast-commit open-issues closed-issues
ElectricEye https://github.com/jonrau1/ElectricEye Continuously monitor your AWS services for configurations that can lead to degradation of confidentiality, integrity or availability stars contributors watchers last-commit open-issues closed-issues
SyntheticSun https://github.com/jonrau1/SyntheticSun a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, managed AWS security services and, serverless technologies to continuously prevent, detect and respond to threats stars contributors watchers last-commit open-issues closed-issues
CloudQuery https://github.com/cloudquery/cloudquery/ cloudquery exposes your cloud configuration and metadata as sql tables, providing powerful analysis and monitoring for compliance and security stars contributorswatcherslast-commit open-issues closed-issues
PrismX https://github.com/omaidf/PrismX Cloud Security Dashboard for AWS - based on ScoutSuite stars contributors watchers last-commit open-issues closed-issues

Digital Forensics and Incident Response

Name URL Description Popularity Metadata
AWS IR https://github.com/ThreatResponse/aws_ir AWS specific Incident Response and Forensics Tool stars contributorswatcherslast-commit open-issues closed-issues
Margaritashotgun https://github.com/ThreatResponse/margaritashotgun Linux memory remote acquisition tool stars contributorswatcherslast-commit open-issues closed-issues
Diffy https://github.com/Netflix-Skunkworks/diffy Triage tool used during cloud-centric security incidents stars contributorswatcherslast-commit open-issues closed-issues
AWS Security Automation https://github.com/awslabs/aws-security-automation AWS scripts and resources for DevSecOps and automated incident response stars contributorswatcherslast-commit open-issues closed-issues
GDPatrol https://github.com/ansorren/GDPatrol Automated Incident Response based off AWS GuardDuty findings stars contributorswatcherslast-commit open-issues closed-issues
AWSlog https://github.com/jaksi/awslog Show the history and changes between configuration versions of AWS resources using AWS Config stars contributorswatcherslast-commit open-issues closed-issues
AWS_Responder https://github.com/prolsen/aws_responder AWS Digital Forensic and Incident Response (DFIR) Response Python Scripts stars contributorswatcherslast-commit open-issues closed-issues
SSM-Acquire https://github.com/mozilla/ssm-acquire A python module for orchestrating content acquisitions and analysis via Amazon SSM stars contributorswatcherslast-commit open-issues closed-issues
cloudtrail-partitioner https://github.com/duo-labs/cloudtrail-partitioner This project sets up partitioned Athena tables for your CloudTrail logs and updates the partitions nightly. Makes CloudTrail logs queries easier. stars contributorswatcherslast-commit open-issues closed-issues
fargate-ir https://github.com/andrewkrug/fargate-ir Proof of concept incident response demo using SSM and AWS Fargate. stars contributors watchers last-commit open-issues closed-issues
aws-logsearch https://github.com/endgameinc/aws-logsearch Search AWS CloudWatch logs all at once on the command line. stars contributors watchers last-commit open-issues closed-issues
Varna https://github.com/endgameinc/varna Quick & Cheap AWS CloudTrail Monitoring with Event Query Language (EQL) stars contributors watchers last-commit open-issues closed-issues
aws-auto-remediate https://github.com/servian/aws-auto-remediate Open source application to instantly remediate common security issues through the use of AWS Config stars contributors watchers last-commit open-issues closed-issues
panther-labs https://github.com/panther-labs/panther Detect threats with log data and improve cloud security posture stars contributors watchers last-commit open-issues closed-issues
aws-incident-response https://github.com/easttimor/aws-incident-response This page is a collection of useful things to look for in CloudTrail using Athena for AWS incident response stars contributors watchers last-commit open-issues closed-issues
cloud-forensics-utils https://github.com/google/cloud-forensics-utils Python library to carry out DFIR analysis on the Cloud stars contributors watchers last-commit open-issues closed-issues
aws-fast-fixes https://github.com/WarnerMedia/aws-fast-fixes Scripts to quickly fix security and compliance issues stars contributors watchers last-commit open-issues closed-issues

