awesome-repositories.com
博客
awesome-repositories.com

通过 AI 驱动的搜索,发现最优秀的开源仓库。

探索精选搜索开源替代品自托管软件博客网站地图
项目关于排名机制媒体报道MCP 服务器
法律隐私政策服务条款
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·
Back to cloudquery/cloudquery

Open-source alternatives to Cloudquery

30 open-source projects similar to cloudquery/cloudquery, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Cloudquery alternative.

  • mlabouardy/komisermlabouardy 的头像

    mlabouardy/komiser

    4,133在 GitHub 上查看↗

    Komiser is a multi-cloud infrastructure inspector and asset inventory manager. It provides a centralized system for auditing, cataloging, and analyzing deployed services and assets across AWS, GCP, and Azure environments. The project transforms disparate resource schemas from different cloud vendors into a unified structural representation through a provider-based plugin architecture. It uses agentless API inspection and polling-based resource discovery to retrieve metadata and configuration states without requiring agents on target resources. The platform covers financial management via cos

    Go
    在 GitHub 上查看↗4,133
  • alfresco/prowlerAlfresco 的头像

    Alfresco/prowler

    14,005在 GitHub 上查看↗

    Prowler is a multi-cloud security posture management platform and vulnerability scanner. It provides tools for automating security audits, evaluating cloud infrastructure against regulatory compliance frameworks, and managing security assessments through a dedicated analysis dashboard. The project distinguishes itself by providing an AI-driven security context server that feeds structured data to AI assistants for automated risk analysis. It also employs graph-based attack path mapping to visualize potential lateral movement and exploitation routes across cloud inventories. The platform cove

    Python
    在 GitHub 上查看↗14,005
  • toniblyx/prowlertoniblyx 的头像

    toniblyx/prowler

    14,005在 GitHub 上查看↗

    Prowler is a multi-cloud security scanner and security posture management tool. It automates security and compliance assessments across multiple cloud environments to identify misconfigurations and vulnerabilities. The project provides a multi-cloud security analysis engine that operates as an automated auditor, evaluating infrastructure against industry-standard regulatory frameworks and security benchmarks. It features a cloud security visualization dashboard that uses a graph database to map cloud inventory and visualize potential attack paths. Capabilities include automated cloud infrast

    Python
    在 GitHub 上查看↗14,005

AI 搜索

探索更多 awesome 仓库

用简单的语言描述您的需求 —— AI 将根据相关性为您从数千个精选开源项目中进行排序。

Find more with AI search
  • cdk-team/cdkcdk-team 的头像

    cdk-team/CDK

    4,692在 GitHub 上查看↗

    CDK is a specialized toolset for container security auditing, container escape exploitation, and cloud infrastructure pentesting. It provides a collection of scripts and tools designed to identify and exploit vulnerabilities in container runtimes to break out of isolated environments and execute commands on the underlying host operating system. The project features a dedicated Docker runtime exploit suite for abusing the Docker API, procfs, and cgroups to gain unauthorized host-level access. It includes specific techniques for bypassing isolation via LXCFS, user namespace exploitation, and ho

    Go
    在 GitHub 上查看↗4,692
  • dlt-hub/dltdlt-hub 的头像

    dlt-hub/dlt

    5,472在 GitHub 上查看↗

    dlt is a Python data ingestion tool and ETL pipeline framework designed to fetch data from diverse sources and persist it into structured destinations. It functions as a schema inference engine that automatically detects data types and flattens nested JSON structures into relational tables, moving data from sources to lakehouses, warehouses, or vector databases. The project distinguishes itself through AI-powered pipeline generation, using large language models to scaffold extraction code and connectors for REST APIs. It also supports multimodal vector storage and specialized population of ve

    Pythondatadata-engineeringdata-lake
    在 GitHub 上查看↗5,472
  • capitalone/cloud-custodiancapitalone 的头像

    capitalone/cloud-custodian

    6,016在 GitHub 上查看↗

    Cloud Custodian is a multi-cloud governance engine and policy enforcement tool designed to automate security, compliance, and cost optimization across various cloud providers. It functions as a rules engine that uses a declarative domain specific language to query cloud resources and execute corrective actions based on predefined filters. The system operates as a serverless policy orchestrator, deploying provider-specific functions to trigger real-time enforcement in response to cloud resource changes. It provides a provider-agnostic resource abstraction to maintain consistent operational pol

