How to do AWS security assesment?

This page summarizes the projects mentioned and recommended in the original post on /r/u_athanielx
AWS Azure GCP Cloud Security

Scout Monitoring - Free Django app performance insights with Scout Monitoring
Get Scout setup in minutes, and let us sweat the small stuff. A couple lines in settings.py is all you need to start monitoring your apps. Sign up for our free tier today.
www.scoutapm.com
featured
InfluxDB - Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured

  • prowler

    Discontinued Prowler is an Open Source security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 240 controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks. [Moved to: https://github.com/prowler-cloud/prowler] (by toniblyx)

    • https://github.com/toniblyx/prowle (it's look like huge checklist)

  • ScoutSuite

    Multi-Cloud Security Auditing Tool

    • https://github.com/nccgroup/ScoutSuite (I used it for GCP one time, but I can't say if it good for AWS)

  • Scout Monitoring

    Free Django app performance insights with Scout Monitoring. Get Scout setup in minutes, and let us sweat the small stuff. A couple lines in settings.py is all you need to start monitoring your apps. Sign up for our free tier today.

    Scout Monitoring logo

  • bucketeer

    Bucketeer is a small script that builds off the useful Sublist3r tool. The Tool tries to identify S3 Buckets and other useful subdomain information, that is used to perform subdomain takeover attacks.

  • s3audit-ts

    Discontinued CLI tool for auditing S3 buckets

    • https://github.com/scalefactory/s3audit (it's look intersting, because I need to identify if we have open buckets)

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • Azure and M365 Secure Config Review

    2 projects | /r/Pentesting | 31 May 2023

  • AWS Security Checklist

    1 project | /r/cybersecurity | 28 May 2022

  • Tool Release – ScoutSuite 5.11.0 - a new version of the open-source, multi-cloud auditing tool ScoutSuite - AWS, Azure and GCP improvements

    1 project | /r/devops | 16 Mar 2022

  • Question how to know all services used by me.

    1 project | /r/aws | 8 Dec 2021

  • Azure Environment Sanity Check

    1 project | /r/AZURE | 13 Oct 2021