TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
-
Updated
May 23, 2024 - HCL
TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
Cfngoat is Bridgecrew's "Vulnerable by Design" Cloudformation repository. Cfngoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...
Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
🛡️ Awesome Cloud Security Resources ⚔️
PacBot (Policy as Code Bot)
Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!
Curated list of links, references, books videos, tutorials (Free or Paid), Exploit, CTFs, Hacking Practices etc. which are related to AWS Security
Example solutions demonstrating how to implement patterns within the AWS Security Reference Architecture guide using CloudFormation (including Customizations for AWS Control Tower) and Terraform.
Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.
☁️ ⚡ Granular, Actionable Adversary Emulation for the Cloud
Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.
IAM Least Privilege Policy Generator
ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring supporting 100s of services and evaluations to harden your CSP & SaaS environments with controls mapped to over 20 industry, regulatory, and best practice controls frameworks
A curated list of awesome cloud security blogs, podcasts, standards, projects, and examples.
A graph-based tool for visualizing effective access and resource relationships in AWS environments.
Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS
Add a description, image, and links to the aws-security topic page so that developers can more easily learn about it.
To associate your repository with the aws-security topic, visit your repo's landing page and select "manage topics."