The AWS Security Open Source Toolkit


I love AWS. I love Open Source. I love Security. So I’ve been bringing together a compilation of the best tools available to monitor, audit, train up on and find exposures in your AWS accounts.

You can find the GitHub repo here;

Please add to that if you wish!


Generate a report of all S3 buckets for an account:

Find open S3 buckets:

Generate Network Diagrams:

Cred Scanner:


Disable Access Keys after X days;

Secrets Management;

Least Privilege:

Resource Counter:

IAM Access Advisor:




Policy changes & Insecure config:

Policy & Encryption;



AWS Attack Library;

Thanks to all the awesome open-sourcers who make these possible!

Original Post:

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Up ↑

%d bloggers like this: