Latest Updates

sftp-gcs

Data Security & Encryption

A bridge between SFTP and Google Cloud Storage (GCS) that allows users to access GCS buckets via SFTP and sync files between them.

SansShell

Identity & Access Management

A non-interactive daemon for host management using gRPC for remote interactions and policy enforcement through Open Policy Agent (OPA).

zizmor

DevSecOps & Pipeline Security

A static analysis tool for GitHub Actions that identifies common security issues in CI/CD setups.

Jenganizer

Security Assessment & Audit

Jenganizer is a tool designed to help cloud security teams gain visibility into hidden services within AWS by tracking events triggered by user actions.

AWS Security Incident Response

Incident Response & Forensics

AWS Security Incident Response automates the monitoring and investigation of security findings, streamlining communication and coordination for security management.

Falco

Container & Kubernetes Security

Falco is a cloud native runtime security tool for Linux that detects and alerts on abnormal behavior and potential security threats in real-time by monitoring system calls and kernel events.

shell-exec-cloud-run

Container & Kubernetes Security

Execute a shell command within Cloud Run

Terraform Provider for Remote Code Execution

Configuration & Change Management

This terraform provider can be used to get remote code execution by injecting a dummy resource in a writeable state file. It highlights the risks associated with Terraform state files.

vpcshark

Network Security

An open source Wireshark extcap to make ad hoc mirroring of AWS EC2 traffic easier

Conditional Access Management Tools

Identity & Access Management

A set of Conditional Access (CA) policies and PowerShell management tools for Microsoft Entra ID, designed to enhance security while maintaining usability.

iam-simulate

Identity & Access Management

An IAM Simulator that outputs detailed explanations of how a request was evaluated.

aws-break-glass-role

Identity & Access Management

Create a break glass role for emergency use in AWS to limit access and configure alerts and logging for secure usage.

breakglass

Identity & Access Management

emergency/debugging access for gokrazy installations

NAXSI

Threat Detection & Response

NAXSI is an open-source, high performance, low rules maintenance WAF for NGINX

Dependabot

Vulnerability Management

Dependabot automates dependency updates in software projects by integrating with GitHub to monitor manifests and generate pull requests for updates.

Timesketch

Incident Response & Forensics

Collaborative forensic timeline analysis

Kube-hunter

Penetration Testing Tools

A security tool for identifying and exploiting vulnerabilities in Kubernetes clusters.

Snyk Container

Container & Kubernetes Security

A tool for identifying and remediating vulnerabilities in containerized applications.

cwe-monitor-secgrp

Security Monitoring & Logging

This CloudWatch Events rule Lambda function evaluates AWS API calls that change Amazon EC2 security group ingress rules. The function flags rules that violate a preconfigured policy.

CloudSecurity

Secrets Management

Cloud security projects with Spring Cloud Config Server and Vault