Interactive TUI to select and checkout your recent Git branches

Official Alpine Linux Docker image. Win at minimalism!

PortSwigger Dastardly Action with SARIF Support

List of known AWS accounts

A repository of breaches of AWS customers

Interactive Terraform visualization. State and configuration explorer.

Tool to process a (possibly nested) CloudFormation changeset, and represent the changes in a human-understandable way.

nodejsscan is a static security code scanner for Node.js applications.

Runs Trivy as GitHub action to scan your Docker container image for vulnerabilities

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.

Collection of semi-useful Service Control Policies and scripts to manage them

Listing of resources for example AWS Service Control Policies (SCPs)

Chrome DevTools’ little known features for perf debugging

Evaluate source control (GitHub) security posture

Static checker for GitHub Actions workflow files

Runs a scan using Dastardly by Burp Suite against a target site and creates a JUnit XML report for the scan on completion.

AWS SSO Reporter

Production-ready detection & response queries for osquery

An OmniFocus automation for easy packing lists

A tiling window manager for macOS based on binary space partitioning

Notice: Postee is no longer under active development or maintenance.

🖇️ STRIDE vs. ASVS equivalence table

An open project to list all publicly known cloud vulnerabilities and CSP security issues

👀 A modern watch command. Time machine and pager etc.

The open source version of the AWS CloudTrail User Guide. You can submit feedback & requests for changes by submitting issues in this repo or by making proposed changes & submitting a pull request.

Dockerfile best-practices for writing production-worthy Docker images.

Bootstrap Kubernetes the hard way. No scripts.