Search Results for "cloud security"
Sort By:
Showing 66 open source projects for "cloud security"
View related business solutions-
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
1
Cloud Custodian
Rules engine for cloud security, cost optimization, and governance
...Custodian supports managing AWS, Azure, and GCP public cloud environments. Besides just providing reports of issues, Custodian can actively enforce the security policies you define. Setup off-hours to save you money, by turning-off resources when they're not being used. Garbage collects unused resources by looking into utilization metrics. Custodian can be run locally, on an instance, or Serverless in AWS Lambda. -
2
Scout Suite
Multi-cloud security auditing tool
Scout Suite is an open-source multi-cloud security-auditing tool, which enables security posture assessment of cloud environments. Using the APIs exposed by cloud providers, Scout Suite gathers configuration data for manual inspection and highlights risk areas. Rather than going through dozens of pages on the web consoles, Scout Suite presents a clear view of the attack surface automatically. -
3
Checkov
Prevent cloud misconfigurations during build-time for Terraform
Checkov scans cloud infrastructure configurations to find misconfigurations before they're deployed. Checkov uses a common command-line interface to manage and analyze infrastructure as code (IaC) scan results across platforms such as Terraform, CloudFormation, Kubernetes, Helm, ARM Templates and Serverless framework. Verify changes to hundreds of supported resource types in all major cloud providers. Checkov supports developers using Terraform, Terraform plan, CloudFormation, Kubernetes,... -
4
IPRanges
Daily updated lists of cloud, bot, and service IP ranges
ipranges is an open source repository that provides continuously updated lists of IP address ranges associated with major cloud providers, search engine crawlers, and online services. ipranges collects IP ranges from publicly available sources and organizes them into structured files that can be easily used in security, networking, and automation workflows. It includes address ranges from providers such as Google Cloud, Amazon AWS, Microsoft, Oracle Cloud, and DigitalOcean, as well as well known service platforms like GitHub, Facebook, Twitter, and Telegram. ... -
Try Google Cloud Risk-Free With $300 in CreditUse your credit across every product. Compute, storage, AI, analytics. When it runs out, 20+ products stay free. You only pay when you choose to.
-
5
Metarget
Framework for automatic construction of vulnerable infrastructures
Metarget = meta- + target, a framework providing automatic constructions of vulnerable infrastructures, used to deploy simple or complicated vulnerable cloud native targets swiftly and automatically. During security research, we might find that the deployment of a vulnerable environment often takes much time, while the time spent on testing PoC or ExP is comparatively short. In the field of cloud-native security, thanks to the complexity of cloud-native systems, this issue is more terrible. ... -
6
Tencent Cloud Code Analysis
Static code analysis
Tencent Cloud Code Analysis (TCA for short, used internally by the R&D code CodeDog ) is a cloud-native, distributed, high-performance comprehensive code analysis and tracking platform that integrates many analysis tools, including server, web and client The three components have integrated a number of self-developed tools, and also support the dynamic integration of analysis tools of various programming languages in the industry. Obtain the Tencent Cloud code analysis platform by... -
7
ConsoleMe
A central control plane for AWS permissions and access
ConsoleMe is a web service that makes AWS IAM permissions and credential management easier for end-users and cloud administrators. ConsoleMe provides numerous ways to log in to the AWS Console. An IAM Self-Service Wizard lets users request IAM permissions in plain English. Cross-account resource policies will be automatically generated and can be applied with a single click for certain resource types. Weep (ConsoleMe’s CLI) supports 5 different ways of serving AWS credentials locally. Cloud... -
8
MicroK8s
Single-package Kubernetes for developers, IoT and edge
Low-ops, minimal production Kubernetes, for devs, cloud, clusters, workstations, Edge and IoT. MicroK8s automatically chooses the best nodes for the Kubernetes datastore. When you lose a cluster database node, another node is promoted. No admin needed for your bulletproof edge. MicroK8s is small, with sensible defaults that ‘just work’. A quick install, easy upgrades and great security make it perfect for micro clouds and edge computing. -
9
Terraform Examples and Modules for GC
End-to-end modular samples and landing zones toolkit for Terraform
Terraform Examples and Modules for GC is a comprehensive infrastructure-as-code toolkit built on Terraform that enables organizations to design, deploy, and manage enterprise-grade Google Cloud environments using modular and reusable components. It provides a collection of end-to-end blueprints and composable modules that allow teams to implement standardized cloud architectures such as landing zones, networking configurations, and security frameworks. The project is designed to accelerate cloud adoption by offering opinionated yet flexible patterns aligned with Google Cloud best practices, helping organizations bootstrap their environments quickly while maintaining governance and scalability. ... -
AI-powered service management for IT and enterprise teamsGive your IT, operations, and business teams the ability to deliver exceptional services—without the complexity. Maximize operational efficiency with refreshingly simple, AI-powered Freshservice.
-
10
Power Pwn
Repurpose Microsoft-trusted executables, service accounts, etc.
