| Prowler |
Prowler is an Open Source Security tool for AWS, Azure and GCP to perform Cloud Security best practices assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more. (Python) |
 |
     |
| CloudMapper |
helps you analyze your AWS environments (Python) |
 |
     |
| ScoutSuite |
Multi-Cloud Security auditing tool for AWS Google Cloud and Azure environments (python) |
 |
     |
| CloudCustodian |
Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources |
 |
     |
| ICE |
Ice provides insights from a usage and cost perspective with high detail dashboards. |
 |
     |
| CloudSploit Scans |
AWS security scanning checks (NodeJS) |
 |
     |
| AWS Network Access Analyzer |
Automation for Amazon VPC Network Access Analyzer to identify all possible Internet Gateway reachability for your resources across all your AWS accounts |
 |
     |
| CloudTracker |
helps you find over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies (Python) |
 |
     |
| AWS Security Benchmarks |
scripts and templates guidance related to the AWS CIS Foundation framework (Python) |
 |
     |
| AWS Public IPs |
Fetch all public IP addresses tied to your AWS account. Works with IPv4/IPv6 Classic/VPC networking and across all AWS services (Ruby) |
 |
     |
| PMapper |
Advanced and Automated AWS IAM Evaluation (Python) |
 |
     |
| nccgroup AWS-Inventory |
Make a inventory of all your resources across regions (Python) |
 |
     |
| Resource Counter |
Counts number of resources in categories across regions |
 |
     |
| SkyArk |
SkyArk provides advanced discovery and security assessment for the most privileged entities in the tested AWS. |
 |
     |
| findmytakeover |
find dangling domains in a multi cloud environment |
 |
     |
| Trailblazer AWS |
Trailblazer AWS determine what AWS API calls are logged by CloudTrail and what they are logged as. You can also use TrailBlazer as an attack simulation framework. |
 |
     |
| Lunar |
Security auditing tool based on several security frameworks (it does some AWS checks) |
 |
     |
| Cloud-reports |
Scans your AWS cloud resources and generates reports |
 |
     |
| Pacbot |
Platform for continuous compliance monitoring compliance reporting and security automation for the cloud |
 |
     |
| cs-suite |
Integrates tools like Scout2 and Prowler among others |
 |
     |
| aws-key-disabler |
A small lambda script that will disable access keys older than a given amount of days |
 |
     |
| Antiope |
AWS Inventory and Compliance Framework |
 |
     |
| Cloud Reports |
Scans your AWS cloud resources and generates reports and includes security best practices. |
|
|
| Terraform AWS Secure Baseline |
Terraform module to set up your AWS account with the secure |
 |
     |
| ZeusCloud |
Discover, prioritize, and remediate security risks in your AWS cloud environments. |
 |
     |
| Cartography |
Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database. |
 |
     |
| TrailScraper |
A command-line tool to get valuable information out of AWS CloudTrail |
 |
     |
| Komiser |
Cloud Environment Inspector analyze and manage cloud cost usage security and governance in one place. |
 |
     |
| Perimeterator |
AWS perimeter monitoring. Periodically scan internet facing AWS resources to detect misconfigured services |
 |
     |
| PolicySentry |
IAM Least Privilege Policy Generator auditor and analysis database |
 |
     |
| Zeus |
AWS Auditing & Hardening Tool |
 |
     |
| janiko71 AWS-inventory |
Python script for AWS resources inventory |
 |
     |
| awspx |
A graph-based tool for visualizing effective access and resource relationships in AWS environments |
 |
     |
| clinv |
DevSecOps command line asset inventory tool |
 |
     |
| aws-gate |
Enhanced AWS SSM Session manager CLI client |
 |
     |
| Detecting Credential Compromise |
Detecting of your compromised credential in AWS |
 |
     |
| AWS-Security-Toolbox (AST) |
AWS Security Toolbox (Docker Image) for Security Assessments |
 |
     |
| iam-lint |
Github action for linting AWS IAM policy documents for correctness and possible security issues |
 |
     |
| aws-security-viz |
A tool to visualize aws security groups. |
 |
     |
| AirIAM |
Least privilege AWS IAM using Terraform |
 |
     |
| Cloudsplaining |
AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized HTML report. |
 |
     |
| iam-policy-generator |
A simple library to generate IAM policy statements with no need to remember all the actions APIs |
 |
     |
| SkyWrapper |
SkyWrapper helps to discover suspicious creation forms and uses of temporary tokens in AWS |
 |
     |
| aws-recon |
Multi-threaded AWS inventory collection tool |
 |
     |
| iam-policies-cli |
A CLI tool for building simple to complex IAM policies |
 |
     |
| Aaia |
AWS Identity and Access Management Visualizer and Anomaly Finder |
 |
     |
| iam-floyd |
IAM policy statement generator with fluent interface - Available for Node.js, Python, .Net and Java |
 |
     |
| rpCheckup |
AWS resource policy security checkup tool that identifies public, external account access, intra-org account access, and private resources. |
 |
     |
| S3 Exif Cleaner |
Remove EXIF data from all objects in an S3 bucket |
 |
     |
| Steampipe |
Use SQL to instantly query your cloud services (AWS, Azure, GCP and more). Open source CLI. No DB required. (SQL) |
 |
     |
| access-undenied-aws |
Parses AWS AccessDenied CloudTrail events, explains the reasons for them, and offers actionable remediation steps. |
 |
     |
| Metabadger |
Prevent SSRF attacks on AWS EC2 via automated upgrades to the more secure Instance Metadata Service v2 (IMDSv2). |
 |
     |
| AWS-Firewall Factory |
Deploy, update, and stage your WAFs while managing them centrally via FMS (CDK) |
 |
     |
| IAMSpy |
A library that utilises the Z3 prover to attempt to answer questions about AWS IAM. |
 |
     |
| nuvola |
Dump and perform automatic and manual security analysis on AWS environments configurations and services using predefined, extensible and custom rules created using a simple Yaml syntax |
 |
     |
| aws-security-architectures |
Architectures for AWS security. (Detect, Alarm, Macie, etc.) Many architectures will be added in the future. |
 |
     |
| MetaHub for AWS Security Hub |
MetaHub is the CLI utility for AWS Security Hub which provides you with extra functionality like grouping your findings by affected reources, executing MetaChecks and MetaTags directly in the affected resource for enriching your findings, filters on top of MetaChecks and MetaTags, different reports like CSV, JSON and HTML, bulk updates, and enriching your findings directly in AWS Security Hub. |
 |
     |
| Matano |
Matano is an open source cloud-native security lake platform (SIEM alternative) for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS. |
 |
     |
| aws-list-resources |
Uses the AWS Cloud Control API to list resources that are present in a given AWS account and region(s). Discovered resources are written to a JSON output file. |
 |
     |
| aws-summarize-account-activity |
Analyzes CloudTrail data of a given AWS account and generates a summary of recently active IAM principals, API calls they made and regions that were used. The summary is written to a JSON output file and can optionally be visualized as PNG files. |
 |
     |
| aws-lint-iam-policies |
Runs IAM policy linting checks against either a single AWS account or all accounts of an AWS Organization. Reports on policies that violate security best practices or contain errors. Supports both identity-based and resource-based policies. |
 |
     |