ElectricEye
introspector
ElectricEye | introspector | |
---|---|---|
1 | 1 | |
862 | 66 | |
- | - | |
9.2 | 0.0 | |
5 days ago | over 2 years ago | |
Python | Python | |
Apache License 2.0 | Mozilla Public License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
ElectricEye
introspector
-
Open source: Catch AWS resource policy backdoors
And if you want to do some code review, it depends on supabase's postgres container and introspector
What are some alternatives?
consoleme - A Central Control Plane for AWS Permissions and Access
PMapper - A tool for quickly evaluating IAM permissions in AWS.
dep-scan - OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container images are supported as the input, and the tool is ideal for integration.
iamzero-python - Identity & Access Management simplified and secure for Python scripts and applications.
prowler - Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more
rds-auth-proxy - A "passwordless" login experience for your AWS RDS
faraday_plugins - Security tools report parsers for Faradaysec.com
applied-security - A curated collection of publicly available resources on how technology and tech-savvy organizations around the world practice Cybersecurity
openRiskScore - A python framework for risk scoring
aws-allowlister - Automatically compile an AWS Service Control Policy that ONLY allows AWS services that are compliant with your preferred compliance frameworks.
AWSXenos - AWSXenos will list all the trust relationships in all the IAM roles and S3 buckets
metabadger - Prevent SSRF attacks on AWS EC2 via automated upgrades to the more secure Instance Metadata Service v2 (IMDSv2).