Repurpose Microsoft-trusted executables, service accounts and cloud services to power a malware operation. These materials are presented from an attacker’s perspective with the goal of raising awareness to the risks of underestimating the security impact of No Code/Low Code. No Code/Low Code is awesome. -
11
Algo VPN
Set of Ansible scripts that simplifies the setup of a personal VPN
Introducing Algo, a self-hosted personal VPN server designed for ease of deployment and security. Algo automatically deploys an on-demand VPN service in the cloud that is not shared with other users, relies on only modern protocols and ciphers, and includes only the minimal software you need. And it’s free. For anyone who is privacy conscious, travels for work frequently, or can’t afford a dedicated IT department, this one’s for you. -
12
Professional Services
Common solutions and tools developed by Google Cloud
...Unlike simple sample repositories, it focuses on production-oriented use cases such as data pipelines, machine learning workflows, infrastructure automation, and security management. The repository contains a wide variety of projects, including tools for validating data migrations, generating large datasets for testing, building analytics dashboards, and automating policy enforcement in cloud environments. These solutions are intended to serve as blueprints that organizations can adapt and extend for their own needs rather than turnkey products. ... -
13
SiteDorks
Automate search engine dorking across hundreds of websites
SiteDorks is a command line tool designed to automate advanced search queries across multiple search engines and websites. It allows users to perform search engine “dork” queries against a large set of predefined domains, making it easier to discover publicly available information across different platforms. SiteDorks supports several major search engines including Google, Bing, Brave, Ecosia, DuckDuckGo, Yahoo, and Yandex. Instead of manually running the same query for many sites, SiteDorks... -
14
Agent Starter Pack
Ship AI Agents to Google Cloud in minutes, not months
Agent Starter Pack is a production-focused framework that provides pre-built templates and infrastructure for rapidly developing and deploying generative AI agents on Google Cloud. It is designed to eliminate the complexity of moving from prototype to production by bundling essential components such as deployment pipelines, monitoring, security, and evaluation tools into a single package. Developers can create fully functional agent projects with a single command, generating both backend and frontend structures along with deployment-ready configurations. ... -
15
PentestAgent
AI agent framework for black-box security testing
...Users configure rules, policies, and environments, and the agent continuously probes for weaknesses, prioritizes findings, and generates contextual reports that help both technical and non-technical stakeholders understand risk exposure. Because it supports a range of plug-ins and external security tools, pentestagent can be adapted for web applications, network infrastructure, API surfaces, and even cloud environments, making it flexible for diverse security programs. -
16
MCP Atlassian
MCP server that integrates Confluence and Jira
The MCP Atlassian server integrates Atlassian products like Confluence and Jira with the Model Context Protocol. It supports both Cloud and Server/Data Center deployments, enabling AI models to interact with these platforms securely. -
17
LoLLMs Hub Fortress
A proxy server for multiple ollama instances with Key security
LoLLMs Hub Fortress is a high-performance AI orchestration platform designed to unify multiple large language model backends into a single, secure, and scalable API layer. It acts as a central gateway that connects different inference engines such as Ollama, llama.cpp, vLLM, and OpenAI-compatible services, allowing them to function as interchangeable compute nodes within one system. The architecture is built around a hierarchical “master and slave” hub model, enabling distributed deployments... -
18
Django-CRM
Open Source CRM based on Django
Django CRM is opensource CRM developed on django framework. It has all the basic features of CRM to start with. We welcome code contributions and feature requests via github. Create and activate a virtual environment. Install the project's dependency after activating env. -
19
Pacu
The AWS exploitation framework, designed for testing security
Pacu (named after a type of Piranha in the Amazon) is a comprehensive AWS security-testing toolkit designed for offensive security practitioners. While several AWS security scanners currently serve as the proverbial “Nessus” of the cloud, Pacu is designed to be the Metasploit equivalent. Written in Python 3 with a modular architecture, Pacu has tools for every step of the pen testing process, covering the full cyber kill chain. -
20
Home Assistant
Open source home automation that puts local control and privacy first
Home Assistant is a powerful open source home automation app that prioritizes local control and privacy. It offers great security and features while keeping your data securely out of the cloud. It can give you control of all your devices from a single, mobile-friendly interface and will track the state of all these devices so you don’t have to. Home Assistant is powered by a worldwide community and runs ideally on a Raspberry Pi or a local server. It can be set up to automatically control devices, so whether you want to be alerted when the lights turn on when you’re not at home, or want the lights to automatically dim when you start to watch a movie on Chromecast, Home Assistant can do it for you. ... -
21
Splunk Attack Range
A tool that allows you to create vulnerable environments
The Splunk Attack Range is an open-source project maintained by the Splunk Threat Research Team. It builds instrumented cloud (AWS, Azure) and local environments (Virtualbox), simulates attacks, and forwards the data into a Splunk instance. This environment can then be used to develop and test the effectiveness of detections. -
22
Flan Scan
A pretty sweet vulnerability scanner
Flan Scan is a lightweight open-source network vulnerability scanner designed to make it easy to detect exposed services, open ports, and associated vulnerabilities across IP ranges or network segments as part of security audit and compliance workflows. It is essentially a thin wrapper around the widely-used Nmap scanner, augmenting it with scripts and tooling that transform raw Nmap output into vulnerability-focused reports that map detected services to known CVEs, making results more... -
23
LAMDA
Android reverse engineering & automation framework
Android reverse engineering & automation framework. The most powerful Android capture/reverse/HOOK & cloud phone/remote desktop/automation framework in history, your work has never been so easy and fast. LAMDA is an auxiliary framework for reverse engineering and automation. It is designed to reduce the time and trivial problems of security analysts and application testers. It replaces a large number of manual operations with a programmed interface. -
24
FATE
An industrial grade federated learning framework
...FATE TSC was established to lead FATE open-source community, with members from major domestic cloud computing and financial service enterprises. FedAI is a community that helps businesses and organizations build AI models effectively and collaboratively, by using data in accordance with user privacy protection, data security, data confidentiality and government regulations. -
25
OpenSandbox
OpenSandbox is a general-purpose sandbox platform for AI applications
...OpenSandbox is particularly useful for AI agents, code execution services, and any scenario where untrusted code must be executed safely. Its architecture emphasizes flexibility, security boundaries, and operational consistency across environments. Overall, the project aims to standardize sandbox execution for modern AI and cloud native workflows.
