prowlerProwler is an Open Source Security tool for AWS, Azure and GCP to perform Cloud Security best practices assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. It contains hundreds of controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.
Stars: ✭ 8,046 (+76.41%)
LynisLynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Stars: ✭ 9,137 (+100.33%)
ElectriceyeContinuously monitor your AWS services for configurations that can lead to degradation of confidentiality, integrity or availability. All results will be sent to Security Hub for further aggregation and analysis.
Stars: ✭ 255 (-94.41%)
havengrc☁️Haven GRC - easier governance, risk, and compliance 👨⚕️👮♀️🦸♀️🕵️♀️👩🔬
Stars: ✭ 83 (-98.18%)
CIS-Ubuntu-20.04-AnsibleAnsible Role to Automate CIS v1.1.0 Ubuntu Linux 18.04 LTS, 20.04 LTS Remediation
Stars: ✭ 150 (-96.71%)
Terraform Aws Secure BaselineTerraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.
Stars: ✭ 596 (-86.93%)
ContentSecurity automation content in SCAP, OSCAL, Bash, Ansible, and other formats
Stars: ✭ 1,219 (-73.27%)
cis benchmarks auditSimple command line tool to check for compliance against CIS Benchmarks
Stars: ✭ 182 (-96.01%)
TerrascanDetect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
Stars: ✭ 2,687 (-41.09%)
HardentheworldHarden the world is a community driven project to develop hardening guidelines and checklists for common software and devices.
Stars: ✭ 158 (-96.54%)
Kube Scankube-scan: Octarine k8s cluster risk assessment tool
Stars: ✭ 566 (-87.59%)
Awesome AwsA curated list of awesome Amazon Web Services (AWS) libraries, open source repos, guides, blogs, and other resources. Featuring the Fiery Meter of AWSome.
Stars: ✭ 9,895 (+116.95%)
Cloud CustodianRules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources
Stars: ✭ 3,926 (-13.92%)
SmogcloudFind cloud assets that no one wants exposed 🔎 ☁️
Stars: ✭ 168 (-96.32%)
Gdpr TrackerA crowdsourced directory tracking the compliance and security practices of cloud services and their subprocessors
Stars: ✭ 142 (-96.89%)
Audit scriptsScripts to gather system configuration information for offline/remote auditing
Stars: ✭ 55 (-98.79%)
PurifyAll-in-one tool for managing vulnerability reports from AppSec pipelines
Stars: ✭ 72 (-98.42%)
HardeningHardening Ubuntu. Systemd edition.
Stars: ✭ 705 (-84.54%)
lunasecLunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
Stars: ✭ 1,261 (-72.35%)
AwlessA Mighty CLI for AWS
Stars: ✭ 4,821 (+5.7%)
SkyarkSkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS
Stars: ✭ 526 (-88.47%)
Aws ShellAn integrated shell for working with the AWS CLI.
Stars: ✭ 6,359 (+39.42%)
My LinksKnowledge seeks no man
Stars: ✭ 311 (-93.18%)
Aws Securitygroup GrapherThis ansible role gets information from an AWS VPC and generate a graphical representation of security groups
Stars: ✭ 93 (-97.96%)
Cloud Security AuditA command line security audit tool for Amazon Web Services
Stars: ✭ 68 (-98.51%)
CloudsploitCloud Security Posture Management (CSPM)
Stars: ✭ 1,338 (-70.66%)
AwsprocesscredsProcess credential providers for AWS SDKs and Tools
Stars: ✭ 123 (-97.3%)
OpencspmOpen Cloud Security Posture Management Engine
Stars: ✭ 191 (-95.81%)
Aws Auto RemediateOpen source application to instantly remediate common security issues through the use of AWS Config
Stars: ✭ 191 (-95.81%)
SawsA supercharged AWS command line interface (CLI).
Stars: ✭ 4,886 (+7.13%)
ad-privileged-auditProvides various Windows Server Active Directory (AD) security-focused reports.
Stars: ✭ 42 (-99.08%)
Golang TlsSimple Golang HTTPS/TLS Examples
Stars: ✭ 857 (-81.21%)
VulsAgent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Stars: ✭ 8,844 (+93.9%)
MarsnakeSystem Optimizer and Monitoring, Security Auditing, Vulnerability scanner for Linux, macOS, and UNIX-based systems
Stars: ✭ 16 (-99.65%)
CheckovPrevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.
Stars: ✭ 3,572 (-21.68%)
TfsecSecurity scanner for your Terraform code
Stars: ✭ 3,622 (-20.59%)
KubestrikerA Blazing fast Security Auditing tool for Kubernetes
Stars: ✭ 213 (-95.33%)
Aws CliUniversal Command Line Interface for Amazon Web Services
Stars: ✭ 11,804 (+158.8%)
UBUNTU20-CISAnsible role for Ubuntu 2004 CIS Baseline
Stars: ✭ 136 (-97.02%)
dep-scanFully open-source security audit for project dependencies based on known vulnerabilities and advisories. Supports both local repos and container images. Integrates with various CI environments such as Azure Pipelines, CircleCI and Google CloudBuild. No server required!
Stars: ✭ 346 (-92.41%)
cliThe universal GraphQL API and CSPM tool for AWS, Azure, GCP, K8s, and tencent.
Stars: ✭ 811 (-82.22%)
virgil-crypto-javascriptVirgil JavaScript Crypto Library is a high-level cryptographic library that allows you to perform all necessary operations for secure storing and transferring data and everything required to become HIPAA and GDPR compliant.
Stars: ✭ 31 (-99.32%)
OpendsrA common framework enabling companies to work together to protect consumers' privacy and data rights.
Stars: ✭ 295 (-93.53%)
privapiDetect Sensitive REST API communication using Deep Neural Networks
Stars: ✭ 42 (-99.08%)
nerfballWant to see how something like Internet Chemotherapy works without bricking your own vms? This is a jail to reduce the python runtime from doing bad things on the host when running untrusted code. Nerf what you do not need 👾 + 🐛 ⚽ 🏈 🐳
Stars: ✭ 19 (-99.58%)
LeappLeapp is the tool to access your cloud; It securely stores your access information and generates temporary credential sets to access your cloud ecosystem from your local machine.
Stars: ✭ 306 (-93.29%)
nim-contraLightweight Self-Documenting Design by Contract Programming and Security Hardened mode.
Stars: ✭ 46 (-98.99%)
MantOSLIFARS Networking Security GNU/Linux distro
Stars: ✭ 24 (-99.47%)
wazuh-packagesWazuh - Tools for packages creation
Stars: ✭ 54 (-98.82%)
LogESPOpen Source SIEM (Security Information and Event Management system).
Stars: ✭ 162 (-96.45%)
LOCKLEVELA prototype that demonstrates a method for scoring how well Windows systems have implemented some of the top 10 Information Assurance mitigation strategies. #nsacyber
Stars: ✭ 98 (-97.85%)
cscannerAn open source, multi-cloud DevSecOps compliance checker
Stars: ✭ 19 (-99.58%)
Aws GateBetter AWS SSM Session manager CLI client
Stars: ✭ 294 (-93.55%)
assimilation-officialThis is the official main repository for the Assimilation project
Stars: ✭ 47 (-98.97%)