Name: Shawn
Type: User
Company: @better
Bio: Born 83, lived in MTL, Hewlett, and NYC (BK, MAN, QNS). Hofstra CS/CE. Dad to Alex. Security-minded. AWS/TF/Python (some PHP, Go, .NET)
Twitter: stolidano
Location: Forest Hills, NY
Blog: http://www.tolidano.com
Shawn's Projects
Aardvark is a multi-account AWS IAM Access Advisor API
Simple SQL in Python
Least privilege AWS IAM Terraformer
Stream VR games from your PC to your headset via Wi-Fi
Advent of Code 2019 Problems and Solutions as well as Helpers in PHP 7.4
Aria Cloud Penetration Testing Tools Container. Aria Cloud is a Docker Container ideal for remote pentesting over SSH or RDP, with a primary emphasis on cloud security tools and secondary on Active Directory tools. Use it for an assumed breach pentest where remote access is necessary via RDP or SSH, or for simple AD lab testing.
This repository consists of scripts for various platforms that helps in getting evidences for auditing.
A curated list of awesome Amazon Web Services (AWS) libraries, open source repos, guides, blogs, and other resources. Featuring the Fiery Meter of AWSome.
A curated list to learn about distributed systems
The Patterns of Scalable, Reliable, and Performant Large-Scale Systems
A curated list of awesome serverless security resources such as (e)books, articles, whitepapers, blogs and research papers.
A curated list of Site Reliability and Production Engineering resources.
A tiny CLI tool to help save costs in development environments when you're asleep and don't need them!
Example detection of compromise credentials in AWS
Scripts to quickly fix security and compliance issues
Tools for AWS forensics
AHA is an incident management & communication framework to provide real-time alert customers when there are active AWS event(s). For customers with AWS Organizations, customers can get aggregated active account level events of all the accounts in the Organization. Customers not using AWS Organizations still benefit alerting at the account level.
A centralized source of all AWS IAM privilege escalation methods released by Rhino Security Labs.
A list of all known IAM actions; and a way of updating that list
AWS Inventory in a single HTML file using JS AWS-SDK & Bootstrap
Multi-threaded AWS inventory collection tool
The official AWS SDK for Java.
Official repository of the AWS SDK for PHP (@awsforphp)
The AWS Secure Environment Accelerator is a tool designed to help deploy and operate secure multi-account AWS environments on an ongoing basis. The power of the solution is the configuration file which enables the completely automated deployment of customizable architectures within AWS without changing a single line of code.
Collection of scripts and resources for DevSecOps and Automated Incident Response Security
AWS Security Hub Automated Response and Remediation is an add-on solution that works with AWS Security Hub to provide a ready-to-deploy architecture and a library of automated playbooks. The solution makes it easier for AWS Security Hub customers to resolve common security findings and to improve their security posture in AWS.
A collection of the latest AWS Security workshops