Tim Kelly's repositories
secretsynth
A secret scanner wrapper to aggregate results across multiple secret scanning tools
ghas-utils
Utilities for getting insights from Github Advanced Security
swiss-cheese
A demo repository of simple OWASP Top 10 type of vulnerabilities in (mostly) Python. Includes an exploration of GHAS features.
riverdata-alrudiny
test fork for GCP App Engine deploy
actions-study
Repo for Github action experimentation
blog
Writings, diagrams, and other sharable things
dependecy-review-study
A sample to test the boundaries and limitations of GHAS Dependency Review workflow.
ElectricEye
ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring supporting 100s of services and evaluations to harden your CSP & SaaS environments with controls mapped to over 20 industry, regulatory, and best practice controls frameworks
execise-exclude-files-from-secret-scanning
Secrets Scanning - GHAS Study project
exercise-configure-codeql-language-matrix
GHAS Exam Exercises
exercise-configure-dependabot
Dependabot - GHAS Exam Study
exercise-enable-code-scanning-using-codeql
Enable CodeQL - GHAS Exam Study
exercise-remove-commit-history
GHAS Exam study
juice-shop
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
juice-shop-tutorials
Testing a fork for CSCI-255
log4j-shell-poc
A Proof-Of-Concept for the CVE-2021-44228 vulnerability.
python-trojan
A simple implementation of a trojan malware in python
skills-deploy-to-azure
Github Action Exam Study
skills-hello-github-actions
Github Actions Exam Skills
skills-publish-packages-github-actons-test
GHAS Action Exam Study Content
skills-test-with-actions
Github Actions Exam Study
skills-write-javascript-actions
GHAS Actions Exam Prep
trivy-action
Runs Trivy as GitHub action to scan your Docker container image for vulnerabilities
trivy-test-ghas
testing trivy with GHAS