gear0's Stars
cisagov/ScubaGear
Automation to assess the state of your M365 tenant against CISA's baselines
MicrosoftDocs/SecurityBenchmarks
Supplemental information and resources for the Security Benchmark documentation available at https://docs.microsoft.com/azure/security/benchmarks/.
appdefensealliance/ASA-WG
aws-samples/fedramp-integrated-inventory-workbook
This example shows how you can create a Lambda function to retrieve inventory information to create the integrated inventory spreadsheet which can be used as a separate attachment to the FedRAMP System Security Plan (SSP)
aws-samples/serverless-patterns
Serverless patterns. Learn more at the website: https://serverlessland.com/patterns.
aws-samples/role-vending-machine
aws-samples/aws2tf
aws2tf - automates the importing of existing AWS resources into Terraform and outputs the Terraform HCL code.
iann0036/iam-dataset
A consolidated cloud IAM dataset
nicocha30/ligolo-ng
An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
SummitRoute/aws_breaking_changes
List of changes announced for AWS that may break existing code
aws-samples/aws-auto-inventory
AWS Auto Inventory allows you to quickly and easily generate inventory reports of your AWS resources.
srlabs/Certiception
An ADCS honeypot to catch attackers in your internal network.
notthehiddenwiki/NTHW
Not The Hidden Wiki - The largest repository of links related to cybersecurity
4ndersonLin/awesome-cloud-security
🛡️ Awesome Cloud Security Resources ⚔️
iknowjason/Awesome-CloudSec-Labs
Awesome free cloud native security learning labs. Includes CTF, self-hosted workshops, guided vulnerability labs, and research labs.
NicholasSpringer/thunder-ctf
GCP cloud security CTF
doyensec/wsrepl
WebSocket REPL for pentesters
BishopFox/cloudfox
Automating situational awareness for cloud penetration tests.
usdAG/cstc
CSTC is a Burp Suite extension that allows request/response modification using a GUI analogous to CyberChef
OWASP/owasp-istg
The IoT Security Testing Guide (ISTG) provides a comprehensive methodology for penetration tests in the IoT field, offering flexibility to adapt innovations, and developments in the IoT market while still ensuring comparability of test results.
francoismichel/ssh3
SSH3: faster and rich secure shell using HTTP/3, checkout our article here: https://arxiv.org/abs/2312.08396 and our Internet-Draft: https://datatracker.ietf.org/doc/draft-michel-ssh3/
DefGuard/defguard
The only _real_ 2FA MFA WireGuard Enterprise VPN with build-in SSO, hardware keys management and more!
cxiao/rust-malware-gallery
A collection of malware families and malware samples which use the Rust programming language.
The-XSS-Rat/SecurityTesting
drduh/YubiKey-Guide
Guide to using YubiKey for GnuPG and SSH
Syslifters/sysreptor
Fully customisable, offensive security reporting solution designed for pentesters, red teamers and other security-related people alike.
infosecn1nja/AD-Attack-Defense
Attack and defend active directory using modern post exploitation adversary tradecraft activity
vxunderground/VX-API
Collection of various malicious functionality to aid in malware development
fin3ss3g0d/evilgophish
evilginx3 + gophish
scwuaptx/HITCON-Training
For Linux binary Exploitation