409 Open source projects that are alternatives of or similar to aa-policy-validator

A schema and set of tools for using SQL to query cloud infrastructure.

Active Directory ACL Visualizer and Explorer - who's really Domain Admin?

Terraform Module to Provision a Basic IAM System User Suitable for CI/CD Systems (E.g. TravisCI, CircleCI)

A support library for Ronin. Like activesupport, but for hacking!

An inventory of tools and resources about CyberSecurity that aims to help people to find everything related to CyberSecurity.

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

GZip HTTP Bombing in Python for everyone

Nozzlr is a bruteforce framework, trully modular and script-friendly

An Identity and Access Management (IAM) / Single-Sign-On (SSO) platform with web UI supporting OAuth 2.0, OIDC, SAML and CAS, QQ group: 645200447

The initial conversation slides and menu of scenarios

Script to spider a website and find publicly open S3 buckets

Terraform Modules by Peak

CLI for working with the ALKS service.

Little Bug Bounty & Hacking Tools⚔️

Assumes an IAM role via awscli STS call, injecting temporary credentials into shell environment

Go Wrapper for using localstack

🔑 Hash type identifier (CLI & lib)

Pass in a list of URLs with query strings, get back a unique list of URLs and query string combinations

☁️ Import AWS EC2 tags as environment variables

Helm chart of Openldap in High availability with multi-master replication and PhpLdapAdmin and Ltb-Passwd

Astra is a tool to find URLs and secrets inside a webpage/files

One stop place for exploiting Jira instances in your proximity

Collection of Terraform modules for frontend app deployment on AWS.

Totally Insecure Web Application Project (TIWAP)

Information Security Library

Zero-setup SSH-based scanner with extensive visualizations for Debian server inventory, policy compliance and vulnerabilities

goverview - Get an overview of the list of URLs

Securely access AWS services from GKE cluster

An introduction to security for developers.

No description or website provided.

Auth users connecting via SSH with IAM

An authentication module for Apache httpd using JSON Web Tokens

Security challenges and CTFs created by the Penultimate team.

🦁 Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and search for config or backup files.

Find exposed API keys based on RegEx and get exploitation methods for some of keys that are found

This script will automatically set up an OSINT workstation starting from a Ubuntu OS.

Collection of several DDos tools.

DDTTX Tabletop Trainings

Scan installed EDRs and AVs on Windows

This document proposes a way of standardising the structure, language, and grammar used in security policies.

IAM dataset

Get GTFOBins info about a given exploit from the command line

Some good resources for getting started with application security

Python Tutorial - || Advanced Keylogger || Code Walk-through || Hacking/Info-Sec ||

Exploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)

No description or website provided.

unix wildcard attacks

A Heroku-based web honeypot that can be used to create and monitor fake HTTP endpoints (i.e. honeytokens).

This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.

AWS IAM inspired policy engine in Rust

Collection of penetration test reports and pentest report templates. Published by the the best security companies in the world.

Database of journal policies: TRANsparency in Scholarly Publishing for Open Scholarship Evolution

Deploy a secured, clustered, auto-scaling NiFi service in AWS.

PrivX - Just-in-time Access Management

You didn't think I'd go and leave the blue team out, right?

AppSync for Relay

Generates an IAM policy for the CloudFormation service role that adheres to least privilege.

Handwritten text recognition using transformers.

🌒 Shell command obfuscation to avoid detection systems

An integrated tool and a collection of snippets which helps in the various aspects of the terminal.