mirror of
https://github.com/autistic-symposium/sec-pentesting-toolkit.git
synced 2025-05-01 22:36:05 -04:00
13 lines
1,006 B
Markdown
13 lines
1,006 B
Markdown
# Cloud and K8s Hacking
|
|
|
|
### CI/CD pipelines
|
|
|
|
* Static code security analyzers: [SonarQube](https://www.sonarqube.org/) (Javascript scanner), [NodeJsScan](https://github.com/ajinabraham/NodeJsScan).
|
|
* Package dependency security analyzers: [Snyk](https://snyk.io/).
|
|
* Docker image security analyzers: [Hadolint](https://github.com/hadolint/hadolint), [Clair](https://github.com/coreos/clair), [Anchore](https://anchore.com/).
|
|
* AWS IAM permission analyzers: [IAM access advisor APIs](https://aws.amazon.com/blogs/security/automate-analyzing-permissions-using-iam-access-advisor/).
|
|
* [PMapper](https://github.com/nccgroup/PMapper).
|
|
* AWS S3 permission analyzers: [s3audit](https://github.com/scalefactory/s3audit).
|
|
* Docker runtime anomaly detection: [Falco](https://hub.docker.com/r/sysdig/falco).
|
|
* Kubernetes policy security analyzers: [RBAC](https://searchsecurity.techtarget.com/definition/role-based-access-control-RBAC).
|
|
* Policy auditing tools: [Rakkess](https://github.com/corneliusweig/rakkess).
|