Automation

A tool for creating encrypted volumes with self-destruction capabilities that automatically destroy data when tampering is detected or commands are issued.

A contribution guide that provides guidelines and instructions for developers to contribute custom activities to the Ayehu IT automation platform through GitHub pull requests.

CrowdFMS is a CrowdStrike framework that automates malware sample collection from VirusTotal using YARA rule-based notifications and the Private API system.

Allstar is a GitHub App that continuously monitors repositories and organizations for security policy violations, creating alerts when best practices are not followed.

A CLI program that simplifies cybersecurity solution management through automated deployment, configuration, monitoring, and lifecycle operations across multiple hosts.

A Docker-based utility that monitors TLS certificate expiration dates and exposes the data as Prometheus metrics with support for Kubernetes ingress discovery and configurable domain filtering.

An AWS incident response framework that uses Athena to analyze CloudTrail events and EventBridge for notifications to investigate API activity and detect security misconfigurations.

mkCTF is a framework for creating and managing jeopardy-style CTF challenges with configurable structure and automated deployment capabilities.

OneFuzz is a self-hosted Fuzzing-As-A-Service platform developed by Microsoft that enables continuous developer-driven security testing through automated fuzzing capabilities.

YaraHunter scans container images, running Docker containers, and filesystems using YARA rules to detect malware indicators and signs of compromise.

Introduction to using GScript for Red Teams

An IDAPython script that generates YARA rules for basic blocks of the current function in IDA Pro, with automatic masking of relocation bytes and optional validation against file segments.

An automated security response system for Google Cloud that processes Security Command Center findings and executes predefined remediation actions like disk snapshots, IAM revocation, and notifications.

A configurable data destruction toolkit that securely erases sensitive virtual data, temporary files, and swap memory using customizable overwrite methods.

PyBOF is a Python library that enables in-memory loading and execution of Beacon Object Files (BOFs) with support for argument passing and function targeting.

Policy Sentry is an automated IAM policy generator that helps developers create least privilege AWS IAM policies through a template-based workflow.

A laser tripwire device that automatically hides windows, locks computers, or executes custom scripts when motion is detected within 120cm range.

A Lambda function that automatically disables AWS IAM User Access Keys after a specified time period to reduce security risks from aging credentials.

A Go-based crash analysis tool that processes and reproduces crash files from fuzzing tools like AFL with multiple debugging engines and output formats.

An unofficial Python API that enables programmatic searching, browsing, and downloading of Android apps from Google Play Store.

Cloud Sniper is a centralized cloud security operations platform that provides incident response, threat correlation, and automated security actions for cloud infrastructure protection.

Macro_Pack automates the generation and obfuscation of Office documents and scripts for penetration testing and security assessments.

A PowerShell-based DFIR automation tool that streamlines artifact and evidence collection from Windows machines for digital forensic investigations.

Watchmen is a framework that centralizes AWS Config rule lambda functions into a single account for streamlined compliance management and automation.