Andrew Wurster's starred repositories
trufflehog
Find and verify secrets
prowler
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more
my-arsenal-of-aws-security-tools
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
cloudmapper
CloudMapper helps you analyze your Amazon Web Services (AWS) environments.
cloudquery
The open source high performance ELT framework powered by Apache Arrow
detect-secrets
An enterprise friendly way of detecting and preventing secrets in code.
SecretScanner
:unlock: :unlock: Find secrets and passwords in container images and file systems :unlock: :unlock:
streamalert
StreamAlert is a serverless, realtime data analysis framework which empowers you to ingest, analyze, and alert on data from any environment, using datasources and alerting logic you define.
timesketch
Collaborative forensic timeline analysis
policy_sentry
IAM Least Privilege Policy Generator
binaryalert
BinaryAlert: Serverless, Real-time & Retroactive Malware Detection.
osx-security-awesome
A collection of OSX and iOS security resources
aws-inventory
Discover resources created in an AWS account.
attack_data
A repository of curated datasets from various attacks
cloud-forensics-utils
Python library to carry out DFIR analysis on the Cloud
lambda-action
GitHub Action for Deploying Lambda code to an existing function
Tor-IP-Addresses
Hourly checked and updated list of IP Addresses of Tor and Tor Exit Nodes
aws-security-analytics-bootstrap
AWS Security Analytics Bootstrap enables customers to perform security investigations on AWS service logs by providing an Amazon Athena analysis environment that's quick to deploy, ready to use, and easy to maintain.
truffleHogRegexes
These are the regexes that power truffleHog
peerd
peerd is an AWS VPC Peering Connection management tool. It creates full-meshes of VPCs from a yaml file, and manages the full lifecycle of creation, deletion and route table updates needed to make VPC peerings useful across accounts and regions. Contributions welcome.
ioc-explorer
Explore Indicators of Compromise Automatically
terraform-aws-ses-lambda-forwarder
This is a terraform module that creates an email forwarder using a combination of AWS SES and Lambda running the aws-lambda-ses-forwarder NPM module.