Free Security and Hacking eBooks

PacBot (Policy as Code Bot)

Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.

Kubernetes Goat is "Vulnerable by Design" Kubernetes Cluster.

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.

SkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS

TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.

Continuously monitor your AWS services for configurations that can lead to degradation of confidentiality, integrity or availability. All results will be sent to Security Hub for further aggregation and analysis.

Awesome cloud enumerator

Find cloud assets that no one wants exposed 🔎 ☁️

Security Remediation Guides

Curated list of awesome cloud security blogs, podcasts, standards, projects, and examples.

A step-by-step walkthrough of CloudGoat 2.0 scenarios.

A Docker container for remote penetration testing.

Curated list of links, references, books videos, tutorials (Free or Paid), Exploit, CTFs, Hacking Practices etc. which are related to AWS Security

Выпускная квалификационная работа (ВКР) магистра в LaTeX, оформленная в соответствии с нормоконтролем Севастопольского государственного университета в 2017 г.

Security tool to quickly audit Public Box files and folders.

Monitor the internet attack surface of various public cloud environments. Currently supports AWS, GCP, Azure, DigitalOcean and Oracle Cloud.

Defensive S3 Bucket Squating

Cloud security projects with Spring Cloud Config Server and Vault

Offensive Terraform Website

📚 VPS 🔒 Network 🔒 Cloud 🔒 Web Applications 📚

Cloud Security Dashboard for AWS - based on ScoutSuite

CdkGoat is Bridgecrew's "Vulnerable by Design" AWS CDK repository. CdkGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.

Docker container bundling tools for manual AWS security reviews

🛡️ Awesome Cloud Security Resources ⚔️

Proof of Value Terraform Scripts to utilize Amazon Web Services (AWS) Security, Identity & Compliance Services to Support your AWS Account Security Posture.

Offensive Terraform module which creates EC2 instance and reverse shell from an EC2 instance to attacker machine.

Offensive Terraform module which copies publicly exposed EBS snapshot to us-east-1 region in attacker's AWS account and creates EBS volume from the copied EBS snapshot. After that, the module attaches and mounts the EBS volume to an EC2 instance. Finally, attacker can ssh into an EC2 instance and inspect a mounted volume "/usr/src/hack".