julianwieg's Stars
BishopFox/sliver
Adversary Emulation Framework
terraform-google-modules/terraform-example-foundation
Shows how the CFT modules can be composed to build a secure cloud foundation
ScarredMonk/SysmonSimulator
Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detections and correlation rules by Blue teams.
Purp1eW0lf/Blue-Team-Notes
You didn't think I'd go and leave the blue team out, right?
Cloud-Architekt/AzureAD-Attack-Defense
This publication is a collection of various common attack scenarios on Microsoft Entra ID (formerly known as Azure Active Directory) and how they can be mitigated or detected.
projectdiscovery/nuclei
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.
warhorse/warhorse
Infrastructure Automation
clem9669/hashcat-rule
Rule for hashcat or john. Aiming to crack how people generate their password
zoph-io/MAMIP
[MAMIP] Monitor AWS Managed IAM Policies Changes
salesforce/cloudsplaining
Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.
6mile/DevSecOps-Playbook
This is a step-by-step guide to implementing a DevSecOps program for any size organization
ustayready/fireprox
AWS API Gateway management tool for creating on the fly HTTP pass-through proxies for unique IP rotation
AzureAD/AzureADAssessment
Tooling for assessing an Azure AD tenant state and configuration
MichaelCade/90DaysOfDevOps
This repository started out as a learning in public project for myself and has now become a structured learning map for many in the community. We have 3 years under our belt covering all things DevOps, including Principles, Processes, Tooling and Use Cases surrounding this vast topic.
jdyke/gcp-iam-analyzer
Compares and analyzes GCP IAM roles.
awslabs/aws-automated-incident-response-and-forensics
julianwieg/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
LOLBAS-Project/LOLBAS
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
cyberark/kubesploit
Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized environments.
inguardians/peirates
Peirates - Kubernetes Penetration Testing tool
ScaleSec/terraform_aws_scp
AWS Organizations Service Control Policies (SCPs) written in HashiCorp Terraform.
Hacking-the-Cloud/hackingthe.cloud
An encyclopedia for offensive and defensive security knowledge in cloud native technologies.
ail-project/ail-framework
AIL framework - Analysis Information Leak framework
GoogleCloudPlatform/microservices-demo
Sample cloud-first application with 10 microservices showcasing Kubernetes, Istio, and gRPC.
cisagov/Sparrow
Sparrow.ps1 was created by CISA's Cloud Forensics team to help detect possible compromised accounts and applications in the Azure/m365 environment.
Res260/conti_202202_leak_procedures
This repository contains procedures found in the Feb 2022 conti leaks. They were taken from the "manual_teams_c" rocketchat channel in the leak and posted on may 10th, 2021 in the channel.
aws-samples/aws-secure-environment-accelerator
The AWS Secure Environment Accelerator is a tool designed to help deploy and operate secure multi-account, multi-region AWS environments on an ongoing basis. The power of the solution is the configuration file which enables the completely automated deployment of customizable architectures within AWS without changing a single line of code.
adriannovegil/awesome-observability
Awesome observability page
0x6d69636b/windows_hardening
HardeningKitty and Windows Hardening Settings
myugan/awesome-cicd-security
:books: A curated list of awesome CI CD security resources