Development Security

Name URL Description Popularity Metadata
CFN NAG https://github.com/stelligent/cfn_nag CloudFormation security test (Ruby) stars contributorswatcherslast-commit open-issues closed-issues
Git-secrets https://github.com/awslabs/git-secrets stars contributorswatcherslast-commit open-issues closed-issues
Repository of sample Custom Rules for AWS Config https://github.com/awslabs/aws-config-rules stars contributorswatcherslast-commit open-issues closed-issues
CFripper https://github.com/Skyscanner/cfripper "Lambda function to ""rip apart"" a CloudFormation template and check it for security compliance." stars contributorswatcherslast-commit open-issues closed-issues
Assume https://github.com/SanderKnape/assume A simple CLI utility that makes it easier to switch between different AWS roles stars contributorswatcherslast-commit open-issues closed-issues
Terrascan https://github.com/cesar-rodriguez/terrascan A collection of security and best practice tests for static code analysis of terraform templates using terraform_validate stars contributorswatcherslast-commit open-issues closed-issues
tfsec https://github.com/liamg/tfsec Provides static analysis of your terraform templates to spot potential security issues stars contributorswatcherslast-commit open-issues closed-issues
Checkov https://github.com/bridgecrewio/checkov Terraform, Cloudformation and Kubernetes static analysis written in python stars contributorswatcherslast-commit open-issues closed-issues
Yor https://github.com/bridgecrewio/yor Automatically tag and trace infrastructure as code frameworks (Terraform, Cloudformation and Serverless) stars contributorswatcherslast-commit open-issues closed-issues
pytest-services https://github.com/mozilla-services/pytest-services Unit testing framework for test driven security of AWS configurations and more stars contributorswatcherslast-commit open-issues closed-issues
IAM Least-Privileged Role Generator https://github.com/puresec/serverless-puresec-cli A Serverless framework plugin that statically analyzes AWS Lambda function code and automagically generates least-privileged IAM roles. stars contributorswatcherslast-commit open-issues closed-issues
AWS Vault https://github.com/99designs/aws-vault A vault for securely storing and accessing AWS credentials in development environments stars contributorswatcherslast-commit open-issues closed-issues
AWS Service Control Policies https://github.com/jchrisfarris/aws-service-control-policies Collection of semi-useful Service Control Policies and scripts to manage them stars contributorswatcherslast-commit open-issues closed-issues
LambdaGuard https://github.com/Skyscanner/LambdaGuard AWS Lambda auditing tool that provides a meaningful overview in terms of statistical analysis AWS service dependencies and configuration checks from the security perspective stars contributorswatcherslast-commit open-issues closed-issues
Terraform-compliance https://github.com/eerkunt/terraform-compliance A lightweight security focused BDD test framework against terraform (with helpful code for AWS) stars contributorswatcherslast-commit open-issues closed-issues
Get a List of AWS Managed Policies https://github.com/RyPeck/aws_managed_policies a way to get a list of all AWS managed policies stars contributorswatcherslast-commit open-issues closed-issues
Parliament https://github.com/duo-labs/parliament AWS IAM linting library stars contributorswatchers last-commit open-issues closed-issues
AWS-ComplianceMachineDontStop https://github.com/jonrau1/AWS-ComplianceMachineDontStop Proof of Value Terraform Scripts to utilize Amazon Web Services (AWS) Security Identity & Compliance Services to Support your AWS Account Security Posture stars contributorswatcherslast-commit open-issues closed-issues
detect-secrets https://github.com/Yelp/detect-secrets An enterprise friendly way of detecting and preventing secrets in code. stars contributorswatcherslast-commit open-issues closed-issues
tf-parliament https://github.com/rdkls/tf-parliament Run Parliament AWS IAM Checker on Terraform Files stars contributors watchers last-commit open-issues closed-issues
aws-gate https://github.com/xen0l/aws-gate Better AWS SSM Session manager CLI client stars contributors watchers last-commit open-issues closed-issues
iam-lint https://github.com/xen0l/iam-lint Github action for linting AWS IAM policy documents for correctness and possible security issues stars contributors watchers last-commit open-issues closed-issues
Regula https://github.com/fugue/regula Regula checks Terraform for AWS security and compliance using Open Policy Agent/Rego stars contributors watchers last-commit open-issues closed-issues
whispers https://github.com/Skyscanner/whispers Identify hardcoded secrets and dangerous behaviours stars contributors watchers last-commit open-issues closed-issues
cloudformation-guard https://github.com/aws-cloudformation/cloudformation-guard A set of tools to check AWS CloudFormation templates for policy compliance using a simple, policy-as-code, declarative syntax. stars contributors watchers last-commit open-issues closed-issues
IAMFinder https://github.com/prisma-cloud/IAMFinder Enumerates and finds users and IAM roles in a target AWS account stars contributors watchers last-commit open-issues closed-issues
iamlive https://github.com/iann0036/iamlive Generate a basic IAM policy from AWS client-side monitoring (CSM) stars contributors watchers last-commit open-issues closed-issues
aws-allowlister https://github.com/salesforce/aws-allowlister Automatically compile an AWS Service Control Policy that ONLY allows AWS services that are compliant with your preferred compliance frameworks. stars contributors watchers last-commit open-issues closed-issues
Leapp https://github.com/Noovolari/leapp Cross-platform app for managing AWS credentials programmatically, based on Electron stars contributorswatcherslast-commit open-issues closed-issues
KICS https://github.com/Checkmarx/kics Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code stars contributorswatcherslast-commit open-issues closed-issues
SecurityHub CIS Compliance Automator https://github.com/NickTheSecurityDude/AWS-SecurityHub-CIS-Compliance-Automation Automatically configure your AWS Account to meet 95% of the 200+ controls for CIS Compliance, PCI DSS Compliance and AWS Security Best Practice stars contributorswatcherslast-commit open-issues closed-issues

