thegablemethod Goto Github PK

aardvark

Aardvark is a multi-account AWS IAM Access Advisor API

anchore-cli

Simple command-line client to the Anchore Engine service

atomic-red-team

Small and highly portable detection tests based on MITRE's ATT&CK.

awesome-appsec

A curated list of resources for learning about application security

awesome-devsecops

An authoritative list of awesome devsecops tools with the help from community experiments and contributions.

awesome-nodejs-security

Awesome Node.js Security resources

awesome-python-security

Awesome Python Security resources 🕶🐍🔐

awesome-security

A collection of awesome software, libraries, documents, books, resources and cools stuffs about security.

aws-incident-response-runbooks

aws-security-automation

Collection of scripts and resources for DevSecOps and Automated Incident Response Security

aws-security-week-sf-2018

AWS Security Week SF - DevSecOps Lab by Dome9 - Automating CloudFormation templates validation

aws-serverless-security-workshop

In this workshop, you will learn techniques to secure a serverless application built with AWS Lambda, Amazon API Gateway and RDS Aurora. We will cover AWS services and features you can leverage to improve the security of a serverless applications in 5 domains: identity & access management, code, data, infrastructure, logging & monitoring.

aws-serverless-workshops

Code and walkthrough labs to set up serverless applications for Wild Rydes workshops

aws-waf-security-automations

This solution automatically deploys a single web access control list (web ACL) with a set of AWS WAF rules designed to filter common web-based attacks.

aws_ir

Python installable command line utiltity for mitigation of host and key compromises.

aws_ir_plugins

Core incident handling plugins for aws_ir cli, incident pony, and more.

awslab

Build a penetration testing lab in Amazon EC2

caldera

Automated Adversary Emulation

canape

CANAPE Network Testing Tool

checkov

Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes and other infrastructure-as-code-languages with Checkov by Bridgecrew.

clair

Vulnerability Static Analysis for Containers

cloudgoat

Rhino Security Labs' "Vulnerable by Design" AWS infrastructure setup tool

cloudpentestcheatsheets

This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.

devskim

DevSkim is a set of IDE plugins and rules that provide security "linting" capabilities.

diffy

Diffy is a triage tool used during cloud-centric security incidents, to help digital forensics and incident response (DFIR) teams quickly identify suspicious hosts on which to focus their response.

docker-bench-security

The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in production.

empire

Empire is a PowerShell and Python post-exploitation agent.

empyre

A post-exploitation OS X/Linux agent written in Python 2.7

frost

Unit testing framework for test driven security of AWS configurations, and more.

fsociety

fsociety Hacking Tools Pack – A Penetration Testing Framework