    Python
    在 GitHub 上查看↗6,016
  • cloud-custodian/cloud-custodiancloud-custodian 的头像

    cloud-custodian/cloud-custodian

    6,011在 GitHub 上查看↗

    Cloud Custodian is an open-source rules engine that uses declarative YAML policies to query, filter, and take automated actions on cloud resources for governance and compliance. It functions as a stateless policy execution engine, where each policy evaluation runs as an independent, idempotent operation without maintaining internal state between runs. Policies are defined using a YAML-based domain-specific language that structures rules as a query-filter-action pipeline. The engine supports dry-run validation, allowing users to simulate policy actions against live resources without applying c

    Python
    在 GitHub 上查看↗6,011
  • jonrau1/electriceyejonrau1 的头像

    jonrau1/ElectricEye

    1,043在 GitHub 上查看↗

    ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring supporting 100s of services and evaluations to harden your CSP & SaaS environments with controls mapped to over 20 industry, regulatory, and best practice controls frameworks

    Pythonasset-managementattack-surface-managementaws
    在 GitHub 上查看↗1,043
  • netflix/security_monkeyNetflix 的头像

    Netflix/security_monkey

    4,370在 GitHub 上查看↗

    Security Monkey is a cloud security posture management tool and configuration auditor. It functions as a monitoring platform that tracks cloud assets and records state changes to identify when security policies are altered or insecure configurations are introduced. The system maintains a multi-cloud asset inventory, tracking resources across AWS, GCP, OpenStack, and GitHub organizations. It provides a centralized interface for searching and browsing assets across multiple cloud providers and regions. The platform covers cloud security auditing and infrastructure change tracking by comparing

    Pythonawsaws-ec2aws-iam
    在 GitHub 上查看↗4,370
  • aquasecurity/cloudsploitaquasecurity 的头像

    aquasecurity/cloudsploit

    3,705在 GitHub 上查看↗

    Cloudsploit is a cloud security posture management tool and multi-cloud security auditor. It audits cloud infrastructure for misconfigurations and compliance risks across multiple providers, specifically AWS and Azure, by evaluating resource configurations against a set of security plugins. The project functions as a cloud compliance scanner that maps infrastructure scan results to regulatory frameworks and security policy standards. It also serves as an automated cloud remediation tool, executing corrective actions to fix detected misconfigurations via SDK calls. The system covers resource

    JavaScriptalibabaaquaaws
    在 GitHub 上查看↗3,705
  • intuitem/ciso-assistant-communityintuitem 的头像

    intuitem/ciso-assistant-community

    4,162在 GitHub 上查看↗

    This project is a governance, risk, and compliance platform designed to centralize security governance, risk management, and regulatory compliance activities. It functions as a cybersecurity framework manager and a quantitative risk management system, allowing organizations to track their security posture through a centralized hub. The platform is distinguished by its ability to decouple regulatory requirements from technical security controls, enabling users to map a single implementation across multiple global frameworks to reduce audit duplication. It further differentiates itself through

    Pythonauditautomationbsi
    在 GitHub 上查看↗4,162
  • cloudsploit/scanscloudsploit 的头像

    cloudsploit/scans

    3,748在 GitHub 上查看↗

    This project is a multi-cloud security auditor and configuration audit tool designed to identify misconfigurations and vulnerabilities across various cloud service provider environments. It functions as a cloud security posture management tool and a vulnerability remediation engine, allowing users to scan resources against security best practices and industry compliance standards. The system distinguishes itself by combining detection with a remediation engine that executes corrective actions to fix discovered security gaps. It employs a plugin-based audit engine and a provider-agnostic abstr

    JavaScript
    在 GitHub 上查看↗3,748
  • datahub-project/datahubdatahub-project 的头像

    datahub-project/datahub

    12,141在 GitHub 上查看↗

    DataHub is a metadata management platform designed to unify technical, operational, and business context across diverse data ecosystems. By utilizing a graph-based metadata model and an event-driven ingestion architecture, it creates a centralized source of truth that maps complex data relationships, lineage, and ownership. This foundational framework enables organizations to maintain a synchronized view of their data landscape, supporting both human-led discovery and automated data operations. The platform distinguishes itself through its focus on grounding artificial intelligence and autono

    Pythondata-catalogdata-discoverydata-governance
    在 GitHub 上查看↗12,141
  • microsoft/security-101microsoft 的头像

    microsoft/Security-101

    6,203在 GitHub 上查看↗

    Security-101 is a vendor-agnostic, foundational cybersecurity learning curriculum organized into modular, framework-aligned modules. It is designed to build core knowledge across multiple security domains without tying content to specific products or platforms, making it suitable for both beginners and professionals seeking a structured introduction to the field. The curriculum is built around established security frameworks, including the MITRE ATT&CK framework for standardized threat analysis and the NIST Cybersecurity Framework for incident response workflows. It covers a broad range of do

