oodog0126 Goto Github PK
Type: User
Type: User
Shostack's 4 Question Frame for Threat Modeling
Least privilege AWS IAM Terraformer
AK资源管理工具,阿里云/腾讯云/华为云/AWS/UCLOUD/京东云/百度云/七牛云存储 AccessKey AccessKeySecret,利用AK获取资源信息和操作资源,ECS/CVM/E2/UHOST/ECI/BCC执行命令,OSS/COS/S3/BOS管理,RDS/DB管理,域名管理,添加RAM/CAM/IAM账号等
Amazon EKS custom AMIs based on Red Hat Enterprise Linux, CentOS, Debian, Ubuntu, and Windows.
Automated Amazon GuardDuty Security Response
This script is used to generate some basic detections of the GuardDuty service
Automated Forensics Orchestrator for Amazon EC2 is a self-service AWS Solution implementation that enterprise customers can deploy to quickly set up and configure an automated orchestration workflow that enables their Security Operations Centre (SOC) to capture and examine data from EC2 instances and attached volumes as evidence for forensic analysis, in the event of a potential security breach. It will orchestrate the forensics process from the point at which a threat is first detected, enable isolation of the affected EC2 instances and data volumes, capture memory and disk images to secure storage, and trigger automated actions or tools for investigation and analysis of such artefacts. All the while, the solution will notify and report on its progress, status, and findings. It will enable SOC to continuously discover and analyze patterns of fraudulent activities across multi-account and multi-region environments. The solution will leverage native AWS services and be underpinned by a highly available, resilient, and serverless architecture, security, and operational monitoring features. Digital forensics is a 4 step process of triaging, acquisition, analysis and reporting. Automated Forensics framework provides capability to enterprise to act on security event by imaging or acquisition of breached resource for examination and generate forensic report about the security breach. In the event of a security breach, it will enable customers to easily to capture and examine required targeted data for forsensic’s storage and analysis. This solution framework enables security operations centre to discover and analyse patterns of fraudulent activities. The automated forensics solution will provide a multi-account and a multi-region [“solution”] built using native AWS services.
awesome resources about cloud native security 🐿
A list of useful Detection Engineering-related resources.
This is a collection of threat detection rules / rules engines that I have come across.
A list of Free Software network services and web applications which can be hosted on your own servers
Automatically compile an AWS Service Control Policy that ONLY allows AWS services that are compliant with your preferred compliance frameworks.
Universal Command Line Interface for Amazon Web Services
Sample applications demonstrating how to use the CloudHSM PKCS#11 library
AWS CloudSaga - Simulate security events in AWS
Workshop exercise materials for re:Invent 2017 - SID 341: Using AWS CloudTrail Logs for Scalable, Automated Anomaly Detection
The AWS Config Rules Development Kit helps developers set up, author and test custom Config rules. It contains scripts to enable AWS Config, create a Config rule and test it with sample ConfigurationItems.
AWS Config resource schema define the properties and types of AWS Config resource configuration items (CIs). Resource CI schema are used by developers when performing advanced resource queries and when processing CI data.
[Node, Python, Java] Repository of sample Custom Rules for AWS Config.
This repository provides sample templates for security playbooks against various scenarios when using Amazon Web Services.
A repository of breaches of AWS customers
A collection of CloudWatch Event Rules.
A best practices guide for day 2 operations, including operational excellence, security, reliability, performance efficiency, and cost optimization.
Generates runbooks for GuardDuty findings
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.