ENNAENNA

Prowler

Apache-2.0

馃敟 Offensive OpsPython

Prowler is a cloud security assessment tool that performs over 300 checks against AWS, Azure, GCP, and Kubernetes infrastructures. Aligning with CIS benchmarks, it evaluates cloud environments for compliance and security vulnerabilities. Prowler is a critical resource for cloud security practitioners and auditors aiming to enhance the security posture of their cloud deployments through comprehensive and automated assessments.

13.6kstars
2.1kforks
220issues
Updated today
View on GitHubOfficial WebsiteDocumentation

Installation

$ pip install prowler

Use Cases

  • Cloud security posture assessment
  • CIS benchmark compliance scanning
  • Multi-cloud misconfiguration detection
  • Audit trail and evidence collection
  • Continuous cloud security monitoring

Tags

cloud-securityawsazuregcpcis-benchmarkcloudcloudsecuritycompliancecspmdevsecopsforensicsgdprhacktoberfesthardeningiammulti-cloudpythonsecuritysecurity-auditsecurity-hardeningsecurity-tools

Details

Category
馃敟 Offensive Ops
Language
Python
License
Apache-2.0
Platforms
馃惂linux馃崕macos馃獰windows

Links

GitHub Repository

github.com/prowler-cloud/prowler

Official Website

prowler.com

Documentation

docs.prowler.com

Releases

github.com/prowler-cloud/prowler/releases

Issues

github.com/prowler-cloud/prowler/issues

Sponsored

Your ad here

Reach security professionals and developers - ads@en-na.com

Used in 1 Workflow

鈽侊笍

Cloud Security Audit

Intermediate7 steps 路 4-8 hours

Community Reviews

No reviews yet. Be the first to review Prowler.

Alternatives & Comparisons

Cartography

Python

Intel graph of cloud infrastructure. Maps relationships between AWS, GCP, Azure, and other services into a Neo4j graph.

Compare Prowler vs Cartography

Steampipe

Go

Query cloud APIs with SQL. Zero-ETL approach to infrastructure visibility across AWS, Azure, GCP, and 140+ plugins.

Compare Prowler vs Steampipe

cloud_enum

Python

Multi-cloud OSINT enumeration. Discovers public resources across AWS, Azure, and GCP from keyword input.

Compare Prowler vs cloud_enum

CloudFlair

Python

Find origin servers behind Cloudflare. Uses Censys to discover the real IP address of Cloudflare-protected websites.

Compare Prowler vs CloudFlair

WeirdAAL

Python

AWS Attack Library. Enumerate, exploit, and backdoor AWS services with organized modules for cloud penetration testing.

Compare Prowler vs WeirdAAL

More in Offensive Ops

Mythic

Go

Collaborative, multi-platform C2 framework. Docker-based with web UI, multiple agent types, and plugin architecture.

c2red-teammulti-operator

Havoc

C/C++

Modern C2 framework. Qt-based GUI, BOF support, custom agents, and a Cobalt Strike-inspired workflow.

c2red-teamgui

Rubeus

C#

C# toolset for raw Kerberos interaction and abuse. AS-REP roasting, Kerberoasting, ticket manipulation, delegation attacks.

kerberosactive-directoryroasting

Certipy

Python

Active Directory Certificate Services (AD CS) abuse tool. Find and exploit certificate template misconfigurations.

active-directorycertificatesadcs

Coercer

Python

Automatically find and exploit Windows authentication coercion vulnerabilities. PetitPotam, PrinterBug, and more.

authentication-coercionntlm-relaypetitpotam

SharpHound

C#

Official BloodHound data collector. Enumerates Active Directory objects, sessions, ACLs, and trusts for graph analysis.

active-directoryenumerationbloodhound