Pinned Repositories
juice-shop
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
megaschematron
An experiment in a PyQT GUI for use with XML structured content and workflows.
oscaljs
A proof of concept of building OSCAL utility classes using the official NIST OSCAL JSON Schema.
tohch4's Repositories
tohch4/juice-shop
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
tohch4/oscaljs
A proof of concept of building OSCAL utility classes using the official NIST OSCAL JSON Schema.
tohch4/ars-machine-readable
Publish a machine readable version of the ARS standards to facilitate compliance as code efforts.
tohch4/AWS-DevSecOps-Factory
Sample DevSecOps pipelines (heavily biased on the "Sec") for various stacks and tools using open-source security tools and AWS native services
tohch4/bad-converter-app
A temp conversion sample app with a twist, it will steal your creds1
tohch4/checkov
Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.
tohch4/cms-ars-3.1-manual-controls-baseline
tohch4/cms-ars-3.1-manual-controls-baseline-1
InSpec profile baseline to automate manual controls of CMS ARS 3.1, validating any/all of its 489 security controls.
tohch4/compliance-io
Python library for reading/writing compliance as code
tohch4/CUB
tohch4/docsy-example
An example documentation site using the Docsy Hugo theme
tohch4/inspec
InSpec: Auditing and Testing Framework
tohch4/inspec-vault
An InSpec input source plugin for HashiCorp Vault
tohch4/js-releases
Download packages from releases.hashicorp.com
tohch4/katacoda-scenarios
Katacoda Scenarios
tohch4/malicious-pdf
Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator
tohch4/oh-no-know-ato
A collection of ideas information about RMF practice for modern service delivery (I think).
tohch4/packer-windows10
A Packer build for Windows 10
tohch4/pinty
Operate and manipulate physical quantities in Python
tohch4/pymetaschema
An experimental library for Python 3.x to generate classes that operate with Metaschema schemas.
tohch4/saxon.he
A mirror of the git repository for the Saxon Home Edition XML engine and XSLT processor.
tohch4/security-stack-mappings
This project empowers defenders with independent data on which native security controls of leading technology platforms are most useful in defending against the adversary TTPs they care about.
tohch4/Serverless-Workshop
Serverless Workshop
tohch4/setup-compliance-masonry
A prototype integration with OpenControl compliance-masonry tool wiithin the Github Actions ecosystem.
tohch4/setup-terraform
Sets up Terraform CLI in your GitHub Actions workflow.
tohch4/ssp-toolkit
Automate the creation of a System Security Plan (SSP)
tohch4/terraform-examples
Terraform samples for all the major clouds you can copy and paste. The future, co-created.
tohch4/threat-model-cookbook
This project is about creating and publishing threat model examples.
tohch4/tmdl
An attempt at creating a unifying Threat Model Definition Language using a declarative syntax with cuelang
tohch4/websec-check
web security checklist for Firefox Services