Note: I've made a massive Update on the Repo and merged with other repo so you can get the last info
Intro
Cloud Security Sometimes can be so complex sometimes is so simple.
We've created the unification of tools and technology for these reasons.
Nonetheless, if you have spare capacity of your engineering or cloud DevOps team you should definitely try some of those tools.
I'll keep on updating this list on git repo: NSC42 - Cloud Tool Arsenal - GIT
Cloud-Security-Resources- NEW REPO
List of cloud Security Resources and tools
Disclaimer: This is a group of tools references and resources put together for AWS, Azure and GCP. Feel free to reference it and use it. - Quote the author as I've done when someone else's list
Table of Contents
Disclaimer:
This is a group of tools references and resources put together for AWS, Azure and GCP. Feel free to reference it and use it.
Please quote the author :) be kind
Contribute
Do you want to contribute to this list? Feel free to send a PR and make sure your tool is Open Source. Repo List: - Cloud Tool Arsenal - GIT
Thanks
Thanks to this amazing list of contributors Tony de la Fuente where most of this list comes from (https://github.com/toniblyx/my-arsenal-of-aws-security-tools)
Reference_Frameworks
CIS - https://www.cisecurity.org/white-papers/cis-controls-cloud-companion-guide/, https://d0.awsstatic.com/whitepapers/compliance/AWS_CIS_Foundations_Benchmark.pdf
CIS control mapping https://www.chrisfarris.com/post/cis-controls/
CSA CCM - https://cloudsecurityalliance.org/research/working-groups/cloud-controls-matrixCSA Maturity MatrixYesHighSentinel Terraform Templates
Terraforms - https://www.terraform.io/docs/cloud/sentinel/index.html
aws security documentation https://docs.aws.amazon.com/security/
Other_Repos
This list of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc
Short Arsenal List
https://github.com/awslabs/aws-perspective - aws Made tool to enumerate all the resource you have into an account. Not specifically security related but great for enumeration.
https://github.com/salesforce/cloudsplaining.git - AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized HTML report with a triage worksheet.
CloudSplaining - https://cloudsplaining.readthedocs.io/
Prowler - Audit - https://github.com/toniblyx/prowler - Tool based on AWS-CLI commands for AWS account hardening, following guidelines of the CIS Amazon Web Services Foundations Benchmark
SCOUT2 - https://github.com/cloudsploit/scans Scout2 - Security auditing tool for AWS environments
AWS Inspector - https://aws.amazon.com/inspector/AuditAWSAWS security scanning checks
Netflix Security Monkey https://github.com/Netflix/security_monkey
AWSNetflix/security_monkey - Security Monkey monitors your AWS and GCP accounts for policy changes and alerts on insecure configuration
Netflix AardvarkTool- https://github.com/Netflix/security_monkey - Netflix/Aardvark is a multi-account AWS IAM Access Advisor API
Netflix RepoKidTool - https://github.com/Netflix/repokid - Least Privilege for Distributed, High-Velocity Deployment
Zeus https://github.com/DenizParlak/Zeus Zeus - AWS Auditing & Hardening Tool http://www.denizparlak.com/?p=386
Nimbostratus https://github.com/andresriancho/nimbostratus Fingerprinting and Exploiting Cloud infra nimbostratus - Tools for fingerprinting and exploiting Amazon cloud infrastructures + video presentation and intro blog post Instruction Link: https://andresriancho.github.io/nimbostratus/
Bucketdump-thttps://github.com/jordanpotti/AWSBucketDumpBucketsAll-AWS
S3 Buckets Auditing:
Training:
Flaws http://flaws.cloud/
Flaws2 http://flaws2.cloud/
Others:
StreamAlert - data analytics - https://github.com/airbnb/streamalert
Leaks - a list of some biggest leaks recorded - https://github.com/nagwww/s3-leaks
Rhino Labs Research https://github.com/RhinoSecurityLabs/Cloud-Security-Research
Dufflebag - Search exposed EBS volumes for secrets - https://github.com/bishopfox/dufflebag
CloudENum https://github.com/initstring/cloud_enum
IAM:
AirIAM https://github.com/bridgecrewio/AirIAM
IAM Reference https://github.com/rvedotrc/aws-iam-reference
PMapper https://github.com/nccgroup/PMapper
CloudSplaining https://github.com/salesforce/cloudsplaining
Honeypots
Spacecrab https://bitbucket.org/asecurityteam/spacecrab
https://breachinsider.com/honey-buckets/
honeyLambda https://github.com/0x4D31/honeyLambda
Thinkst Canary https://github.com/thinkst/canarytokens-docker
Serverless & Lambda:
https://github.com/Skyscanner/LambdaGuard - LambdaGuard is an AWS Lambda auditing tool designed to create asset visibility and provide actionable results.
If you want a quick view of the repo:
Commentaires