Updated: Aug 17
Note: I've made a massive Update on the Repo and merged with other repo so you can get the last info
Cloud Security Sometimes can be so complex sometimes is so simple.
We've created the unification of tools and technology for these reasons.
Nonetheless, if you have spare capacity of your engineering or cloud DevOps team you should definitely try some of those tools.
I'll keep on updating this list on git repo: NSC42 - Cloud Tool Arsenal - GIT
Cloud-Security-Resources- NEW REPO
List of cloud Security Resources and tools
Disclaimer: This is a group of tools references and resources put together for AWS, Azure and GCP. Feel free to reference it and use it. - Quote the author as I've done when someone else's list
Table of Contents
This is a group of tools references and resources put together for AWS, Azure and GCP. Feel free to reference it and use it.
Please quote the author :) be kind
Thanks to this amazing list of contributors Tony de la Fuente where most of this list comes from (https://github.com/toniblyx/my-arsenal-of-aws-security-tools)
CSA CCM - https://cloudsecurityalliance.org/research/working-groups/cloud-controls-matrixCSA Maturity MatrixYesHighSentinel Terraform Templates
This list of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc
Short Arsenal List
https://github.com/salesforce/cloudsplaining.git - AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized HTML report with a triage worksheet.
CloudSplaining - https://cloudsplaining.readthedocs.io/
Prowler - Audit - https://github.com/toniblyx/prowler - Tool based on AWS-CLI commands for AWS account hardening, following guidelines of the CIS Amazon Web Services Foundations Benchmark
SCOUT2 - https://github.com/cloudsploit/scans Scout2 - Security auditing tool for AWS environments
AWS Inspector - https://aws.amazon.com/inspector/AuditAWSAWS security scanning checks
Netflix Security Monkey https://github.com/Netflix/security_monkey
AWSNetflix/security_monkey - Security Monkey monitors your AWS and GCP accounts for policy changes and alerts on insecure configuration
Netflix AardvarkTool- https://github.com/Netflix/security_monkey - Netflix/Aardvark is a multi-account AWS IAM Access Advisor API
Netflix RepoKidTool - https://github.com/Netflix/repokid - Least Privilege for Distributed, High-Velocity Deployment
Nimbostratus https://github.com/andresriancho/nimbostratus Fingerprinting and Exploiting Cloud infra nimbostratus - Tools for fingerprinting and exploiting Amazon cloud infrastructures + video presentation and intro blog post Instruction Link: https://andresriancho.github.io/nimbostratus/
S3 Buckets Auditing:
StreamAlert - data analytics - https://github.com/airbnb/streamalert
Leaks - a list of some biggest leaks recorded - https://github.com/nagwww/s3-leaks
Rhino Labs Research https://github.com/RhinoSecurityLabs/Cloud-Security-Research
Dufflebag - Search exposed EBS volumes for secrets - https://github.com/bishopfox/dufflebag
IAM Reference https://github.com/rvedotrc/aws-iam-reference
Thinkst Canary https://github.com/thinkst/canarytokens-docker
Serverless & Lambda:
https://github.com/Skyscanner/LambdaGuard - LambdaGuard is an AWS Lambda auditing tool designed to create asset visibility and provide actionable results.
If you want a quick view of the repo: