Home > Tools
SANS Instructors have built more than 150 open source tools that support your work and help you implement better security. Here is a list of cloud security specific ones.
Puma Scan is an open source software security analyzer for C# applications. Puma Scan provides a Visual Studio extension for scanning source code in the development environment and displaying vulnerabilities as spell check and compiler warnings.
Serverless Prey is a collection of serverless functions (FaaS) for GCP Functions, Azure Functions, and AWS Lambda. Once launched to the environment and invoked, these functions establish a TCP reverse shell for the purposes of introspecting the container runtimes of the various function runtimes.
Learn More about Serverless Prey
This project helps automate onboarding and scanning in Checkmarx (on-premise only) and enables the use of instance profiles with cross-account access to AWS CodeCommit repositories. This enables organizations to onboard projects without gathering and maintaining credentials for every repository. It also can allow developers to set up webhooks or triggers to kick off incremental or full scans if deployed appropriately.
Kubesec is security risk analysis for Kubernetes resources, as a web service or admission controller. It takes a Kubernetes pod-like resource as input, and returns a score based on the security configuration. If the configuration is too risky and the score too low, the deployment fails.
Simulator is a Kubernetes Security Training Platform. It teaches Red and Blue teams to exploit and mitigate security vulnerabilities in a Kubernetes cluster with real-world infrastructure and configuration, leading to experience usually only found whilst attacking and maintaining production systems.
Learn More about Kubernetes Simulator
This is a security testing framework for fast, safe iteration on firewall, routing, and NACL rules for Kubernetes (Network Policies, services) and non-containerized hosts (cloud provider instances, VMs, bare metal). It aggressively parallelizes nmap to test outbound network connections and ports from any accessible host, container, or Kubernetes pod by joining the same network namespace as the instance under test.
A small set of scripts to summarize AWS Security Groups, and generate visualizations of the rules.