Pinned Repositories
fedramp-automation
FedRAMP Automation
fedramp-gsuite-utils
A collection of Google Apps Script resources to process FedRAMP Word and Excel templates when stored in the GSA GSuite environment.
OSCAL
Open Security Controls Assessment Language (OSCAL)
oscal-content
NIST SP 800-53 content and other OSCAL content examples
vuls
Agent-less vulnerability scanner for Linux, FreeBSD, Container Image, Running Container, WordPress, Programming language libraries, Network devices
vulsrepo
VulsRepo is visualized based on the json report output in vuls.
ohsh6o's Repositories
ohsh6o/fedramp-gsuite-utils
A collection of Google Apps Script resources to process FedRAMP Word and Excel templates when stored in the GSA GSuite environment.
ohsh6o/vuls
Agent-less vulnerability scanner for Linux, FreeBSD, Container Image, Running Container, WordPress, Programming language libraries, Network devices
ohsh6o/fedramp-automation
FedRAMP Automation
ohsh6o/OSCAL
Open Security Controls Assessment Language (OSCAL)
ohsh6o/oscal-content
NIST SP 800-53 content and other OSCAL content examples
ohsh6o/ATICC
Assessment of Trusted Internet Connection Compliance (ATICC) Dashboard
ohsh6o/cdxgen-action
GitHub action for CycloneDX BOM generator (cdxgen). cdxgen produced bom xml file can be uploaded to dependency track, AppThreat and other commercial Software Composition Analysis (SCA) products
ohsh6o/compliance-trestle
An opinionated tooling platform for managing compliance as code, using continuous integration and NIST's OSCAL standard.
ohsh6o/diffx
An XML difference tool in Java
ohsh6o/dim
Dynamic Information Model
ohsh6o/django-DefectDojo
DefectDojo is an open-source application vulnerability correlation and security orchestration tool.
ohsh6o/docker-sonarqube
ohsh6o/eks-brokerpak
Broker AWS EKS instances using the OSBAPI (eg from cloud.gov)
ohsh6o/fedramp-tailored
FedRAMP Tailored.
ohsh6o/handbook
The home of policies and guidelines that make up TTS.
ohsh6o/jOVAL
An open-source JAXB data model for SCAP specification formats.
ohsh6o/little-differ
A semantic diffing utility for certain types of XML models.
ohsh6o/nistExample
Example of how to do xml parsing for NIST data xml to MS word document.
ohsh6o/opal
OSCAL Policy Administration Library (OPAL) provides a simple web application for managing System Security Plans. The data modle is based on the OSCAL standard.
ohsh6o/oscal-deep-diff
[WIP] Open Security Controls Assessment Language (OSCAL) Deep Differencing Tool
ohsh6o/oscalkit
NIST OSCAL SDK and CLI
ohsh6o/salve
Schema-Aware Library for Validation and Edition (salve) implements RNG validation in pure JavaScript (transpiled from TypeScript).
ohsh6o/schematron-cli
Command line interface for ISO Schematron in XSLT2
ohsh6o/security-policy-templates
A set of policies, standards and control procedures with mapping to HIPAA, NIST CSF, PCI DSS, FedRAMP, CIS Controls
ohsh6o/skyrim-schematron-tutorial
Experimentation around this tutorial: dh.obdurodon.org/schematron-skyrim.xhtml
ohsh6o/slab
slab is a schematron lab, to quickly experiment with Schematron development.
ohsh6o/sonarlint-vscode
SonarLint for Visual Studio Code
ohsh6o/ssp-toolkit
Automate the creation of a System Security Plan (SSP)
ohsh6o/template-brokerpak
A broker plugin that enables brokering XXXX-specific services
ohsh6o/XML-Pantry
Assorted ideas, studies, and experiments in XML