gebalamariusz/cloud-audit

Vulnerability Scanning

Open-source AWS security scanner with attack chain detection, breach cost estimation, and copy-paste remediation (CLI + Terraform). 47 checks, 16 attack chain rules. First free standalone AWS security MCP server.

Track releases GitHub

Python Latest v2.3.1 · 8d ago Security brief →

Features

Detect AWS attack paths and IAM escalation routes
Prioritize fixes based on impact (Blast Radius)
Simulate remediation effects before applying changes

Recent releases

View all 28 releases →

Review required

v2.3.1 New feature 8d

Auth RBAC Dependencies

DynamoDB checks + S3 validation + Config hardening

Open

Review required

v2.3.0 New feature 9d

Auth RBAC

Blast Radius CLI + exposure

Open

Review required

v2.2.1 Breaking risk 22d

Auth

SES escalation logic change

Open

Review required

v2.2.0 New feature 22d

Auth RBAC

Threat Feed v1

Open

Review required

v2.1.0 New feature 1mo

Auth RBAC

IAM privilege escalation detections

Open

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Releases

View all →

Releases per month

Cadence 2.0 / wk

Last release 5d

Release size 2

Churn +2507 / −124 lines · 24 files · 6 commits

Tracked 28

Security

Full profile →

Security score 6.5/10

OpenSSF —

Open CVEs 0

SECURITY.md Active maintainer

Community

GitHub stars 58

Forks 13

Open issues 5

Open PRs 0

Stars/wk velocity 0.0

About

Stars

Forks

Languages

Python Jinja HTML

View on GitHub Live demo Documentation

Install & Platforms

Install via

pip

Similar tools

Checkov

Secrover

msaad00/agent-bom

Deepfence ThreatMapper

grype

About

Stars

Forks

Languages

Python Jinja HTML

View on GitHub Live demo Documentation

Install & Platforms

Install via

pip

Similar tools

Checkov

Secrover

msaad00/agent-bom

Deepfence ThreatMapper

grype