TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.

Whois for the Cloud: Recon tool for cloud provider attribution. Supports AWS, Azure, Google, Cloudflare, and Digital Ocean.

Nuke a whole AWS account and delete all its resources.

This publication is a collection of various common attack scenarios on Microsoft Entra ID (formerly known as Azure Active Directory) and how they can be mitigated or detected.

CloudTracker helps you find over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies.

Collection of example YARA-L rules for use within Google Security Operations

Main Sigma Rule Repository

A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

BadZure orchestrates the setup of Azure AD tenants, populating them with diverse entities while also introducing common security misconfigurations to create vulnerable tenants with multiple attack …

Prowler is the Open Cloud Security for AWS, Azure, GCP, Kubernetes, M365 and more. As agent-less, it helps for continuous monitoring, security assessments & audits, incident response, compliance, h…

Linux, Jenkins, AWS, SRE, Prometheus, Docker, Python, Ansible, Git, Kubernetes, Terraform, OpenStack, SQL, NoSQL, Azure, GCP, DNS, Elastic, Network, Virtualization. DevOps Interview Questions

PowerShell framework to assess Azure security

Search exposed EBS volumes for secrets

Route53/CloudFront Vulnerability Assessment Utility

WeirdAAL (AWS Attack Library)

The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

OWASP CRS (Official Repository)

Tfsec is now part of Trivy

Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources

Vulnerability Static Analysis for Containers

Checks whether Docker is deployed according to security best practices as defined in the CIS Docker Benchmark

Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark

PHP code to determine which reality (Server OS and web app versions) the app is running in (yeah... it's a play on Rick and Morty)

Generate an IAM policy from AWS, Azure, or Google Cloud (GCP) calls using client-side monitoring (CSM) or embedded proxy

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

Community Security Analytics provides a set of community-driven audit & threat queries for Google Cloud

☁️ ⚡ Granular, Actionable Adversary Emulation for the Cloud

Hunting queries and detections

Multi-Cloud Security Auditing Tool