Stars
Archon is an AI agent that is able to create other AI agents using an advanced agentic coding workflow and framework knowledge base to unlock a new frontier of automated agents.
Generate datasets of cloud audit logs for common attacks
Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources
Security Monkey monitors AWS, GCP, OpenStack, and GitHub orgs for assets and their changes over time.
This is a free lab I created for cybr.com. It's intended to provide an intro to building on AWS with Terraform in a simple, cost-efficient manner. Plus you'll have a cool website to show for it!
OpenTofu lets you declaratively manage your cloud infrastructure.
This repository contains demos of different tools that can be used in CI/CD processes for finding IAM policy misconfigurations
AWSATT&CK adds MITRE ATT&CK context and additional logging capabilities to Rhino Security Labs's open-source AWS exploitation framework, Pacu.
A crowdsourced AWS IAM permissions reference.
A powerful tool for using AWS Identity Center for the CLI and web console.
A Gutenberg block that syntax highlights your code powered by Torchlight API.
An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and security implications
Provision AWS KMS keys safely with least privilege access and comprehensive tagging using Terraform.
An encyclopedia for offensive and defensive security knowledge in cloud native technologies.
CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool
Bare minimum AWS Security Alerting and Secure by default Configuration
Programmatically delete AWS resources based on an allowlist and time to live (TTL) settings
Automated Attack Simulation in the Cloud, complete with detection use cases.
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
Sophisticated cyber penetration attacks is a series of advanced techniques, notes and guidance that will help you to prepare as a hacker on your journey.
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
Learn with Anthony James collaborative course building repo
Various Dockerfiles I use on the desktop and on servers.
Helps package and upload Python lambda functions to AWS
Super-simple, minimum abstraction MailChimp API v3 wrapper, in PHP
☁️ A curated list of awesome services, solutions and resources for serverless / nobackend applications.