    HTMLappseccia-triaddata-protection
    在 GitHub 上查看↗6,203
  • quay/clairquay 的头像

    quay/clair

    11,012在 GitHub 上查看↗

    Clair is a container image vulnerability scanner and security analyzer. It performs static analysis of container images by matching package contents against vulnerability databases to identify security risks across different package formats and architectures. The project functions as both an image indexer and a vulnerability database manager. It processes container layers into intermediate representations to enable fast security lookups and synchronizes security metadata from multiple external sources to maintain a local registry. Capability areas include continuous security monitoring, whic

    Goclaircontainersdocker
    在 GitHub 上查看↗11,012
  • nccgroup/scoutsuitenccgroup 的头像

    nccgroup/ScoutSuite

    7,548在 GitHub 上查看↗

    ScoutSuite is a multi-cloud security audit and configuration tool designed to identify security risks and misconfigurations across cloud environments. It functions as a security posture manager and compliance auditor, gathering resource metadata from cloud APIs to evaluate infrastructure against security benchmarks. The tool provides auditing capabilities for AWS, Google Cloud, DigitalOcean, and Kubernetes clusters and control planes. It distinguishes itself by decoupling data collection from analysis, allowing users to cache cloud configurations locally for offline auditing and iterative rul

    Pythonauditingawsazure
    在 GitHub 上查看↗7,548
  • turbot/steampipeturbot 的头像

    turbot/steampipe

    7,701在 GitHub 上查看↗

    Steampipe is a cloud infrastructure query engine and API-to-SQL mapper that translates REST and GraphQL API responses into relational rows and columns. It allows for the retrieval and joining of real-time data from multiple cloud service providers using a relational database interface. The project functions as a PostgreSQL foreign data wrapper and an SQLite API extension, mapping external API endpoints to virtual tables. This enables the use of standard SQL to query live cloud services and aggregate data from different providers and service accounts into a single unified dataset. The system

    Goawsazurecis
    在 GitHub 上查看↗7,701
  • lyft/cartographylyft 的头像

    lyft/cartography

    3,926在 GitHub 上查看↗

    Cartography is a graph-based infrastructure visualization and security analysis framework. It ingests data from diverse cloud, identity, and software-as-a-service providers to model complex relationships between resources, users, and security findings within a centralized graph database. By mapping these interdependencies, the platform enables organizations to gain visibility into their environment and identify potential security risks through graph traversal queries. The platform distinguishes itself through its ontology-based normalization and cross-platform entity correlation, which map he

    Python
    在 GitHub 上查看↗3,926
  • projectdiscovery/subfinderprojectdiscovery 的头像

    projectdiscovery/subfinder

    13,105在 GitHub 上查看↗

    Subfinder is a security reconnaissance framework designed for subdomain enumeration and attack surface management. It functions as a discovery engine that identifies and maps internet-exposed infrastructure, cloud-hosted assets, and network ranges to maintain a comprehensive inventory of an organization's digital footprint. The project distinguishes itself through a modular, template-driven scanning engine that executes security checks against discovered assets. It leverages cloud-native asset discovery to query provider APIs and infrastructure metadata, while supporting distributed agent orc

    Gobugbountyhackinghacktoberfest
    在 GitHub 上查看↗13,105
  • robusta-dev/krrrobusta-dev 的头像

    robusta-dev/krr

    4,466在 GitHub 上查看↗

    KRR is an open-source tool for analyzing Kubernetes resource requests and recommendations. It evaluates how pods are currently configured and provides suggestions for optimizing CPU and memory allocations based on actual usage patterns. The project focuses on helping teams right-size their Kubernetes workloads by identifying over-provisioned and under-provisioned resources. It scans clusters and generates reports that highlight where adjustments can reduce costs or improve performance without compromising reliability. KRR is distributed as a Python command-line tool that can be run directly

    Pythoncost-controlcost-savingfinops
    在 GitHub 上查看↗4,466
  • awslabs/aws-data-wranglerawslabs 的头像

    awslabs/aws-data-wrangler

    4,107在 GitHub 上查看↗

    This project is an AWS pandas integration library and data pipeline framework designed to simplify the movement and transformation of data between local memory and AWS storage and analytics services. It functions as a cloud data lake toolkit and storage file manager, allowing users to read, write, and transform structured data across various cloud environments. The library distinguishes itself as a distributed compute orchestrator capable of managing clusters in environments such as EMR to process datasets that exceed the memory limits of a single machine. It also provides specialized capabil

