AI Summary: Anthropic Cybersecurity Skills is an extensive open-source repository that provides AI agents access to 753 structured cybersecurity skills across 26 domains, offering capabilities such as memory forensics and Kubernetes RBAC auditing. The skills adhere to the agentskills.io standard, featuring a YAML structure for quick discovery and are fully mapped to MITRE ATT&CK and aligned with NIST CSF 2.0, enabling AI agents to perform advanced security tasks with enhanced contextual knowledge. This tool simplifies installation and empowers various platforms like Claude Code and GitHub Copilot to integrate these capabilities efficiently.

AI Summary: Awesome AWS Security is a curated repository that aggregates a wide range of resources related to AWS security practices, including whitepapers, books, videos, tutorials, and security tools. It serves as a comprehensive educational tool for professionals and enthusiasts seeking to enhance their knowledge of AWS security, featuring a well-structured table of contents and links to valuable references and training materials. Notable features include categorized resources for various learning preferences, from free content to paid courses, as well as a focus on contemporary security issues and best practices.

AI Summary: The “Breaking and Pwning Apps and Servers on AWS and Azure” repository provides comprehensive, hands-on training for security testers and DevSecOps professionals focusing on vulnerability assessment and penetration testing within cloud environments. It includes structured documentation, setup files for creating student virtual machines, and additional resources to facilitate practical lab experiences in identifying and exploiting security weaknesses in AWS and Azure platforms. The training emphasizes real-world attack scenarios and techniques, making it a valuable resource for professionals aiming to bolster their cloud security expertise.

AI Summary: CloudBrute is a reconnaissance tool designed for uncovering infrastructure, files, and applications across major cloud providers, including Amazon, Google, Microsoft, and others. Its primary use case targets bug bounty hunters, red teamers, and penetration testers, providing features such as black-box detection, user-agent and proxy randomization, and modular customization to facilitate efficient cloud enumeration and vulnerability assessment without requiring authentication.

README

CloudBrute

A tool to find a company (target) infrastructure, files, and apps on the top cloud providers (Amazon, Google, Microsoft, DigitalOcean, Alibaba, Vultr, Linode). The outcome is useful for bug bounty hunters, red teamers, and penetration testers alike.

AI Summary: Cloud Security Suite (cs-suite) is a command-line tool designed for conducting security audits on various cloud environments, including AWS, GCP, Azure, and DigitalOcean. Its primary use case revolves around gathering data for Lynis audits, allowing users to specify environments, IP addresses, and user credentials while generating audit logs in JSON format for integration with SIEM tools. Notable features include the ability to handle user authentication, option to wipe previous audit reports, and flexible configurations for different cloud platforms.

AI Summary: ElectricEye is a comprehensive Python CLI tool designed for multi-cloud and multi-SaaS environments that focuses on Asset Management, Security Posture Management, and Attack Surface Monitoring. It supports over 100 services and conducts more than 1000 checks aligned with over 20 regulatory and best practice frameworks, enabling organizations to enhance their cloud security and compliance effortlessly. Notable features include cross-Account, cross-Region capabilities and support for major platforms like AWS, GCP, Azure, and more, making it a versatile solution for managing diverse cloud architectures.

AI Summary: Kubernetes Goat is an intentionally vulnerable Kubernetes cluster environment designed for the purpose of learning and practicing Kubernetes security. It provides various scenarios for security testing, including exploitation of sensitive keys, SSRF vulnerabilities, and container escapes, thereby enabling users to gain hands-on experience with real-world security challenges in Kubernetes. The tool requires administrative access to a Kubernetes cluster and facilitates setup using kubectl and helm, offering a structured learning path for security professionals.

AI Summary: Matano is an open-source cloud-native security data lake specifically designed for AWS, enabling security teams to normalize and manage security logs effectively. Its notable features include the ability to integrate with over 50 log sources, support for Detection-as-Code using Python, serverless architecture for scalability, and vendor-neutral ownership through open standards. The tool aims to enhance SIEM capabilities by providing a cost-effective and versatile solution for security data management and analysis.

AI Summary: Monkey365 is an open-source PowerShell module designed for security configuration reviews of Microsoft 365, Azure, and Microsoft Entra ID environments. It enables users to identify potential security misconfigurations and provides actionable recommendations for compliance with best practices. Notable features include its user-friendly approach that minimizes the need for in-depth knowledge of APIs and complex dashboards while facilitating comprehensive scans for security gaps.

README

AI Summary: My Arsenal of AWS Security Tools is a curated collection of open-source tools designed to enhance security in AWS environments through various functionalities, including defensive hardening, offensive testing, and security auditing. Notable features include comprehensive coverage of cloud security best practices and continuous monitoring capabilities, facilitating improved incident response and compliance with standards such as CIS and GDPR. This repository serves as a resource for security practitioners aiming to bolster their AWS security posture.

AI Summary: Offensive-Resources V4 is a comprehensive repository designed for offensive security practitioners, providing an extensive collection of learning materials and labs across various cybersecurity domains. Its primary use case is to facilitate skill development in offensive security techniques, with notable features including a wide range of topics from exploit development to IoT and hardware hacking, structured resources for diverse platforms, and an open invitation for community contributions.

README

Offensive-Resources V4

((اللَّهُمَّ انْفَعْنِي بِمَا عَلَّمْتَنِي، وَعَلِّمْنِي مَا يَنْفَعُنِي، وَزِدْنِي عِلْمًا))

AI Summary: The Jassics Security Study Plan repository provides a comprehensive roadmap for aspiring cybersecurity engineers, covering various roles such as penetration testing, application security, cloud security, and DevSecOps. It offers structured study plans that include both free and paid resources, tools, and key concepts necessary to excel in the field. Notable features include detailed plans for specialized areas like AWS, GCP, and threat modeling, along with common skills assessments to help learners gauge their progress.

AI Summary: SkyArk is a cloud security tool that focuses on detecting and mitigating the threat of Cloud Shadow Admins in AWS and Azure environments through its two main scanning modules: AWStealth and AzureStealth. It identifies the most privileged cloud users and helps organizations ensure these entities are secured with best practices such as strong credentials and MFA. Notably, SkyArk enables risk assessment by uncovering hidden admin accounts that may escalate privileges if left unmanaged.

AI Summary: Wazuh is an open-source security platform designed for threat prevention, detection, and response across various environments, including on-premises, virtualized, containerized, and cloud settings. It features an endpoint security agent that collects data for analysis by a centralized management server, fully integrated with the Elastic Stack for enhanced search and visualization of security alerts. Key capabilities include intrusion detection, log data analysis, file integrity monitoring, vulnerability detection, configuration assessment, and automated incident response, making it a comprehensive tool for maintaining security compliance and mitigating threats.