Msc. Juan Montero's Projects
Collection of a wide variety of practice DevSecOps implementions via Jenkins Pipelines and Configurations as Code.
A deliberately vulnerable CI/CD environment. Learn CI/CD security through multiple challenges.
A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.
Prowler is an Open Source Security tool for AWS, Azure and GCP to perform Cloud Security best practices assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. It contains hundreds of controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.
The Shared Host Integrated Password System (SHIPS) is a solution to provide unique and rotated local super user or administrator passwords for environments where it is not possible or not appropriate to disable these local accounts. Clients may be configured to rotate passwords automatically. Stored passwords can be retrieved by desktop support personnel as required, or updated when a password has to be manually changed in the course of system maintenance. By having unique passwords on each machine and logging of password retrievals, security can be improved my making networks more resistant to lateral movement by attackers and enhancing the ability to attribute actions to individual persons.
Synapse: a Meta Alert Feeder for TheHive, a Security Incident Response Platform
A forked threat matrix for CI/CD Pipeline
Hands-on Exercises for "Dangerous attack paths: Modern Development Environment Security - Devices and CI/CD pipelines"
An interesting Maturity Model Collaborative project for Vulnerability Management that is forked from iamthefrogy's repositories.
This is one of the largest checklist available so far on the Internet. Forked from iamthefrogy's repositories.
Just a CLI application to convert the json format output reports of different security tools.