twelsh-aw
Follow
Stars
AWS Least Privilege for Distributed, High-Velocity Deployment
Rules Registry for Compliance Frameworks
Guard offers a policy-as-code domain-specific language (DSL) to write rules and validate JSON- and YAML-formatted data such as CloudFormation Templates, K8s configurations, and Terraform JSON plans…
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
Network egress filtering and runtime security for GitHub-hosted and self-hosted runners
Kubernetes tool for scanning clusters for network policies and identifying unprotected workloads.
Proof-of-concept code for research into GitHub Actions Cache poisoning.
OWASP Coraza WAF is a golang modsecurity compatible web application firewall library
Ghidra is a software reverse engineering (SRE) framework
A more maintainable, easier to share version of the infamous http://mindprod.com/jgloss/unmain.html
Home of the Renovate CLI: Cross-platform Dependency Automation by Mend.io
aws2tf - automates the importing of existing AWS resources into Terraform and outputs the Terraform HCL code.
A technique to run binaries filelessly and stealthily on Linux by "overwriting" the shell's process with another.
JuiceFS is a distributed POSIX file system built on top of Redis and S3.
Static checker for GitHub Actions workflow files
Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…
Collection of tools for analyzing open source packages.