Monitoring

An automated security response system for Google Cloud that processes Security Command Center findings and executes predefined remediation actions like disk snapshots, IAM revocation, and notifications.

A bash-based anti-forensic script that monitors USB ports and triggers system shutdown when unauthorized devices are detected.

WordPress honeypot tool running in a Docker container for monitoring access attempts.

A serverless application that creates and monitors fake HTTP endpoints as honeytokens to detect attackers, malicious insiders, and automated threats.

Watchmen is a framework that centralizes AWS Config rule lambda functions into a single account for streamlined compliance management and automation.

NodeSecure is a cybersecurity project that provides security monitoring and analysis capabilities specifically designed for Node.js applications.

Datadog offers a comprehensive suite of cybersecurity tools for various aspects of application and infrastructure monitoring.

PacBot is a cloud security platform that provides continuous compliance monitoring, automated policy enforcement, and security reporting through policy-as-code implementation and multi-source data integration.

A Python web application that provides statistical analysis and visualization for Glastopf honeypot data by connecting to the honeypot's SQLite database.

Troje is a honeypot that creates dynamic LXC container environments to attract and monitor attackers while recording their activities and system changes.

A Certificate Transparency log monitor that alerts users when SSL/TLS certificates are issued for their domains, helping detect unauthorized certificate issuance and potential security threats.

Scumblr is a web-based security automation platform that performs periodic data source synchronization and security analysis to help organizations proactively identify and track security issues.

A low-interaction SSH authentication logging honeypot that logs all authentication attempts in JSON format.

Santa is a macOS binary and file access authorization system that monitors executions and makes allow/block decisions based on local database rules.

An archived community-driven collection of open source cloud security tools that provided monitoring and compliance capabilities for cloud infrastructure.

A Python tool that analyzes AWS CloudTrail data to summarize IAM principal activities, API calls, regions, IP addresses, and user agents with configurable timeframes and visualization options.

Windows anti-forensics USB monitoring tool with the ability to shutdown the computer upon detecting the unplugging of a specified USB device.

An Event Hub to gather, process, and monitor system events and link them to an inventory.

CloudTrail Partitioner automates the creation and management of partitioned Athena tables for AWS CloudTrail logs with nightly partition updates.

A combination of honeypot, monitoring tool, and alerting system for detecting insecure configurations.

AWS Cloud Security offers security services and compliance tools for securing data and applications on AWS.

A utility package that monitors hard drive health through SMART technology to detect and prevent disk failures before data loss occurs.

Mana Security is a macOS-focused vulnerability management tool that continuously monitors 100+ applications for security vulnerabilities and tracks patching performance against community benchmarks.

Cloud Inquisitor is an AWS security tool that monitors resource ownership, detects domain hijacking, verifies security services, and manages IAM policies across multiple accounts.