一个支持如ACL, RBAC, ABAC等访问模型,可用于Golang, Java, C/C++, Node.js, Javascript, PHP, Laravel, Python, .NET (C#), Delphi, Rust, Ruby, Lua (OpenResty), Dart (Flutter)和Elixir的授权库。
Open Source Cloud Native Application Protection Platform (CNAPP)
翻译 - 识别运行容器、图像、主机和存储库中的漏洞
Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
翻译 - 在配置云原生基础架构之前,将整个基础架构中的合规性和安全违规行为作为代码进行检测,以降低风险。
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀
翻译 - Kubernetes山羊是一个“易受设计攻击的” Kubernetes集群。
Cloud Exploitation Framework 云环境利用框架,方便安全人员在获得 AK 的后续工作
IAM Least Privilege Policy Generator
翻译 - IAM最低特权策略生成器
awesome cloud security 收集一些国内外不错的云安全资源,该项目主要面向国内的安全人员
#博客#This repo includes Books and imp notes related to GCP, Azure, AWS, Docker, K8s, and DevOps. More, exam and interview prep notes.
A tool for quickly evaluating IAM permissions in AWS.
Cloudlist is a tool for listing Assets from multiple Cloud Providers.
Extensible auto-tagger for your IaC files. The ultimate way to link entities in the cloud back to the codified resource which created it.
翻译 - IaC 文件的可扩展自动标记器。将云中的实体链接回创建它的编码资源的最终方法。
#大语言模型#A secure low code honeypot framework, leveraging AI for System Virtualization.
Open Source Cloud Security
TerraformGoat is HXSecurity research lab's "Vulnerable by Design" multi cloud deployment tool.
TerraformGoat is HXSecurity research lab's "Vulnerable by Design" multi cloud deployment tool.
文章 Attack Code 的详细全文。安全和开发总是具有伴生属性,尤其是云的安全方向,本篇文章是希望能帮助到读者的云安全入门材料。Full text of the article Attack Code. Security and development always have concomitant attributes, and this is especially true with t...
Dow Jones Hammer : Protect the cloud with the power of the cloud(AWS)
一款帮助云租户发现和测试云上风险、增强云上防护能力的综合性开源工具