brandon-secid

brandon-secid's Stars

• protectai/vulnhuntr

  Zero shot vulnerability discovery using LLMs

  Language:Python1.3k133

• Hacking-the-Cloud/hackingthe.cloud

  An encyclopedia for offensive and defensive security knowledge in cloud native technologies.

  Language:Dockerfile1.8k221

• planetscale/cloudranger

  Go library for mapping IP address ranges to cloud provider regions (currently: AWS and GCP)

  Language:Go10

• edera-dev/am-i-isolated

  Validate the isolation posture of your container environment.

  Language:Rust2275

• usebruno/bruno

  Opensource IDE For Exploring and Testing Api's (lightweight alternative to postman/insomnia)

  Language:JavaScript29.5k1.4k

• awslabs/cedar-access-control-for-k8s

  Cedar for Kubernetes brings the power of Cedar to Kubernetes authorization and admission validation, showing how cluster administrators can enable a unified access control language for principals making API calls and giving policy authors a single language to write and reason about

  Language:Go1025

• yanilov/control-tags

  Scalable integrity framework for ABAC on AWS

  Language:HCL39

• HarshVaragiya/aws-redteam-kit

  A PoC to Simulate Ransomware Attack on AWS Environment

  Language:Go291

• PaperMtn/slack-watchman

  Slack enumeration and exposed secrets detection tool

  Language:Python36940

• saw-your-packet/CloudShovel

  A tool for scanning public or private AMIs for sensitive files and secrets. The tool follows the research made on AWS CloudQuarry where we scanned 20k+ public AMIs.

  Language:Python978

• awslabs/threat-composer

  A simple threat modeling tool to help humans to reduce time-to-value when threat modeling

  Language:TypeScript49667

• xvnpw/ai-threat-modeling-action

  AI featured threat modeling and security review action

  Language:Dockerfile423

• CCob/okta-terrify

  Okta Verify and Okta FastPass Abuse Tool

  Language:C#30134

• padok-team/cognito-scanner

  A simple script which implements different Cognito attacks such as Account Oracle or Priviledge Escalation

  Language:Python1015

• amancevice/terraform-aws-slackbot

  Serverless Extensible Slackbot

  Language:Python8625

• boostsecurityio/poutine

  boostsecurityio/poutine

  Language:Go24226

• openai/openai-security-bots

  Language:Python36027

• github/contributors

  GitHub Action that given an organization or repository, produces information about the contributors over the specified time period.

  Language:Python10817

• ovotech/cloud-key-rotator

  A Golang program to rotate AWS & GCP account keys

  Language:Go6511

• C0axx/CanaryHunter

  Canary Hunter aims to be a quick PowerShell script to check for Common Canaries in various formats generated for free on canarytokens.org

  Language:PowerShell11710

• pushsecurity/saas-attacks

  Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face. #nolockdown

  1.2k86

• sofienkaabar/deep-learning-for-finance

  The Official Repository of Deep Learning for Finance

  Language:Python12351

• aws-samples/aws-customer-playbook-framework

  This repository provides sample templates for security playbooks against various scenarios when using Amazon Web Services.

  556106

• welldone-cloud/aws-scps-for-sandbox-and-training-accounts

  Language:Python1435

• trufflesecurity/WhoAmISlack

  Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.

  Language:Python391

• shindan-io/scnr

  deep file scanner tool

  Language:Rust361

• fwdcloudsec/known_aws_accounts

  List of known AWS accounts

  Language:Shell17627

• google/localtoast

  Language:Go10813

• aws-samples/ipv4-usage-monitoring-for-aws

  Language:Python412

• synacktiv/nord-stream

  Nord Stream is a tool that allows you to extract secrets stored inside CI/CD environments by deploying malicious pipelines. It currently supports Azure DevOps, GitHub and GitLab.

  Language:Python26616