SaaSHub helps you find the best software and product alternatives Learn more →
ScoutSuite Alternatives
Similar projects and alternatives to ScoutSuite
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
PaddleOCR
Awesome multilingual OCR toolkits based on PaddlePaddle (practical ultra lightweight OCR system, support 80+ languages recognition, provide data annotation and synthesis tools, support training and deployment among server, mobile, embedded and IoT devices)
-
prowler
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more
-
ThreatMapper
Open source cloud native security observability platform. Linux, K8s, AWS Fargate and more.
-
steampipe-mod-aws-compliance
Run individual controls or full compliance benchmarks for CIS, PCI, NIST, HIPAA and more across all of your AWS accounts using Powerpipe and Steampipe.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
pacu
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
-
cartography
Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database. (by lyft)
-
rpCheckup
rpCheckup is an AWS resource policy security checkup tool that identifies public, external account access, intra-org account access, and private resources.
-
my-arsenal-of-aws-security-tools
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
-
cloud-custodian
Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources
-
ADRecon
ADRecon is a tool which gathers information about the Active Directory and generates a report which can provide a holistic picture of the current state of the target AD environment.
-
heimdall2
Heimdall Enterprise Server 2 lets you view, store, and compare automated security control scan results.
-
magpie
A Cloud Security Posture Manager or CSPM with a focus on security analysis for the modern cloud stack and a focus on the emerging threat landscape such as cloud ransomware and supply chain attacks. (by openraven)
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
ScoutSuite reviews and mentions
-
Azure and M365 Secure Config Review
Prowler and ScoutSuite are a good start for cloud stuff.
-
Open source alternative cloud security tool that works like Wiz/Lacework/Aqua
Another solution might be ScoutSuite, they have support for all major clouds - aws,gcp and azure. But its probably not maintained as well. ScoutSuite
- CSPM opensource suggestions
-
Creating a jump host in 2023
If you're planning to use Active Directory and/or Azure AD, run ADRecon/AzureADRecon and Bloodhound frequently and review in depth. Run ScoutSuite frequently and review as part of a normal operational cycle (e.g., at weekly team meetings make the results available and set aside 15 minutes to discuss and make assignments). Look critically at where these three tools overlap within two or three degrees of separation from your jump hosts (e.g., hosts/nodes that are one or two devices away and users/security groups that are one or two devices away) for help prioritizing when you have too many high-risk/high-impact items to look through.
-
How to do AWS security assesment?
https://github.com/nccgroup/ScoutSuite (I used it for GCP one time, but I can't say if it good for AWS)
- Scanning for AWS Security Issues with Trivy
-
Automated penetration testing for a cloud infrastructure
I'd take a look at ScoutSuite. It runs on your infra and spits back a remarkably readable report.
- Pentesting
-
AWS Security Checklist
If you could get a read-only (audit?) account you could use ScoutSuite to pull the accounts and review them: https://github.com/nccgroup/ScoutSuite
-
This Week in Python
ScoutSuite – Multi-Cloud Security Auditing Tool
-
A note from our sponsor - SaaSHub
www.saashub.com | 25 Apr 2024
Stats
nccgroup/ScoutSuite is an open source project licensed under GNU General Public License v3.0 only which is an OSI approved license.
The primary programming language of ScoutSuite is Python.
Popular Comparisons
Sponsored