explaingit

toniblyx/my-arsenal-of-aws-security-tools

9,446ShellAudience · ops devopsComplexity · 1/5Setup · easy

TLDR

A curated, regularly updated directory of open source security tools for AWS organized by category, defensive, offensive, auditing, forensics, with live GitHub activity badges so you can check if each tool is still maintained.

Mindmap

mindmap
  root((repo))
    What it does
      AWS tool directory
      Organized by category
      Live activity badges
    Defensive tools
      Account hardening
      Security assessment
      Inventory scanning
    Offensive tools
      Penetration testing
      Adversary emulation
      S3 bucket auditing
    Other categories
      Forensics and DFIR
      Continuous auditing
      Developer security
Click or tap to explore — scroll the page freely

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

Things people build with this

USE CASE 1

Browse a categorized directory of AWS security tools to find the right one for hardening, pen-testing, or compliance auditing your cloud environment.

USE CASE 2

Use the live GitHub badges on each entry to quickly check whether a tool is actively maintained before investing time in it.

USE CASE 3

Find open source tools covering compliance frameworks like CIS, NIST, GDPR, HIPAA, or PCI-DSS for your AWS account.

USE CASE 4

Discover offensive tools used by penetration testers to probe AWS setups for common weaknesses and misconfigurations.

Tech stack

ShellAWS

Getting it running

Difficulty · easy Time to first run · 5min

This is a reference list, not a single tool, installation difficulty varies per tool, each entry includes live GitHub badges to help you assess whether it is actively maintained.

In plain English

This repository is a curated reference list of open source security tools for Amazon Web Services (AWS), the cloud computing platform used by a large number of businesses and developers to host applications and store data. It is not a single tool itself but rather a regularly updated directory of tools organized by what kind of security work they help with. The list is divided into categories. The defensive section covers tools for hardening AWS accounts, running security assessments, and taking inventory of what is running in your environment. The offensive section covers tools used by penetration testers to probe AWS setups for weaknesses. There is also a purple teaming section covering adversary emulation, a category for continuous auditing tools that run on a schedule to detect new problems, a section for digital forensics and incident response (DFIR), tools aimed at developers building securely on AWS, and tools specifically for auditing S3 buckets (the file storage service from AWS). A training section rounds out the list. Each entry in the list includes the tool name, a short description, and live badge indicators showing star counts, contributor activity, and open issue counts pulled directly from GitHub. This makes it easy to assess whether a given tool is actively maintained before investing time in it. The repository was created and is maintained by toniblyx, who also created Prowler, one of the most prominent open source AWS security audit tools. Prowler appears at the top of the defensive section and supports compliance frameworks including CIS, NIST, GDPR, HIPAA, PCI-DSS, and others. Contributions are welcome through pull requests, the only requirement is that submitted tools must be open source. The full README is longer than what was shown.

Copy-paste prompts

Prompt 1
I need to audit my AWS account for CIS benchmark misconfigurations. Which tools from the my-arsenal-of-aws-security-tools defensive list cover this, and how do I run Prowler against my account?
Prompt 2
Set up continuous automated security monitoring on AWS using one of the tools from the continuous auditing section of this arsenal, walk me through installation and scheduling.
Prompt 3
I am doing a penetration test on an AWS environment. Which tools from the offensive section of this list should I start with and what attack surface do they cover?
Prompt 4
Help me pick an S3 bucket auditing tool from this arsenal and run it against my AWS account to find publicly exposed buckets.
Open on GitHub → Explain another repo

← toniblyx on gitmyhub — every repo by this author, as a profile.

Verify against the repo before relying on details.