README.md

☁️🔒 Welcome to the Cloud Security Resources ☁️🔒

🔍 In this repository, you'll find a collection of my recommended links and resources for staying updated on the latest trends, best practices, and tools in cloud security. Feel free to explore and utilize these resources to enhance your knowledge and practices.

🔍 My main goal for selecting these links is collecting tools that get updates regularly, we do not want to use old ones. As you know, we need to follow the latest best practices and trends in cloud security.

🧠 Cloud Security Posture Management (CSPM)

Resource Name	Description
CloudSploit	CloudSploit by Aqua is an open-source project designed to allow detection of security risks in cloud infrastructure accounts, including: AWS, Microsoft Azure, GCP, OCI, and GitHub.
cartography	Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view
cloud-custodian	Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources
Cloudquery	Use as an open source CSPM solution to monitor and enforce security policies across your cloud infrastructure for AWS, GCP, Azure and many more
ElectricEye	ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring
Magpie	A Cloud Security Posture Manager or CSPM with a focus on security analysis for the modern cloud stack and a focus on the emerging threat landscape such as cloud ransomware and supply chain attacks
Prowler	Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness
ScoutSuite	Multi-Cloud Security Auditing Tool
steampipe-mod-aws-compliance	Individual controls or full compliance benchmarks for CIS, PCI, NIST, HIPAA and more across all of your AWS accounts
Komiser	Open-source cloud-environment inspector
ZeusCloud	Discover, prioritize, and remediate your risks in the cloud
Azure Resource Configuration Scanner	PowerShell script designed to scan and retrieve security related configurations for various Azure resources

🕵️‍♀️ Cloud Pentesting Tools

Resource Name	Description
Cloudfox	Automating situational awareness for cloud penetration tests
hackingthe.cloud	An encyclopedia for offensive and defensive security knowledge in cloud native technologies
cloud_enum	Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud
pacu	The AWS exploitation framework, designed for testing the security of Amazon Web Services environments
CloudBrute	Awesome cloud enumerator
aws-whoami-golang	A tool to show what AWS account and identity you're using
cognito-scanner	A simple script which implements different Cognito attacks such as Account Oracle or Privilege Escalation
EscalateGPT	An AI-powered tool for discovering privilege escalation opportunities in AWS IAM configurations
surf	Escalate your SSRF vulnerabilities on Modern Cloud Environments
Halberd : Multi-Cloud Attack Tool	Halberd enables you to proactively assess your cloud defenses by executing a comprehensive array of attack techniques across Entra ID, M365, Azure, and AWS
CloudShovel	A tool for scanning public or private AMIs for sensitive files and secrets.
Stratus Red Team	Stratus Red Team is "Atomic Red Team™" for the cloud, allowing to emulate offensive attack techniques in a granular and self-contained manner.
ROADtools	ROADtools is a framework to interact with Azure AD. It consists of a library (roadlib) with common components, the ROADrecon Azure AD exploration tool and the ROADtools Token eXchange (roadtx) tool.
bucket-shield	BucketShield is an open-source tool designed to simulate and detect numerous actions that can disrupt the flow of AWS CloudTrail logs to their configured S3 Buckets.

✍🏻 Cloud Pentesting Labs

Resource Name	Description
AWSGoat	AWSGoat : A Damn Vulnerable AWS Infrastructure
Big IAM Challenge by Wiz	Test Your Cloud Security Skills
iam-vulnerable	Use Terraform to create your own vulnerable by design AWS IAM privilege escalation playground

👁 Cloud Asset Management & Activity Monitoring

Resource Name	Description
aws-list-resources	List your AWS resources in a given AWS account and region(s)
aws-summarize-account-activity	Analyzes CloudTrail data of a given AWS account and generates a summary of recently active IAM principals, API calls they made, as well as regions, IP addresses and user agents they used
wut.dev	Wut.dev is a client-side browser for AWS Organizations and SCPs
Cloud Console Cartographer	Cloud Console Cartographer is a framework for condensing groupings of cloud events
threat-composer	A simple threat modeling tool to help humans to reduce time-to-value when threat modeling
cloudtail	CloudTail is an open-source tool designed to simplify the long-term retention and searchability of cloud logs from cloud platforms like AWS and Azure
RansomWhen	RansomWhen is a tool to enumerate identities that can lock S3 Buckets using KMS, resulting in ransomwares, as well as detect occurances of S3 Ransomwares using KMS.

🦾 Infrastructure as Code (IaC) Security

Resource Name	Description
Checkov	Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code
cdk-nag	Check CDK applications for best practices using a combination of available rule packs
kics	Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx
terrascan	Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure
tfsec	Security scanner for your Terraform code
tfprovidercheck	CLI to prevent malicious Terraform Providers from being executed
terraform-iam-policy-validator	A command line tool that validates AWS IAM Policies in a Terraform template against AWS IAM best practices

🛡 If you have any additional links to contribute, please submit a pull request. Let's build a comprehensive repository to support the cloud security community together! 🌊