S3 Buckets Auditing

Name URL Description Popularity Metadata
sandcastle https://github.com/Parasimpaticki/sandcastle S3 bucket enumeration stars contributorswatcherslast-commit open-issues closed-issues
mass3 https://github.com/smiegles/mass3 enumerate through a pre-compiled list of AWS S3 buckets using DNS instead of HTTP with a list of DNS resolvers and multi-threading stars contributorswatcherslast-commit open-issues closed-issues
s3enum https://github.com/koenrh/s3enum S3 bucket enumeration stars contributorswatcherslast-commit open-issues closed-issues
teh_s3_bucketeers https://github.com/tomdev/teh_s3_bucketeers stars contributorswatcherslast-commit open-issues closed-issues
bucket-stream https://github.com/eth0izzle/bucket-stream Find interesting Amazon S3 Buckets by watching certificate transparency logs stars contributorswatcherslast-commit open-issues closed-issues
s3-buckets-finder https://github.com/gwen001/s3-buckets-finder brute force Amazon S3 bucket stars contributorswatcherslast-commit open-issues closed-issues
s3find https://github.com/aaparmeggiani/s3find find S3 public buckets stars contributorswatcherslast-commit open-issues closed-issues
slurp-robbie https://github.com/random-robbie/slurp Enumerate S3 buckets via certstream, domain, or keywords stars contributorswatcherslast-commit open-issues closed-issues
s3-inspector https://github.com/clario-tech/s3-inspector check AWS S3 bucket permissions stars contributorswatcherslast-commit open-issues closed-issues
s3-fuzzer https://github.com/pbnj/s3-fuzzer stars contributorswatcherslast-commit open-issues closed-issues
AWSBucketDump https://github.com/jordanpotti/AWSBucketDump Look For Interesting Files in S3 Buckets stars contributorswatcherslast-commit open-issues closed-issues
s3scan https://github.com/bear/s3scan scan s3 buckets for security issues stars contributorswatcherslast-commit open-issues closed-issues
S3Scanner https://github.com/sa7mon/S3Scanner Scan for open AWS S3 buckets and dump the contents stars contributorswatcherslast-commit open-issues closed-issues
s3finder https://github.com/magisterquis/s3finder open S3 bucket finder stars contributorswatcherslast-commit open-issues closed-issues
S3Scan https://github.com/abhn/S3Scan spider a website and find publicly open S3 buckets stars contributorswatcherslast-commit open-issues closed-issues
s3-meta https://github.com/whitfin/s3-meta Gather metadata about your S3 buckets stars contributorswatcherslast-commit open-issues closed-issues
s3-utils https://github.com/whitfin/s3-utils Utilities and tools based around Amazon S3 to provide convenience APIs in a CLI stars contributorswatcherslast-commit open-issues closed-issues
S3PublicBucketsCheck https://github.com/vr00n/Amazon-Web-Shenanigans A lambda function that checks your account for Public buckets and emails you whenever a new public s3 bucket is created stars contributorswatcherslast-commit open-issues closed-issues
bucket_finder https://github.com/FishermansEnemy/bucket_finder Amazon bucket brute force tool stars contributorswatcherslast-commit open-issues closed-issues
inSp3ctor https://github.com/brianwarehime/inSp3ctor AWS S3 Bucket/Object Finder stars contributorswatcherslast-commit open-issues closed-issues
bucketcat https://github.com/Atticuss/bucketcat Brute-forces objects within a given bucket using Hashcat mask-like syntax stars contributorswatcherslast-commit open-issues closed-issues
aws-s3-data-finder https://github.com/Ucnt/aws-s3-data-finder AWS S3 Sensitive Data Search stars contributorswatcherslast-commit open-issues closed-issues
lazys3 https://github.com/nahamsec/lazys3 bruteforce AWS s3 buckets using different permutations stars contributorswatcherslast-commit open-issues closed-issues
BucketScanner https://github.com/securing/BucketScanner Test objects' permissions in AWS buckets stars contributorswatcherslast-commit open-issues closed-issues
aws-externder-cli https://github.com/VirtueSecurity/aws-extender-cli Test S3 buckets as well as Google Storage buckets and Azure Storage containers to find interesting files stars contributorswatcherslast-commit open-issues closed-issues
festin https://github.com/cr0hn/festin S3 bucket weakness discovery stars contributors watchers last-commit open-issues closed-issues
S3Insights https://github.com/kurmiashish/S3Insights a platform for efficiently deriving security insights about S3 data through metadata analysis stars contributors watchers last-commit open-issues closed-issues
s3_objects_check https://github.com/nccgroup/s3_objects_check Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files. stars contributors watchers last-commit open-issues closed-issues

