PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams

My Neovim settings

Container runtimes on macOS (and Linux) with minimal setup

Monitor linux processes without root permissions

This is a step-by-step guide to implementing a DevSecOps program for any size organization

The easiest way to access your cloud.

This repo has been replaced by https://www.cloudvulndb.org

Periodic cyber security newsletters that capture the latest news, summaries of conference talks, research, best practices, tools, events, vulnerabilities, and analysis of trending threats and attacks

App that simplifies building decision trees to model adverse scenarios

Decision trees generated via Graphviz to inform pragmatic threat modelling.

A Central Control Plane for AWS Permissions and Access

Identity & Access Management simplified and secure.

HIBA is a system built on top of regular OpenSSH certificate-based authentication that allows to manage flexible authorization of principals on pools of target hosts without the need to push custom…

A package to build progressive web apps with Go programming language and WebAssembly.

Gordon is status check Github app to enforce and validate about.yaml file specifications in a repository during pull requests to drive code ownership at scale within an organization

Open source vulnerability DB and triage service.

A simple zero-config tool to make locally trusted development certificates with any names you'd like.

OpenSSF Scorecard - Security health metrics for Open Source

Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"

Vault authentication plugin for CircleCI

GitHub public roadmap

threatspec - continuous threat modeling, through code

A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for learning Threat modeling and initial phases of security review.

⛔️ DEPRECATED ⛔️ An agent which provides periodic snapshotting capabilities of Vault's Raft backend

🔐CNCF Security Technical Advisory Group -- secure access, policy control, privacy, auditing, explainability and more!

💼 Finding jobs with a CLI made easy.