Jason Ostrom's repositories
Awesome-CloudSec-Labs
Awesome free cloud native security learning labs. Includes CTF, self-hosted workshops, guided vulnerability labs, and research labs.
PurpleCloud
A little tool to play with Azure Identity - Azure Active Directory lab creation tool
AutomatedEmulation
An automated Breach and Attack Simulation lab with terraform. Built for IaC stability, consistency, and speed.
voiphopper
VoIP Hopper Network Penetration Testing Tool - Jumping from one VLAN to the next! A network infrastructure penetration testing security tool. A tool to test for the (in)security of VLANS. It can mimic the behavior of IP Phones to better understand business risks within an IP Telephony network infrastructure. VoIP Hopper is included in Kali Linux. This site is for up-to-date code. Documentation website:
Velociraptor_Azure
A collection of Terraform and Ansible scripts that automatically (and quickly) deploys a small Velociraptor R&D lab.
masscan_nmap
Automating masscan and nmap together.
conferences
Community contributions to SANS, DEFCON, ShmooCon, and ToorCon.
enterprise-azure-policy-as-code
Enterprise-ready Azure Policy-as-Code (PaC) solution (includes Az DevOps pipeline)
HELK_Azure
A collection of Terraform and Ansible scripts that automatically (and quickly) deploys a small HELK R&D lab in Azure.
BadBlood
BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active Directory. Each time this tool runs, it produces different results. The domain, users, groups, computers and permissions are different. Every. Single. Time.
caldera_tines
Samples for Caldera and Tines automation playbooks
logstash-example
Demonstration logstash configuration using a docker-compose
saml-pentest
Some python and ruby examples for saml xml manipulation.
SANSSEC598-Resources
Rsources that are publicly available, these resources are linked to the SANS SEC598 Class