Static analysis for GitHub Actions

A site for the design basis for Energy Sector

Compress tool outputs, logs, files, and RAG chunks before they reach the LLM. 60-95% fewer tokens, same answers. Library, proxy, MCP server.

Secure AWS by auto-generating SCPs and RCPs 🎉

A model router that dynamically routes queries to the best Gemini model for the job, based on semantic meaning.

The code for Obliviate: Efficient Unmemorization for Protecting Intellectual Property in Large Language Models

DFIR Timeline Analysis for macOS — SQLite-backed viewer for CSV, TSV, XLSX, EVTX, Plaso, $MFT, and $J files with AI Artifacts, AI Secret Hunt, process inspection, lateral movement tracking, persist…

Pike is a tool for determining the permissions or policy required for IAC code

AI-powered SAST accelerator built to speed up secure development.

Build faster with an Agentic Workforce. Safe, secure, and compliant is now the default.

Generate realistic synthetic security logs for cybersecurity threat hunting training and research

Read-only developer endpoint scanner for on-disk package, extension, and developer-tool metadata, built to check exposure to known software supply-chain compromises.

Ares is an autonomous security operations platform where LLM-driven red and blue team agents operate against each other on live infrastructure, enabling realistic evaluation of attack and defense.

A Proof-of-Concept bootkit inspired by Petya ransomware, written in Assembly, C, and C++

An open specification for agentic AI security evaluation and testing, from Cisco.

Terraform module to configure GitHub Actions as an IAM OIDC identity provider in AWS.

A curated list of awesome Microsoft Azure Security tools, guides, blogs, and other resources.

IAM Least Privilege Policy Generator

Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.

Aardvark is a multi-account AWS IAM Access Advisor API

GitHub Self-Hosted Runner Enumeration and Attack Tool

Security operations toolkit for AI coding agents. Give Claude Code 25+ skills to catch vulnerabilities, scan containers, detect secrets, and enforce policies automatically.

Example AWS Service control policies to get started or mature your usage of AWS SCPs.

A skill to check vscode/cursor extensions against the agentmesh risk analysis

AI-driven vulnerability discovery and live validation

Chat with your git repo