threatmodel-for-aws-s3
S3 security guide
An inventory of common attack scenarios on Amazon S3 storage and recommended countermeasures
ThreatModel for Amazon S3 - Library of all the attack scenarios on Amazon S3, and how to mitigate them following a risk-based approach
151 stars
8 watching
21 forks
last commit: about 2 years ago
Linked from 2 awesome lists
4ndersonlin/awesome-cloud-security
funkmyster/awesome-cloud-securityRelated projects:
| Repository | Description | Stars |
|---|---|---|
 a3sal0n/cyberthreathunting | A collection of tools and resources for threat hunters to identify and respond to cyber threats. | 861 |
 sbasu7241/aws-threat-simulation-and-detection | This repository documents the simulation and detection of various AWS attack scenarios using Stratus Red Team and SumoLogic for logging and analysis. | 284 |
 neilkuan/secure-bucket | An AWS L3 Construct Library that provides a secure way to manage and protect S3 buckets in cloud environments. | 0 |
 prevade/cloudjack | Checks AWS accounts for subdomain hijacking vulnerabilities | 84 |
 nccgroup/s3_objects_check | Identifies publicly accessible objects in an AWS S3 bucket based on effective permissions | 75 |
 hypnoglow/helm-s3 | A Helm plugin that enables support for Amazon S3 as a chart repository. | 567 |
 alecblance/s3bucketlist | Lists and searches Amazon S3 buckets found in network requests while browsing the web. | 79 |
 cloud-architekt/azuread-attack-defense | A collection of attack scenarios and mitigation strategies for Microsoft Entra ID | 2,183 |
 hashishrajan/cloud-security-vulnerabilities | Lists publicly disclosed vulnerabilities in various cloud services. | 357 |
 terraform-aws-modules/terraform-aws-s3-bucket | Creates an S3 bucket on AWS with various features and configurations. | 532 |
 esonhugh/attack_code | An introductory article on cloud security and development, covering various aspects of cloud computing, including infrastructure, storage, deployment, and security. | 536 |
 owasp/pytm | Automates threat modeling and documentation for software systems. | 934 |
 anthonycastelli/s3-storage | Provides an interface to interact with Amazon S3 storage services. | 10 |
 ydcloudsecurity/cloud-security-guides | A comprehensive knowledge base providing cloud security resources, guidance, and tools to help build secure cloud infrastructure | 151 |
 xach/zs3 | A Common Lisp library for interacting with Amazon S3 and CloudFront services. | 38 |