cloud-security · GitHub Topics | GitHub 中文社区

Wazuh - 开源安全平台

security compliance log-analysis vulnerability-detection cybersecurity file-integrity-monitoring infosec malware-detection cloud-security container-security

C++11.04 k

21 小时前

terrascan

@tenable

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

翻译 - 在配置云原生基础架构之前，将整个基础架构中的合规性和安全违规行为作为代码进行检测，以降低风险。

security-tools infrastructure-as-code devsecops devops security terraform aws cloudsecurity cloud-security terrascan

Go4.77 k

10 天前

kubernetes-goat

@madhuakula

Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀

翻译 - Kubernetes山羊是一个“易受设计攻击的” Kubernetes集群。

kubernetes vulnerable-app security hacking pentesting infrastructure cloud-security docker container kubernetes-goat

HTML4.46 k

7 天前

consoleme

Netflix奈飞@Netflix

A Central Control Plane for AWS Permissions and Access

翻译 - ConsoleMe将多个AWS账户的管理整合到一个界面中。它允许您的最终用户和管理员获取您不同帐户的凭据，并允许您的用户/管理员管理或请求云权限。

aws-iam aws security-tools cloud-security

Python3.15 k

5 个月前

@teamssix

Cloud Exploitation Framework 云环境利用框架，方便安全人员在获得 AK 的后续工作

cloud cloudsecurity cybersecurity redteam alibabacloud aliyun cyber-security cloud-security tencentcloud aws

Go2.15 k

1 年前🇨🇳

awesome-cloud-security

@4ndersonLin

🛡️ Awesome Cloud Security Resources ⚔️

security cloud-computing cloud-security cybersecurity aws aws-security azure azure-security gcp gcp-security

2.08 k

15 天前

cloudsplaining

Salesforce@salesforce

Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.

翻译 - Cloudsplaining是一种AWS IAM安全评估工具，可识别违反最小特权的行为并生成风险优先报告。

aws aws-iam cloud security salesforce aws-security cloud-security iam hacktoberfest

JavaScript1.97 k

2 个月前

cloudfox

Bishop Fox@BishopFox

Automating situational awareness for cloud penetration tests.

aws cloud cloud-security golang penetration-testing-tools

Go1.91 k

3 个月前

stratus-red-team

Datadog, Inc.@DataDog

☁️ ⚡ Granular, Actionable Adversary Emulation for the Cloud

翻译 - ☁️ :zap：云的粒度、可操作的对手仿真。

aws adversary-emulation purple-team mitre-attack cloud-security cloud-native-security detection-engineering threat-detection security

Go1.82 k

11 天前

hackingthe.cloud

@Hacking-the-Cloud

An encyclopedia for offensive and defensive security knowledge in cloud native technologies.

翻译 - hackingthe.cloud的内容

hacking aws hacking-cloud azure gcp penetration-testing cloud cloud-security

Dockerfile1.72 k

10 天前

terragoat

@bridgecrewio

TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production...

翻译 - TerraGoat是Bridgecrew的“设计易受攻击” Terraform存储库。 TerraGoat是一个学习和培训项目，它演示了常见的配置错误如何将其发现到生产云环境中。

terraform aws-security cloud-security goat

HCL1.16 k

2 个月前

ElectricEye

@jonrau1

ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring supporting 100s of services and evaluations to harden your CSP & ...

continuous-compliance security-tools security-audit cloud-security security-monitoring well-architected security-hardening aws-security soar security-hub

Python959

12 天前

SkyArk

CyberArk@cyberark

SkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS

翻译 - SkyArk帮助发现，评估和保护Azure和AWS中特权最高的实体

cloud-security powershell security-tools privileges cloud aws admins attacker threat azure

PowerShell871

2 年前

CloudBrute

@0xsha

Awesome cloud enumerator

翻译 - 很棒的云枚举器

bugbounty cloud cloud-security s3-bucket amazon vultr google linode cloud-storage pentesting

Go869

3 个月前

Attack_Code

@Esonhugh

文章 Attack Code 的详细全文。安全和开发总是具有伴生属性，尤其是云的安全方向，本篇文章是希望能帮助到读者的云安全入门材料。Full text of the article Attack Code. Security and development always have concomitant attributes, and this is especially true with t...

article cloud cloud-security cloudsecurity introduction security

Shell535

9 个月前🇨🇳

varc

@cado-security

Volatile Artifact Collector collects a snapshot of volatile data from a system. It tells you what is happening on a system, and is of particular use when investigating a security incident.

aws aws-fargate aws-lambda cloud-security dfir dfir-automation forensics memory-forensics aws-forensics docker-forensics

Python251

2 个月前

smogcloud

Bishop Fox@BishopFox

Find cloud assets that no one wants exposed 🔎 ☁️

翻译 - 查找没人想暴露的云资产🔎️

security-tools amazonaws cloud-security api-documentation aws attack-surface penetration-testing cloud infosec blueteam

Go80

4 年前