smogcloud
Cloud asset monitor
Automatically identifies and monitors cloud assets exposed to the internet without authorization
Find cloud assets that no one wants exposed 🔎 ☁️
332 stars
27 watching
36 forks
Language: Go
last commit: over 4 years ago
Linked from 1 awesome list
amazonawsapi-documentationattack-surfaceawsblueteamcloudcloud-securityinfosecpenetration-testingsecurity-engineersecurity-tools
4ndersonlin/awesome-cloud-securityRelated projects:
| Repository | Description | Stars |
|---|---|---|
| bishopfox/cloudfox | An open-source tool to help penetration testers gather information about cloud environments and identify potential vulnerabilities. | 1,983 |
 aquasecurity/cloudsploit | A tool designed to detect security risks in cloud infrastructure accounts | 3,372 |
 salesforce/cloudsplaining | A tool that scans AWS IAM policies to identify security vulnerabilities and generates a report with recommendations for remediation | 2,009 |
 azure/fta-monitoring | Provides tools and guidance for monitoring Azure resources and services to ensure optimal performance and security | 9 |
 dark-kinga/cloudtools | A cloud asset management tool for detecting and managing cloud security vulnerabilities in various cloud services | 915 |
 mindpointgroup/cloudfrunt | A tool for identifying misconfigured CloudFront domains to prevent domain hijacking | 347 |
 prevade/cloudjack | Checks AWS accounts for subdomain hijacking vulnerabilities | 84 |
 sukkaw/cloudflare-block-bad-bot-ruleset | Protects websites from malicious crawlers and bots by filtering out suspicious traffic based on user-agent information | 211 |
 dragondrop-cloud/cloud-concierge | Automates cloud infrastructure monitoring and optimization by analyzing Terraform state files and detecting drifts, security risks, and cost estimation. | 224 |
 someengineering/fixinventory | Tools to identify and remove critical risks in cloud infrastructure accounts by analyzing metadata from APIs of various cloud services | 1,617 |
 googlecloudplatform/security-analytics | Provides a set of community-driven security analytics queries and rules for Google Cloud log analysis | 327 |
 nccgroup/scoutsuite | Automates security assessment of cloud environments to identify potential vulnerabilities and risks | 6,794 |
 boavizta/cloud-scanner | Automates the estimation of environmental impacts from AWS EC2 instances and block storage. | 35 |
 0xsha/cloudbrute | A tool to automatically discover and enumerate cloud infrastructure and applications across multiple providers. | 913 |
 m0rtem/cloudfail | Reconnaissance tool that gathers information about a Cloudflare-protected target to discover its server location using misconfigured DNS and old database records. | 2,251 |