Commit Story is designed to automatically generate engineering journal entries within a code repository. The journal captures technical progress and decision-making context.

CTF challenges designed and implemented in machine learning applications

Customizable Linux Persistence Tool for Security Research and Detection Engineering.

☁️ ⚡ Granular, Actionable Adversary Emulation for the Cloud

Collection of payloads to work with AWS services

Python app to work with pictures and associated metadata from Apple Photos on macOS. Also includes a package to provide programmatic access to the Photos library, pictures, and metadata.

Automating situational awareness for cloud penetration tests.

Use Terraform to create your own vulnerable by design AWS IAM privilege escalation playground.

A collection of manifests that will create pods with elevated privileges.

A tool for quickly evaluating IAM permissions in AWS.

Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.

A graph-based tool for visualizing effective access and resource relationships in AWS environments.

MKIT is a Managed Kubernetes Inspection Tool that validates several common security-related configuration settings of managed Kubernetes cluster objects and the workloads/resources running inside t…

Attacking and Defending Kubernetes Clusters: A Guided Tour

An asynchronous enumeration & vulnerability scanner. Run all the tools on all the hosts.

An auxiliary spellcheck dictionary that corresponds with the Bishop Fox Cybersecurity Style Guide

Burp Suite Professional in a Docker container.

Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.

Jast (Just Another Screenshot Tool)

A Tool for Domain Flyovers

Easily serve HTTP and DNS keys for proper payload protection

Network Security Analysis (NSA) is a basic tool developed to automate the information gathering phase.