Cloud Container Attack Tool (CCAT)
A tool for testing security of container environments, particularly in cloud settings.
Bridgecrew
Bridgecrew automates the identification and remediation of misconfigurations in cloud infrastructure, leveraging its open-source tool Checkov for static analysis of IaC templates.
Azucar
Archived
Security Assessment & Audit
Security auditing tool for Azure environments
Mend.io
Mend.io is a platform that integrates security into the software development lifecycle, focusing on open-source dependencies and codebases.
Leonidas
Automated Attack Simulation in the Cloud, complete with detection use cases.
Checkmarx SAST
A static application security testing tool that identifies and mitigates security vulnerabilities early in the software development life cycle.
Selefra
The open-source policy-as-code software that provides analysis for Multi-Cloud and SaaS environments, you can get insight with natural language (powered by OpenAI).
Snyk Cloud
Snyk Cloud secures cloud environments by integrating security checks into the development lifecycle, automating scans and continuous monitoring of cloud configurations.
AWS WAF Sample
Archived
Threat Detection & Response
This repository contains example scripts and sets of rules for the AWS WAF service. Please be aware that the applicability of these examples to specific workloads may vary.
Snyk Cloud Security
A platform for securing cloud-native applications and infrastructure by integrating security into the software development lifecycle.
GCPBucketBrute
A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated.
Spectral
A DevSecOps tool that integrates security into the software development lifecycle, focusing on secret protection and code security.