stratus-red-team
iamzero
stratus-red-team | iamzero | |
---|---|---|
8 | 4 | |
1,621 | 236 | |
1.5% | 0.0% | |
8.7 | 0.0 | |
15 days ago | about 1 year ago | |
Go | Go | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
stratus-red-team
-
Azure PenTesting tools
Stratus: https://stratus-red-team.cloud/
- Stratus Red team
- Stratus Red Team: Granular, Actionable Adversary Emulation for the Cloud
- GitHub - DataDog/stratus-red-team: Granular, Actionable Adversary Emulation for the Cloud.
- "Stratus Red Team", an open-source adversary emulation tool for the cloud
- DataDog/stratus-red-team: Granular, Actionable Adversary Emulation for the Cloud. Stratus Red Team is "Atomic Red Team™" for the cloud, allowing to emulate offensive attack techniques in a granular and self-contained manner.
- "Stratus Red Team": open-source adversary emulation for AWS
iamzero
- Is there a way to test policies without the AWS policy simulator? maybe an API or library?
-
AWS IAM Recorder
You probably want https://github.com/iann0036/iamlive or https://iamzero.dev/
-
IAM Zero: I built a tool which automatically suggests least-privilege IAM policies for AWS CDK infrastructure
A few months ago I made some posts about tooling I built called IAM Zero to make least-privilege IAM policy generation easier [1] [2]. Since then, I have found a co-founder and we have been working full-time on making least-privilege policies easier with our open source tools.
-
IAM Zero: I released a tool which automatically suggests least-privilege IAM policies
The initial release has automatic least-privilege advisories for S3 and DynamoDB, and will be scaled out to support all AWS services prior to a stable release. IAM Zero currently supports applications and scripts written in Python with support for other languages coming soon. Support for generating infrastructure-as-code deployment roles and requesting roles through the AWS web console are on the roadmap.
What are some alternatives?
harp - Secret management by contract toolchain
iamlive - Generate an IAM policy from AWS, Azure, or Google Cloud (GCP) calls using client-side monitoring (CSM) or embedded proxy
sgCheckup - sgCheckup generates nmap output based on scanning your AWS Security Groups for unexpected open ports.
aws-sso-cli - A powerful tool for using AWS Identity Center for the CLI and web console.
terrascan - Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure. [Moved to: https://github.com/accurics/terrascan]
SkyArk - SkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS
Pulumi - Pulumi - Infrastructure as Code in any programming language. Build infrastructure intuitively on any cloud using familiar languages 🚀
parliament - AWS IAM linting library
granted - The easiest way to access your cloud.
terrascan - Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
KubeHound - Kubernetes Attack Graph