confickerp Goto Github PK

amazon-ec2-user-guide

The open source version of the Amazon EC2 User Guide for Linux. To submit feedback or requests for changes, submit an issue or make changes and submit a pull request.

amazon-guardduty-waf-acl

AWS GD2ACL

amplify-console

The AWS Amplify Console provides a Git-based workflow for deploying and hosting fullstack serverless web applications.

aws-automated-incident-response-and-forensics

aws-config-rules

[Node, Python, Java] Repository of sample Custom Rules for AWS Config.

aws-incident-response-runbooks

aws-security-analytics-bootstrap

AWS Security Analytics Bootstrap enables customers to perform security investigations on AWS service logs by providing an Amazon Athena analysis environment that's quick to deploy, ready to use, and easy to maintain.

aws-security-hub-automated-response-and-remediation

AWS Security Hub Automated Response and Remediation is an add-on solution that works with AWS Security Hub to provide a ready-to-deploy architecture and a library of automated playbooks. The solution makes it easier for AWS Security Hub customers to resolve common security findings and to improve their security posture in AWS.

aws-securityhub-multiaccount-scripts

This script automates the process of running the Security Hub multi-account workflow across a group of accounts that are in your control

checkov

Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.

chromesniffer

[deprecated] Chrome Sniffer extension

cloud-bots

Automation and remediation bots for Dome9's (Continuous) Compliance Engine

cloudgoat

CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

cloudtracker

CloudTracker helps you find over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies.

coreruleset

OWASP ModSecurity Core Rule Set (Official Repository)

ecs-refarch-cloudformation

A reference architecture for deploying containerized microservices with Amazon ECS and AWS CloudFormation (YAML)

framework-inspector

Chrome extension to inspect frameworks powered current viewed website

materials

Bonus materials, exercises, and example projects for our Python tutorials

my-arsenal-of-aws-security-tools

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

owasp-testing-checklist

OWASP based Web Application Security Testing Checklist is an Excel based checklist which helps you to track the status of completed and pending test cases.

pmapper

A tool for quickly evaluating IAM permissions in AWS.

prowler

Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains all CIS controls listed here https://d0.awsstatic.com/whitepapers/compliance/AWS_CIS_Foundations_Benchmark.pdf and more than 100 additional checks that help on GDPR, HIPAA and other security requirements.

security-research

Exploits written by the Rhino Security Labs team

trufflehog

Searches through git repositories for high entropy strings and secrets, digging deep into commit history

waf-test

Script for test Web Application Firewall on Amazon Web Service