Access Undenied parses AWS AccessDenied CloudTrail events, explains the reasons for them, and offers actionable remediation steps. Open-sourced by Ermetic.

Go library and program to access your Authy TOTP secrets.

No need for IAM users when we have Yubikeys

Documenting your Threat Models with HCL

Serverless honeytoken 🕵🏻‍♂️

Code to use streamdeck lib and tie in obs/mqtt/other things

Automatically compile an AWS Service Control Policy that ONLY allows AWS services that are compliant with your preferred compliance frameworks.

A Python program to scrape secrets from GitHub through usage of a large repository of dorks.

CLI for searching Rego policies

🤖 Autonomous robot for all your Nvidia needs

Use your Raspberry Pi as a browser-based KVM.

Anonymized, secure, and free Terraform cost estimation based on Terraform plan (0.12+) or Terraform state (any version)

get things from one computer to another, safely

The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis

Using this script, you can enumerate Usernames and passwords of Nosql(mongodb) injecion vulnerable web applications.

Source code for the book "Black Hat Python" by Justin Seitz. The code has been fully converted to Python 3, reformatted to comply with PEP8 standards and refactored to eliminate dependency issues i…

📦 • Send a file p2p and e2e encrypted in your browser using WebRTC.

Small tool to convert an IAM Policy in JSON format into a Terraform aws_iam_policy_document

🍻 A CLI workflow for the administration of macOS applications distributed as binaries

Multi-Cloud Security Auditing Tool

A collective list of free APIs

drop in replacement for tail -F that asks you if you are still watching

Exploits written by the Rhino Security Labs team

Terraform Module to define a consistent naming convention by (namespace, stage, name, [attributes])

This repository explains one way you can encrypt files before transmitting them to Backblaze B2.

DEPRECATED — assume-role: a CLI tool making it easy to assume IAM roles through an AWS Bastion account

Stream display system to view active streams on an rtmp server.

JA3 is a standard for creating SSL client fingerprints in an easy to produce and shareable way.

HASSH is a network fingerprinting standard which can be used to identify specific Client and Server SSH implementations. The fingerprints can be easily stored, searched and shared in the form of a …