Lucene search
K

53 matches found

Kitploit
Kitploit
added 2020/04/30 9:30 p.m.57 views

SkyWrapper - Tool That Helps To Discover Suspicious Creation Forms And Uses Of Temporary Tokens In AWS

SkyWrapper is an open-source project which analyzes behaviors of temporary tokens created in a given AWS account. The tool is aiming to find suspicious creation forms and uses of temporary tokens to detect malicious activity in the account. The tool analyzes the AWS account, and creating an excel...

6.8AI score
Exploits0References2
Microsoft Secure
Microsoft Secure
added 2020/02/20 2:0 p.m.50 views

Free import of AWS CloudTrail logs through June 2020 and other exciting Azure Sentinel updates

SecOps teams are increasingly challenged to protect assets across distributed environments, analyze the growing volume of security data, and prioritize response to real threats. As a cloud-native SIEM solution security information and event management, Azure Sentinel uses artificial intelligence ...

6.9AI score
Exploits0
Imperva Blog
Imperva Blog
added 2020/01/28 3:54 p.m.32 views

Automating API Security in the Cloud

These days, the most common way for services to communicate and transfer data is by using APIs. However, broken, exposed, or hacked APIs are the cause of some of the latest major data breaches, as they have the potential to expose sensitive data for public consumption. Securing your APIs is...

7AI score
Exploits0
Kitploit
Kitploit
added 2019/09/30 12:0 p.m.147 views

Terraform AWS Secure Baseline - Terraform Module To Set Up Your AWS Account With The Secure Baseline Configuration Based On CIS Amazon Web Services Foundations

Terraform Module Registry A terraform module to set up your AWS account with the reasonably secure configuration baseline. Most configurations are based on CIS Amazon Web Services Foundations v1.2.0. See Benchmark Compliance to check which items in CIS benchmark are covered. Starting from v0.10.0...

7AI score
Exploits0References11
n0where
n0where
added 2018/11/08 3:21 a.m.107 views

The AWS Exploitation Framework: Pacu

Pacu is an open source AWS exploitation framework, designed for offensive security testing against cloud environments. Created and maintained by Rhino Security Labs, Pacu allows penetration testers to exploit configuration flaws within an AWS account, using modules to easily expand its...

0.8AI score
Exploits0References2
Rhino Security Labs
Rhino Security Labs
added 2018/10/02 3:14 p.m.62 views

AWS IAM Enumeration 2.0: Bypassing CloudTrail Logging

The post AWS IAM Enumeration 2.0: Bypassing CloudTrail Logging appeared first on Rhino Security Labs...

3.5AI score
Exploits0
Kitploit
Kitploit
added 2018/07/22 10:12 p.m.114 views

Cloud Custodian - Rules Engine For Cloud Security, Cost Optimization, And Governance, DSL In Yaml For Policies To Query, Filter, And Take Actions On Resources

Cloud Custodian is a rules engine for AWS fleet management. It allows users to define policies to enable a well managed cloud infrastructure, that's both secure and cost optimized. It consolidates many of the adhoc scripts organizations have into a lightweight and flexible tool, with unified...

7.7AI score
Exploits0References2
Kitploit
Kitploit
added 2018/04/15 1:32 p.m.19 views

AWS Pwn - A Collection Of AWS Penetration Testing Junk

This is a collection of horribly written scripts for performing various tasks related to penetration testing AWS. Please don't be sad if it doesn't work for you. It might be that AWS has changed since a given tool was written or it might be that the code sux. Either way, please feel free to...

7.6AI score
Exploits0References3
Trend Micro Simply Security
Trend Micro Simply Security
added 2017/08/14 4:1 p.m.53 views

Amazon Macie and Deep Security

Amazon S3 stores trillions of objects and regularly peaks at millions of requests per second. By any metric, it’s massive. With unparalleled durability and availability, it’s the backbone of AWS’ data services. This morning at the AWS Summit in New York City, AWS launched a new service: Amazon...

6.7AI score
Exploits0
Kitploit
Kitploit
added 2017/07/05 2:13 p.m.21 views

Zeus - AWS EC2 / S3 Auditing & Hardening Tool

Zeus is a powerful tool for AWS EC2 / S3 best hardening practices. It checks security settings according to the profiles the user creates and changes them to recommended settings based on the CIS AWS Benchmark source at request of the user. Identity and Access Management Avoid the use of the "roo...

7.6AI score
Exploits0References1
n0where
n0where
added 2017/07/03 4:25 p.m.20 views

AWS Auditing & Hardening Tool: Zeus

Zeus is a powerful tool for AWS EC2 / S3 / CloudTrail / CloudWatch / KMS best hardening practices. It checks security settings according to the profiles the user creates and changes them to recommended settings based on the CIS AWS Benchmark source at request of the user. Identity and Access...

0.1AI score
Exploits0References1
Hacker One
Hacker One
added 2016/01/19 6:24 p.m.50 views

Shopify: Full access to Amazon S3 bucket containing AWS CloudTrail logs

An Amazon S3 bucket used internally by Shopify was misconfigured, allowing external users to read, write and list objects. The excess permissions have been removed...

3.7AI score
Exploits0
n0where
n0where
added 2015/01/19 7:53 a.m.17 views

Security auditing tool for AWS: AWS Scout2

Scout2 is an open source tool that helps assessing the security posture of AWS environments. Using the AWS API, the Scout2 Python scripts fetch CloudTrail, EC2, IAM, RDS, and S3, configuration data. The gathered configuration is analysed and stored as JSON objects in several JavaScript files. The...

0.9AI score
Exploits0References1
Rows per page
Query Builder