cfripper
« Back to VersTracker
Description:
Library and CLI tool to analyse CloudFormation templates for security issues
Type: Formula  |  Latest Version: 1.19.0@1  |  Tracked Since: Dec 17, 2025
Links: Homepage  |  formulae.brew.sh
Category: Security
Tags: cloudformation aws security devops ci-cd
Install: brew install cfripper
About:
CFRipper is a Python library and CLI tool designed to dynamically analyze CloudFormation templates for security vulnerabilities and compliance issues. It inspects resources against a set of rules to detect misconfigurations, such as overly permissive IAM roles or unencrypted S3 buckets. The tool integrates into CI/CD pipelines to prevent insecure infrastructure from being deployed.
Key Features:
  • Dynamic analysis of CloudFormation templates
  • Extensible rule-based architecture
  • CI/CD pipeline integration
  • Detailed reporting on security violations
Use Cases:
  • Pre-deployment security scanning in CI/CD pipelines
  • Auditing existing CloudFormation templates for vulnerabilities
  • Enforcing organizational security policies as code
Alternatives:
  • cfn-lint – cfn-lint focuses on syntax validation and best practices, whereas CFRipper specializes in security-specific rule enforcement.
  • tfsec – tfsec is the equivalent security scanner for Terraform, while CFRipper is specifically built for AWS CloudFormation.
Version History
Detected Version Rev Change Commit
Dec 5, 2025 10:34pm 1 VERSION_BUMP 1a709cc2
Oct 20, 2025 5:36pm 0 VERSION_BUMP 32cbdb14
Oct 17, 2025 8:13pm 0 VERSION_BUMP 092fd567
Sep 13, 2025 7:28am 0 VERSION_BUMP a68c13cc
Jan 2, 2025 6:55am 0 VERSION_BUMP 1e06a537
Nov 10, 2024 4:33pm 0 VERSION_BUMP 614086ac
Oct 12, 2024 9:09pm 0 VERSION_BUMP 9476536d
Oct 12, 2024 3:14pm 0 VERSION_BUMP 09bcf62c
Feb 13, 2024 7:51am 0 VERSION_BUMP 7faf8cc4
Nov 20, 2023 12:29pm 0 VERSION_BUMP 1ba771c5
Nov 3, 2023 9:16pm 0 NEW dc456933
« Back to VersTracker  |  Browse Packages  |  About