CloudSword
Createdwgpsec
Identifies cloud risks, tests security vulnerabilities, and enhances cloud protection for public cloud tenants.
About
CloudSword is an open-source tool designed to help public cloud tenants quickly discover and test risks within their cloud environments, as well as enhance overall cloud security. It provides security personnel with resource information, identifies potential weaknesses for remediation, and facilitates the deployment of defenses. The tool offers global Chinese output, command completion, and a familiar MSF-like interface, making it user-friendly and efficient.
Key Features
- Offers a range of modules for asset discovery, vulnerability testing, and security enhancement
- Includes modules for storage bucket security, elastic compute instance analysis, and identity & access management
- 463 GitHub stars
- Comprehensive risk assessment for public cloud environments
- Provides MCP protocol support for SSE and STDIO modes
- Supports multiple cloud providers including Alibaba Cloud and Tencent Cloud
Use Cases
- Incident response and remediation
- Automated vulnerability scanning
- Security auditing of cloud infrastructure
