kmcquade

endgame

An AWS Pentesting tool that lets you use one-liner commands to backdoor an AWS account's resources with a rogue AWS account - or share the resources with the entire internet 😈

awesome-azure-security

A curated list of awesome Microsoft Azure Security tools, guides, blogs, and other resources.

aws-security-scripts

Some python scripts I wrote that help with various specialized AWS security things

conftest-terraform-multifolder-policies

Example of how to write OPA rules with conftest in a modular fashion for Terraform 0.12 plans.

OWASP-YouTube-2021

Deliberately vulnerable AWS resources for security assessment demos

terraform-aws-policy-sentry

Terraform module for Policy Sentry.

cloud-guardrails

Rapidly apply hundreds of security controls in Azure

cloudsplaining

Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.

policy_sentry

IAM Least Privilege Policy Generator

kmcquade/awesome-azure-security

A curated list of awesome Microsoft Azure Security tools, guides, blogs, and other resources.

kmcquade/cheatsheets.kmcquade.com

Github sync of my cheatsheets.kmcquade.com subdomain

kmcquade/policy_sentry

IAM Least Privilege Policy Generator

kmcquade/powertools-autodoc-proposal

My idea for auto-documenting arguments/input models for Lambda Functions using Lambda Powertools and Pydantic models

kmcquade/pypi-name-hog

Recursively hog namespaces on PyPi according to a YAML file, using GitHub actions.

kmcquade/checkov

Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.

kmcquade/cloudsplaining

Cloudsplaining is an AWS IAM Assessment tool that identifies violations of least privilege and generates a risk-prioritized HTML report with a triage worksheet.

kmcquade/ChatGPT

🤖 ChatGPT Desktop Application (Mac, Windows and Linux)

kmcquade/kmcquade

Personal README.md

kmcquade/sleepnumber-github-actions

Use GitHub actions and my Sleep Number bed to wake me up in the morning

kmcquade/django_quiz

This is a configurable quiz app for Django.

kmcquade/zap-extensions

ZAP Add-ons

kmcquade/burpgpt

A Burp Suite extension that integrates OpenAI's GPT to perform an additional passive scan for discovering highly bespoke vulnerabilities, and enables running traffic-based analysis of any type.

kmcquade/cancel-draft-prs-action

GitHub Action to check if a PR is a draft

kmcquade/chatgpt-prompts-bug-bounty

ChatGPT Prompts for Bug Bounty & Pentesting

kmcquade/go-example

A minimal Go application for tutorials

kmcquade/install-pipenv-action

A Github action to install pipenv

kmcquade/java-github-actions-demo

kmcquade/langchain-aws-template

Application template for service api using langchain and generative model services

kmcquade/loguru-contextual-info-experiment

A simple experiment with Loguru and how we can pass contextual information to the logger and re-use it easily across the code base.

kmcquade/nuclei-templates

Community curated list of templates for the nuclei engine to find security vulnerabilities.

kmcquade/python-postman

This repository will allow users to create API requests from postman collections at scale.

kmcquade/route-detect

Find authentication (authn) and authorization (authz) security bugs in web application routes.

kmcquade/SecGPT

A Test Project for a Network Security-oriented LLM Tool Emulating AutoGPT

kmcquade/security-crawl-maze

Security Crawl Maze is a comprehensive testbed for web security crawlers. It contains pages representing many ways in which one can link resources from a valid HTML document.

kmcquade/tmp

kmcquade/tracing-playground

Various examples of distributed tracing in action

kmcquade/VulnLab

kmcquade/xzbot

notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)

kmcquade/zap-session-issue

Example code for an issue with ZAP where we are not able to see messages in the history tab after loading a session.