Training

Name URL Description Popularity Metadata
Flaws.cloud http://flaws.cloud/ flAWS challenge to learn through a series of levels about common mistakes and gotchas when using AWS
Flaws2.cloud http://flaws2.cloud/ flAWS 2 has two paths this time Attacker and Defender! In the Attacker path you'll exploit your way through misconfigurations in serverless (Lambda) and containers (ECS Fargate). In the Defender path that target is now viewed as the victim and you'll work as an incident responder for that same app understanding how an attack happened
CloudGoat https://github.com/RhinoSecurityLabs/cloudgoat Vulnerable by Design AWS infrastructure setup tool stars contributorswatcherslast-commit open-issues closed-issues
dvca https://github.com/m6a-UdS/dvca Damn Vulnerable Cloud Application more info stars contributorswatcherslast-commit open-issues closed-issues
AWSDetonationLab https://github.com/sonofagl1tch/AWSDetonationLab Scripts and templates to generate some basic detections of the AWS security services stars contributorswatcherslast-commit open-issues closed-issues
OWASPServerlessGoat https://github.com/OWASP/Serverless-Goat OWASP ServerlessGoat is a deliberately insecure realistic AWS Lambda serverless application maintained by OWASP for educational purposes. Single click installation through the AWS Serverless Application Repository. stars contributorswatcherslast-commit open-issues closed-issues
Sadcloud https://github.com/nccgroup/sadcloud A tool for spinning up insecure AWS infrastructure with Terraform. It supports approx. 84 misconfigurations across 22 AWS Services. stars contributorswatcherslast-commit open-issues closed-issues
BigOrange Actions https://bigorange.cloud/actions/ Paste your IAM Policy and get a list of Actions it can effectively perform
IncidentResponseGenerator https://github.com/disruptops/IncidentResponseGenerator Incident response generator for training classes stars contributorswatcherslast-commit open-issues closed-issues
Leonidas https://github.com/fsecurelabs/leonidas Automated Attack Simulation in the Cloud complete with detection use cases. stars contributors watchers last-commit open-issues closed-issues
Breaking and Pwning Apps and Servers on AWS and Azure https://github.com/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training! stars contributorswatcherslast-commit open-issues closed-issues
terragoat https://github.com/bridgecrewio/terragoat "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments. stars contributors watchers last-commit open-issues closed-issues
cfngoat https://github.com/bridgecrewio/cfngoat "Vulnerable by Design" cloudformation repository. CfnGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments. stars contributors watchers last-commit open-issues closed-issues
CDKgoat https://github.com/bridgecrewio/cdkgoat "Vulnerable by Design" AWS CDK repository. CDKGoat is a learning and training project that demonstrates how common configuration errors can find their way into impartive IAC such as AWS CDK. stars contributors watchers last-commit open-issues closed-issues
aws_exposable_resources https://github.com/SummitRoute/aws_exposable_resources Resource types that can be publicly exposed on AWS stars contributors watchers last-commit open-issues closed-issues

Other interesting tools/code

Honey-token:

More Resources:

License

MIT License & cc license

Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License.

To the extent possible under law, Paul Veillard has waived all copyright and related or neighboring rights to this work.