Stock options, RSUs, taxes — read the latest edition: www.holloway.com/ec

All of the ad-hoc things you're doing to manage incidents today, done for you, and much more!

The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

IAM Least Privilege Policy Generator

The sample functions provided help to automate AWS Trusted Advisor best practices using Amazon Cloudwatch events and AWS Lambda.

Application Security Verification Standard

Kubernetes IN Docker - local clusters for testing Kubernetes

Kubernetes Operations (kOps) - Production Grade k8s Installation, Upgrades and Management

Bootstrap Kubernetes the hard way. No scripts.

Golang Secure Coding Practices guide

Most advanced XSS scanner.

Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation

OWASP based Web Application Security Testing Checklist is an Excel based checklist which helps you to track the status of completed and pending test cases.

A PowerShell script to download all files, messages and user profiles that a user has access to in slack.

Find secrets with Gitleaks 🔑

⚙️ A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The focus is on tools which improve code quality.

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

A cross-platform command-line utility that creates projects from cookiecutters (project templates), e.g. Python package projects, C projects.

A curated list of tutorials/resources for hacking online games.

API Documentation Browser

⛔ (DEPRECATED) Diffy is a triage tool used during cloud-centric security incidents, to help digital forensics and incident response (DFIR) teams quickly identify suspicious hosts on which to focus …

Security libraries for ASP.NET

IIS Web.Config Boilerplates

The automatic type-safe REST library for .NET Core, Xamarin and .NET. Heavily inspired by Square's Retrofit library, Refit turns your REST API into a live interface.

The OWASP Developer Guide

🎓 All things Vim!

TinyDB is a lightweight document oriented database optimized for your happiness :)