🔍 Detect and mitigate risks from the Nx s1ngularity supply chain attack by identifying compromised credentials and enhancing your security posture.

🛠️ Create and automate advanced penetration testing with SecuSploitX, an open-source toolkit designed for cybersecurity professionals and enthusiasts.

Open-Source Unified Vulnerability Management, DevSecOps & ASPM

A clean, modern tool to help professionals and millennials plan their paycheck, build an emergency fund, and understand the power of compounding.

It is a hands-on demonstration of expertise in developing robust backend REST services, advanced frontend applications with Next.js, secure coding practices, and integrated DevSecOps principles

OWASP BLT is a collection of security tools.

A Trivy plugin that scans and outputs the results (vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more) to an interactive html file.

DevSecOps demo

Sploit -- All-in-one, AI-powered cybersecurity toolkit for web, network, and phishing tests. Modular, cross-platform, Docker-ready, with GUI & CLI. Open source by AUX-441 Team.

Library to ingest and generate SBOMs

This CICD projects showcases a DevSecOps practice of secure pipeline deployments and automation of App building, tagging, scanning using Trivy, TFsec, SonarCloud, pushing, to AWS ECR, then deployment to Azure ContainerApp using Terraform Cloud Automated Run. Fully automated.

🔒 Automated CI/CD Security Scanner using Semgrep for SAST analysis with GitHub Actions integration

✨ Hanley.cloud

GitHub Advanced Security - DevSecOps Guidelines - Unified visibility into DevOps security posture. DevSecOps E2E Demos.

Production-ready Spring Boot banking application showcasing complete DevSecOps pipeline with Jenkins CI/CD, Kubernetes orchestration, AWS EKS deployment, security scanning (OWASP/SonarQube/Trivy), GitOps with ArgoCD, and monitoring with Prometheus/Grafana

A minimalist, containerized CLI tool to rapidly scan Git repositories for secrets, with an optional AI-powered validation layer using Google Gemini to eliminate false positives.

My Personal Blog

A curated hub of DevSecOps tools to secure workflows, optimized for CI/CD and more

Reconmap is a collaboration-first security operations platform for infosec teams and MSSPs, enabling end‑to‑end engagement management, from reconnaissance through execution and reporting. With built-in command automation, output parsing, and AI‑assisted summaries, it delivers faster, more structured, and high‑quality security assessments.