elprofesor123 Goto Github PK
Type: User
Type: User
Continuously monitor your AWS services for configurations that can lead to degradation of confidentiality, integrity or availability. All results will be sent to Security Hub for further aggregation and analysis.
Source code for Hacker101.com - a free online web and mobile security class.
GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]
Exploit for Jenkins serialization vulnerability - CVE-2016-0792
kube-scan: Octarine k8s cluster risk assessment tool
AWS Serverless Security
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
📙 Amazon Web Services — a practical guide
A collection of more than 140+ tools, scripts, cheatsheets and other loots that I have developed over years for Red Teaming/Pentesting/IT Security audits purposes. Most of them came handy on at least one of my real-world engagements.
A library of pretexts to use on offensive phishing engagements.
Kali Linux Fixes for Newly Imported VM's
A tool for quickly evaluating IAM permissions in AWS.
Compilation of Resources from TCM's Practical Ethical Hacking Udemy Course
Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains all CIS controls listed here https://d0.awsstatic.com/whitepapers/compliance/AWS_CIS_Foundations_Benchmark.pdf and more than 100 additional checks that help on GDPR, HIPAA and other security requirements.
The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.
Curated list of public penetration test reports released by several consulting firms and academic security groups
Minimalist containerized implementation of Prowler from https://github.com/toniblyx/prowler, made to run within ECS Fargate and have Secrets passed via AWS Secrets Manager
Kerberos Resource-Based Constrained Delegation Attack from Outside using Impacket
Wiki to collect Red Team infrastructure hardening resources
Example reports from prior years of the Collegiate Penetration Testing Competition
This command line tool counts the number of resources in different categories across Amazon regions.
Python package for wrapping applications inside a tailored interactive shell
Exploitation Framework for Embedded Devices
A tool for standing up (and tearing down!) purposefully insecure cloud infrastructure
Materials used and mentioned during my talk at SANS Cloud Security Summit 2018 in San Diego
ScareCrow - Payload creation framework designed around EDR bypass.
Multi-Cloud Security Auditing Tool
Creates a CloudFormation stack for running Security Monkey
Scanner CLI for SonarQube and SonarCloud
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.