    Python
    在 GitHub 上查看↗4,107
  • ignitetechnologies/mindmapIgnitetechnologies 的头像

    Ignitetechnologies/Mindmap

    8,656在 GitHub 上查看↗

    Mindmap is a cybersecurity knowledge base and reference library that organizes security tools, frameworks, and methodologies into a visual knowledge map. It functions as a curated directory of cheat sheets and command guides for offensive and defensive security operations, presented as a hierarchical interface with collapsible nodes. The project converts structured markdown files into navigable visual trees to facilitate the study of penetration testing workflows and DevOps learning roadmaps. It also serves as a security compliance framework, providing structured mappings of NIST and ISO 2700

    在 GitHub 上查看↗8,656
  • netflix/metaflowNetflix 的头像

    Netflix/metaflow

    9,764在 GitHub 上查看↗

    Metaflow is a Python machine learning framework and MLOps workflow orchestrator designed to manage the lifecycle of data pipelines from local prototyping to production. It serves as a distributed compute manager and an experiment tracking system, enabling the creation of reproducible pipelines that transition between development and high-availability production environments. The framework distinguishes itself through an integrated checkpointing system that automatically persists intermediate data artifacts to remote storage, allowing failed runs to be resumed from the last successful step. It

    Pythonagentsaiaws
    在 GitHub 上查看↗9,764
  • wazuh/wazuhwazuh 的头像

    wazuh/wazuh

    14,779在 GitHub 上查看↗

    Wazuh is an integrated security platform that combines endpoint detection and response, security information and event management, and cloud workload protection. It functions as a centralized system for collecting telemetry, aggregating logs, and correlating events across distributed infrastructure to maintain security and integrity. The platform distinguishes itself through its active response orchestration, which allows for the automated execution of scripts on remote endpoints to neutralize threats in real time. It provides deep visibility into system activity through file integrity monito

    Ccloud-securitycomplianceconfiguration-assessement
    在 GitHub 上查看↗14,779
  • infracost/infracostinfracost 的头像

    infracost/infracost

    12,369在 GitHub 上查看↗

    Infracost is an infrastructure-as-code financial governance platform that calculates the cost impact of cloud resource changes. By performing static analysis on configuration files, the tool identifies infrastructure resources and their properties to estimate spending changes before deployment occurs. The platform distinguishes itself by integrating directly into development workflows, providing automated cost reporting and policy validation within pull request comments. It utilizes a modular architecture to map infrastructure definitions to real-time pricing data from cloud providers, allowi

    Goawsazurecloud
    在 GitHub 上查看↗12,369
  • meshery/mesherymeshery 的头像

    meshery/meshery

    9,966在 GitHub 上查看↗

    Meshery is a service mesh management plane and cloud native infrastructure orchestrator. It provides a visual design-as-code environment for modeling microservices and infrastructure components through declarative blueprints, functioning as a centralized platform for designing, deploying, and managing service mesh infrastructure. The platform is distinguished by its ability to translate visual designs into active deployments and its use of gRPC-based adapters to integrate with diverse infrastructure providers. It features a multi-tenant architecture that manages shared workspaces and role-bas

    HTMLcloud-nativecncfcontrol-plane
    在 GitHub 上查看↗9,966
  • firezone/firezonefirezone 的头像

    firezone/firezone

    8,701在 GitHub 上查看↗

    Firezone is a zero trust network access platform that uses WireGuard to provide identity-based connectivity to internal network resources. It functions as a virtual private network that synchronizes authentication and user groups via OpenID Connect providers. The system implements a group-based access control engine to enforce least privilege by restricting network resources to specific user groups. It utilizes holepunching and relay protocols for NAT traversal to establish encrypted tunnels through firewalls without requiring inbound ports. The platform includes a control plane for managing

    Elixirclouddevsecopselixir
    在 GitHub 上查看↗8,701
  • airbnb/streamalertairbnb 的头像

    airbnb/streamalert

    2,885在 GitHub 上查看↗

    StreamAlert is a serverless, realtime data analysis framework which empowers you to ingest, analyze, and alert on data from any environment, using datasources and alerting logic you define.

    Python
    在 GitHub 上查看↗2,885
  • duo-labs/cloudmapperduo-labs 的头像

    duo-labs/cloudmapper

    6,259在 GitHub 上查看↗
    JavaScriptawscytoscapediagram
    在 GitHub 上查看↗6,259
  • nccgroup/aws-inventorynccgroup 的头像

    nccgroup/aws-inventory

    740在 GitHub 上查看↗

    Discover resources created in an AWS account.

    Python
    在 GitHub 上查看↗740