Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
翻译 - Bridgecrew使用Checkov防止在Terraform,Cloudformation,Kubernetes,无服务器框架和其他基础架构代码语言的构建期间对云进行错误配置。
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
翻译 - AWS 开发框架,旨在测试 Amazon Web Services 环境的安全性。
🛡️ Awesome Cloud Security Resources ⚔️
IAM Least Privilege Policy Generator
翻译 - IAM最低特权策略生成器
Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.
翻译 - Cloudsplaining是一种AWS IAM安全评估工具,可识别违反最小特权的行为并生成风险优先报告。
TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production...
翻译 - TerraGoat是Bridgecrew的“设计易受攻击” Terraform存储库。 TerraGoat是一个学习和培训项目,它演示了常见的配置错误如何将其发现到生产云环境中。
Example solutions demonstrating how to implement patterns within the AWS Security Reference Architecture guide using CloudFormation (including Customizations for AWS Control Tower) and Terraform.
ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring supporting 100s of services and evaluations to harden your CSP & ...
Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!
翻译 - 我们非常受欢迎的AWS和Azure上的Breaking and Pwning应用程序和服务器的课程内容,实验室设置说明和文档,动手培训!
