prowler
Security scanner
An automated security assessment tool for cloud infrastructure and applications
Prowler is an Open Cloud Security tool for AWS, Azure, GCP and Kubernetes. It helps for continuos monitoring, security assessments and audits, incident response, compliance, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more.
11k stars
130 watching
2k forks
Language: Python
last commit: about 1 month ago
Linked from 6 awesome lists
awsazurecis-benchmarkcloudcompliancecspmdevsecopsforensicsgcpgdprhardeningiammulti-cloudpythonsaassecuritysecurity-auditsecurity-hardeningsecurity-toolswell-architected
qazbnm456/awesome-web-security
fabacab/awesome-cybersecurity-blueteam
4ndersonlin/awesome-cloud-security
kyuu-ji/awesome-azure-pentest
funkmyster/awesome-cloud-security
spacial/awesome-systoolsRelated projects:
| Repository | Description | Stars |
|---|---|---|
 securityftw/cs-suite | An automated tool suite to assess and improve cloud security across multiple platforms | 1,145 |
 t0pcyber/hawk | A PowerShell-based tool to gather information on O365 intrusions and potential breaches. | 722 |
 bishopfox/cloudfox | An open-source tool to help penetration testers gather information about cloud environments and identify potential vulnerabilities. | 1,983 |
 jordanpotti/cloudscraper | A tool to spider and search cloud resources like AWS, Azure, and Digital Ocean for potential vulnerabilities. | 506 |
 cloudina/hawk | An API-based antivirus scanning system for cloud storage services | 23 |
 portswigger/aws-security-checks | A set of automated security checks for AWS services written in Python to identify potential vulnerabilities and configuration issues. | 36 |
 toniblyx/my-arsenal-of-aws-security-tools | A curated list of open-source tools for assessing and improving AWS security posture | 9,007 |
 eliasgranderubio/dagda | A tool to analyze and monitor Docker images and containers for security threats | 1,164 |
 azure/stormspotter | A tool for analyzing and visualizing Azure objects to help security teams understand potential attack surfaces. | 1,555 |
| azure/cloud-katana | Automates security assessment and research in cloud-native environments using event-driven serverless computing | 250 |
 jonrau1/electriceye | A Python CLI tool for managing security and compliance in cloud and SaaS environments | 966 |
 deepfence/threatmapper | An application protection platform that monitors and analyzes cloud-native applications for vulnerabilities and threats. | 4,861 |
 belane/cloudhunter | Tools for scanning and analyzing cloud storage bucket permissions | 134 |
 openscanner/xguardian | A security scanner for OSX applications that detects potential vulnerabilities in URL scheme hijack, bundle ID hijack, and keychain hijack. | 41 |
 coinbase/salus | A tool for coordinating security scanning of software projects | 25 |