Automation

Cloud Custodian is a YAML-based rules engine that manages and enforces security, compliance, and cost optimization policies across AWS, Azure, and GCP cloud environments in real-time.

A Docker-based steganography analysis toolkit containing pre-installed tools and automated scripts for detecting and extracting hidden data from files, primarily designed for CTF challenges.

A panic button application that triggers coordinated emergency responses across multiple connected security applications and systems.

A Node.js CLI tool that automates the setup of CTF events using OWASP Juice Shop challenges across multiple CTF frameworks.

SALO is a framework that generates synthetic log events for security testing and research without requiring actual infrastructure or triggering real events.

An open-source script that performs automated security assessments of Docker containers and hosts against CIS Docker Benchmark standards.

A technology-focused blog discussing innovations in painting and the importance of expert painters.

An open source repository of plugins for Rapid7 InsightConnect that enables security orchestration and automation through integrations with various security tools and services.

Clevis is a pluggable framework that enables automated decryption of data and LUKS volumes through a pin-based plugin system.

PacBot is a cloud security platform that provides continuous compliance monitoring, automated policy enforcement, and security reporting through policy-as-code implementation and multi-source data integration.

A comprehensive AWS security automation toolkit that provides event monitoring, data protection, resource management, and security configuration validation across AWS environments.

IAM Zero detects identity and access management issues and automatically suggests least-privilege policies by analyzing application errors and access patterns in cloud environments.

Fail2ban is a daemon that automatically bans IP addresses showing malicious behavior by monitoring log files and updating firewall rules to prevent brute-force attacks.

An all-in-one email outreach platform for finding and connecting with professionals, with features for lead discovery, email verification, and cold email campaigns.

A dynamic multi-cloud infrastructure framework that enables rapid deployment of disposable instances pre-loaded with security tools for distributed offensive and defensive security operations.

Dufflebag searches through public AWS EBS snapshots to identify accidentally exposed secrets and sensitive information.

A collection of automation workflows for the Shuffle security orchestration platform that covers common cybersecurity use-cases and can be customized for organizational needs.

Repokid automatically removes unused service permissions from AWS IAM role inline policies using Access Advisor data to implement least privilege access.

Container image definitions that create standardized testing environments for software applications with consistent dependencies and configurations.

An open-source framework that detects and prevents dependency confusion attacks across multiple package management systems and development environments.

StackStorm is an open-source automation platform that connects and automates DevOps workflows and integrates with existing infrastructure.

VxSig is a Google-developed tool that automatically generates antivirus byte signatures from similar binaries for Yara and ClamAV detection engines.

A super-simple, modern framework for organizing and automating cybersecurity tasks.

SOAR platform for orchestrating security products and automating SOC tasks