elprofesor123,github

electriceye

Continuously monitor your AWS services for configurations that can lead to degradation of confidentiality, integrity or availability. All results will be sent to Security Hub for further aggregation and analysis.

hacker101

Source code for Hacker101.com - a free online web and mobile security class.

incident-playbook

GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]

java-deserialization-exploits

Exploit for Jenkins serialization vulnerability - CVE-2016-0792

kube-scan

kube-scan: Octarine k8s cluster risk assessment tool

lambdaguard

AWS Serverless Security

lynis

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

my-arsenal-of-aws-security-tools

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

og-aws

📙 Amazon Web Services — a practical guide

penetration-testing-tools

A collection of more than 140+ tools, scripts, cheatsheets and other loots that I have developed over years for Red Teaming/Pentesting/IT Security audits purposes. Most of them came handy on at least one of my real-world engagements.

phishingpretexts

A library of pretexts to use on offensive phishing engagements.

pimpmykali

Kali Linux Fixes for Newly Imported VM's

pmapper

A tool for quickly evaluating IAM permissions in AWS.

practical-ethical-hacking-resources

Compilation of Resources from TCM's Practical Ethical Hacking Udemy Course

prowler

Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains all CIS controls listed here https://d0.awsstatic.com/whitepapers/compliance/AWS_CIS_Foundations_Benchmark.pdf and more than 100 additional checks that help on GDPR, HIPAA and other security requirements.

ptf

The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.

public-pentesting-reports

Curated list of public penetration test reports released by several consulting firms and academic security groups

python-prowler-container

Minimalist containerized implementation of Prowler from https://github.com/toniblyx/prowler, made to run within ECS Fargate and have Secrets passed via AWS Secrets Manager

rbcd-attack

Kerberos Resource-Based Constrained Delegation Attack from Outside using Impacket

red-team-infrastructure-wiki

Wiki to collect Red Team infrastructure hardening resources

report_examples

Example reports from prior years of the Collegiate Penetration Testing Competition

resource-counter

This command line tool counts the number of resources in different categories across Amazon regions.

riposte

Python package for wrapping applications inside a tailored interactive shell

routersploit

Exploitation Framework for Embedded Devices

sadcloud

A tool for standing up (and tearing down!) purposefully insecure cloud infrastructure

sanscloudsecuritysummit2018

Materials used and mentioned during my talk at SANS Cloud Security Summit 2018 in San Diego

scarecrow

ScareCrow - Payload creation framework designed around EDR bypass.

scoutsuite

Multi-Cloud Security Auditing Tool

security_monkey_cloudformation

Creates a CloudFormation stack for running Security Monkey

sonar-scanner-cli

Scanner CLI for SonarQube and SonarCloud

elprofesor123 Goto Github PK

elprofesor123's Projects

Recommend Projects

Recommend Topics

Recommend Org