Name: Kinnaird McQuade
Type: User
Company: NightVision Security
Bio: Founder/CTO @nvsecurity. I build security testing tools, mostly around AppSec, CloudSec, and AWS. Author of Cloudsplaining and Endgame.
Twitter: kmcquade3
Location: us-east-1
Blog: https://kmcquade.com
Kinnaird McQuade's Projects
Builds a CentOS 7 AMI via chroot and Packer
Packer templates for creating Amazon EC2 images and Vagrant boxes
Templates and scripts for use in building boxes with Packer
CI/CD using Packer, Terraform & Inspec on AWS
Packer Example - Ubuntu 16.04 minimal Vagrant Box using Ansible provisioner
Rhino Security Labs' AWS penetration testing toolkit
AWS IAM linting library
Playing around with OWASP ZAP API's and Automation
Fork of Forseti policy library to show how to create a constraint around bucket name using Rego
IAM Least Privilege Policy Generator
Examples of using Policy Sentry as a python library.
Just trying out ReadTheDocs
Work on user interface and the REST API for the Policy Sentry UI
Parse and Process AWS IAM Policies, Statements, ARNs, and wildcards.
Repository for our casc demo setup
pre-commit git hooks to take care of Terraform configurations
Terraform repo to create self signed certificates for use in HashiCorp Vault Deployment. Separating the ones provided by HashiCorp
AWS Security Best Practices Assessment, Auditing, Hardening and Forensics Readiness Tool. It follows guidelines of the CIS Amazon Web Services Foundations Benchmark and DOZENS of additional checks including GDPR and HIPAA (+100). Official CIS for AWS guide: https://d0.awsstatic.com/whitepapers/compliance/AWS_CIS_Foundations_Benchmark.pdf
Curated list of public penetration test reports released by several consulting firms and academic security groups
PureSec CLI tools for improving the security of your serverless applications.
Portfolio and risk analytics in Python
Recursively hog namespaces on PyPi according to a YAML file, using GitHub actions.
Python MSI Pod Identity
Boilerplate code for Python based security assessment tools that generate single file HTML reports.
Example for friends
AWS Enumeration and Footprinting Tool
Wiki to collect Red Team infrastructure hardening resources
Regula checks Terraform for AWS and GCP security and compliance using Open Policy Agent/Rego