mendel129's starred repositories
vaultwarden
Unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs
cloud-custodian
Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources
ThreatMapper
Open Source Cloud Native Application Protection Platform (CNAPP)
passbolt_api
Passbolt Community Edition (CE) API. The JSON API for the open source password manager for teams!
htmlpurifier
Standards compliant HTML filter written in PHP
security-research
This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-Google owned code.
Awesome-CloudSec-Labs
Awesome free cloud native security learning labs. Includes CTF, self-hosted workshops, guided vulnerability labs, and research labs.
cloudformation-guard
Guard offers a policy-as-code domain-specific language (DSL) to write rules and validate JSON- and YAML-formatted data such as CloudFormation Templates, K8s configurations, and Terraform JSON plans/configurations against those rules. Take this survey to provide feedback about cfn-guard: https://amazonmr.au1.qualtrics.com/jfe/form/SV_bpyzpfoYGGuuUl0
certspotter
Certificate Transparency Log Monitor
saas-attacks
Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face. #nolockdown
m5stick-nemo
M5 Stick C firmware for high-tech pranks
aws-security-survival-kit
Bare minimum AWS Security Alerting and Configuration
aws-iot-device-sdk-python-v2
Next generation AWS IoT Client SDK for Python using the AWS Common Runtime
threat-composer
A simple threat modeling tool to help humans to reduce time-to-value when threat modeling
inverting-proxy
Reverse proxy that inverts the direction of traffic
jupyter-notebook-for-incident-response
A library of Incident Response notebooks using Jupyter. We will show how you can leverage pre-defined notebook files to guide your incident responders in identifying, containing, eradicating, and recovering from an incident.
devsecopsguides.github.io
DevSecOpsGuides
jwt-webtool
Source code repo for the online JWT webtool.
vault-policy-guide
A brief guide to help illustrate some of the more nuanced aspects of HashiCorp Vault's policies.
aws-guard-rules-registry
Rules Registry for Compliance Frameworks
security-analysis-tool
Security Analysis Tool (SAT) analyzes customer's Databricks account and workspace security configurations and provides recommendations that help them follow Databrick's security best practices. When a customer runs SAT, it will compare their workspace configurations against a set of security best practices and delivers a report.