Fingerprint-aware TLS reverse proxy. Use Finch to outsmart bad traffic—collect client fingerprints (JA3, JA4 +QUIC, JA4H, HTTP/2) and act on them: block, reroute, tarpit, or deceive in real time.

Rust tool to detect cell site simulators on an orbic mobile hotspot

macOS like keyboard remap for GNOME desktop environment. Works with Wayland and X11.

Automated Attack Simulation in the Cloud, complete with detection use cases.

A collection of postmortems. Sorry for the delay in merging PRs!

List of past and future infosec related events.

Comfortably monitor your Internet traffic 🕵️‍♂️

CLI tool to generate terraform files from existing infrastructure (reverse Terraform). Infrastructure to Code

Canary Hunter aims to be a quick PowerShell script to check for Common Canaries in various formats generated for free on canarytokens.org

AWS Least Privilege for Distributed, High-Velocity Deployment

AWS Config resource schema define the properties and types of AWS Config resource configuration items (CIs). Resource CI schema are used by developers when performing advanced resource queries and …

Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database.

🔥 🔥 🔥 Open Source Airtable Alternative

A tool for standing up (and tearing down!) purposefully insecure cloud infrastructure

Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.

Collection of useful Canary tools

Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It includes our own interfaces for alerting, dashboards, hunting, PCAP, detections…

ASEA developer support has ended, and the ASEA github repo will be marked Archived (read-only) by the end of 2025.

Bare minimum AWS Security Alerting and Secure by default Configuration

Detect, track and alert on infrastructure drift

Zero-ETL, infinite possibilities. Live query APIs, code & more with SQL. No DB required.

The low-level, core functionality of boto3 and the AWS CLI.

How to become a certified AWS Solutions Architect

Terraform module that deploys the Sysdig Secure For Cloud stack in AWS

Module for enabling and configuring common baseline services such as SecurityHub • This repository is defined and managed in Terraform

TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into product…

Open Source EDR for Windows

Monkey365 provides a tool for security consultants to easily conduct not only Microsoft 365, but also Azure subscriptions and Microsoft Entra ID security configuration reviews.