mikerod-sd's Stars
trufflesecurity/trufflehog
Find, verify, and analyze leaked credentials
onceupon/Bash-Oneliner
A collection of handy Bash One-Liners and terminal tricks for data processing and Linux system maintenance.
google/grr
GRR Rapid Response: remote live forensics for incident response
hexops/dockerfile
Dockerfile best-practices for writing production-worthy Docker images.
microsoft/kiota
OpenAPI based HTTP Client code generator
6mile/DevSecOps-Playbook
This is a step-by-step guide to implementing a DevSecOps program for any size organization
hahwul/DevSecOps
♾️ Collection and Roadmap for everyone who wants DevSecOps. Hope your DevOps are more safe 😎
ossf/allstar
GitHub App to set and enforce security policies
OWASP/wrongsecrets
Vulnerable app with examples showing how to not use secrets
akto-api-security/akto
Proactive, Open source API security → API discovery, Testing in CI/CD, Test Library with 150+ Tests, Add custom tests, Sensitive data exposure
aquasecurity/chain-bench
An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmark.
OWASP/www-project-kubernetes-top-ten
OWASP Foundation Web Respository
center-for-threat-informed-defense/attack-flow
Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flows for a small corpus of incidents, and creating visualization tools to display attack flows.
google/cloud-forensics-utils
Python library to carry out DFIR analysis on the Cloud
awslabs/aws-automated-incident-response-and-forensics
secengjeff/awskillswitch
Lambda function that streamlines containment of an AWS account compromise
gsmith257-cyber/GraphCrawler
GraphQL automated security testing toolkit
awslabs/terraform-iam-policy-validator
A command line tool that validates AWS IAM Policies in a Terraform template against AWS IAM best practices
atsign-foundation/sshnoports
SSH to any device with no ports open
awslabs/assisted-log-enabler-for-aws
Assisted Log Enabler for AWS - Find AWS resources that are not logging, and turn them on.
aws-samples/service-control-policy-examples
Example AWS Service control policies to get started or mature your usage of AWS SCPs.
koenbuyens/oauth-2.0-security-cheat-sheet
oauth security guidelines
mikeprivette/awesome-sec-challenges
A curated list of Awesome Security Challenges.
iriusrisk/OpenThreatModel
The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.
9rnt/poro
Scan publicly accessible assets on your AWS cloud environment
OWASP/owasp-summit-2017
Content for OWASP Summit 2017 site
aquia-inc/scpkit
SCP management tool
eclipse/jbom
nccgroup/ccs
turbot/steampipe-mod-zoom-compliance
Run individual configuration, compliance and security controls or full compliance benchmarks for CIS for Zoom using Powerpipe and Steampipe.