Mike 's repositories
aardvark
Aardvark is a multi-account AWS IAM Access Advisor API
aws-serverless-security-workshop
In this workshop, you will learn techniques to secure a serverless application built with AWS Lambda, Amazon API Gateway and RDS Aurora. We will cover AWS services and features you can leverage to improve the security of a serverless applications in 5 domains: identity & access management, code, data, infrastructure, logging & monitoring.
aws-serverless-workshops
Code and walkthrough labs to set up serverless applications for Wild Rydes workshops
aws_ir
Python installable command line utiltity for mitigation of host and key compromises.
aws_ir_plugins
Core incident handling plugins for aws_ir cli, incident pony, and more.
canape
CANAPE Network Testing Tool
checkov
Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes and other infrastructure-as-code-languages with Checkov by Bridgecrew.
clair
Vulnerability Static Analysis for Containers
CloudPentestCheatsheets
This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.
DevSkim
DevSkim is a set of IDE plugins and rules that provide security "linting" capabilities.
diffy
Diffy is a triage tool used during cloud-centric security incidents, to help digital forensics and incident response (DFIR) teams quickly identify suspicious hosts on which to focus their response.
Empire
Empire is a PowerShell and Python post-exploitation agent.
juice-shop
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
kubernetes-goat
Kubernetes Goat is "Vulnerable by Design" Kubernetes Cluster.
lynis
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
NodeGoat
The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.
pacu
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
PowerZure
PowerShell framework to assess Azure security
prowler
Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains all CIS controls listed here https://d0.awsstatic.com/whitepapers/compliance/AWS_CIS_Foundations_Benchmark.pdf and more than 100 additional checks that help on GDPR, HIPAA and other security requirements.
stethoscope-app
A desktop application that checks security-related settings and makes recommendations for improvements without requiring central device management or automated reporting.
Stormspotter
Azure Red Team tool for graphing Azure and Azure Active Directory objects
super-linter
Combination of multiple linters to install as a GitHub Action
terraform-aws-wireguard
Terraform module to deploy WireGuard on AWS
terragoat
TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
terragrunt
Terragrunt is a thin wrapper for Terraform that provides extra tools for working with multiple Terraform modules.
Violent-Python
Code that I adapted from the "Violent Python" book
zaproxy
The OWASP ZAP core project