mendel129

mendel129's starred repositories

cloud-custodian

Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources

Language:PythonApache-2.05303 164 4072

ThreatMapper

Open Source Cloud Native Application Protection Platform (CNAPP)

Language:TypeScriptApache-2.04720 57 576

pacu

The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

Language:PythonBSD-3-Clause4203 109 124

security-research

This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-Google owned code.

Language:CApache-2.03172 240 13

htmlpurifier

Standards compliant HTML filter written in PHP

Language:PHPLGPL-2.13022 65 238

coraza

OWASP Coraza WAF is a golang modsecurity compatible web application firewall library

Language:GoApache-2.02007 33 324

dnsteal

DNS Exfiltration tool for stealthily sending files over DNS requests.

Language:PythonGPL-2.01677 77 10

Guard offers a policy-as-code domain-specific language (DSL) to write rules and validate JSON- and YAML-formatted data such as CloudFormation Templates, K8s configurations, and Terraform JSON plans/configurations against those rules. Take this survey to provide feedback about cfn-guard: https://amazonmr.au1.qualtrics.com/jfe/form/SV_bpyzpfoYGGuuUl0

Language:RustApache-2.01258 40 211

saas-attacks

Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face. #nolockdown

CC-BY-4.0951 18 36

certspotter

Certificate Transparency Log Monitor

Language:GoMPL-2.0944 33 60

ZeusCloud

Open Source Cloud Security

Language:TypeScriptApache-2.0681 14 53

m5stick-nemo

M5 Stick C firmware for high-tech pranks

Language:CNOASSERTION653 30 107

awesome-secure-defaults

Awesome secure by default libraries to help you eliminate bug classes!

628 190

confsec

Security, hacking conferences (list)

481 74 4

aws-security-survival-kit

Bare minimum AWS Security Alerting and Configuration

Language:MakefileGPL-3.0440 18 17

threat-composer

A simple threat modeling tool to help humans to reduce time-to-value when threat modeling

Language:TypeScriptApache-2.0411 14 8

aws-iot-device-sdk-python-v2

Next generation AWS IoT Client SDK for Python using the AWS Common Runtime

Language:PythonApache-2.0395 30 199

inverting-proxy

Reverse proxy that inverts the direction of traffic

Language:GoApache-2.0250 16 22

devsecopsguides.github.io

DevSecOpsGuides

Language:SCSS153 60

aws-summarize-account-activity

Language:PythonAGPL-3.0141 30

jupyter-notebook-for-incident-response

A library of Incident Response notebooks using Jupyter. We will show how you can leverage pre-defined notebook files to guide your incident responders in identifying, containing, eradicating, and recovering from an incident.

Language:Jupyter NotebookMIT-0137 130

vault-policy-guide

A brief guide to help illustrate some of the more nuanced aspects of HashiCorp Vault's policies.

Language:HCLCC-BY-SA-4.0127 5 1

jwt-webtool

Source code repo for the online JWT webtool.

Language:JavaScriptApache-2.0126 8 10

localtoast

Language:GoApache-2.0106 3 3

aws-guard-rules-registry

Rules Registry for Compliance Frameworks

Language:PythonApache-2.0103 13 189

security-analysis-tool

Security Analysis Tool (SAT) analyzes customer's Databricks account and workspace security configurations and provides recommendations that help them follow Databrick's security best practices. When a customer runs SAT, it will compare their workspace configurations against a set of security best practices and delivers a report.

Language:PythonNOASSERTION74 5 35