prowler
yatas
prowler | yatas | |
---|---|---|
1 | 2 | |
7,019 | 304 | |
- | 0.7% | |
10.0 | 4.3 | |
over 1 year ago | 25 days ago | |
Shell | Go | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
prowler
-
How to do AWS security assesment?
https://github.com/toniblyx/prowle (it's look like huge checklist)
yatas
- padok-team/YATAS: A simple tool to audit your AWS infrastructure for misconfiguration or potential security issues with plugins integration
-
Open-Source AWS audit tool for security and misconfiguration
I currently have 62 checks on AWS. You can check it out here.
What are some alternatives?
bucketeer - Bucketeer is a small script that builds off the useful Sublist3r tool. The Tool tries to identify S3 Buckets and other useful subdomain information, that is used to perform subdomain takeover attacks.
terrascan - Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure. [Moved to: https://github.com/tenable/terrascan]
git-landmine - create local malicious git repo
yatas-template - Template for creating a plugin for YATAS
s3audit-ts - CLI tool for auditing S3 buckets
terrascan - Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure. [Moved to: https://github.com/accurics/terrascan]
cloudtrail-event-fuzzy-viewer - cli tool for searching cloudtrail events using fuzzy search
tfsec - Security scanner for your Terraform code
og-aws - 📙 Amazon Web Services — a practical guide
qovery-cli - Qovery Command Line Interface
Datovy - Heathcare Communicable Disease Data Repository
terrascan - Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.