📚 Tom's Notes

Search

❯

InfoSec - Security tools

InfoSec - Security tools

Jan 22, 20251 min read

infosec
tools

From proactive to reactive

Deterministic password generator instead of password manager

https://github.com/62726164/dpg

GitOops -

Scan for badly configured / vulnerable Git repos + CI/CD pipelines

https://github.com/ovotech/gitoops/blob/main/docs/blog.md

Software vulnerability scanning / DevSecOps

GitHub software scanning

https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning

CI/CD scanning

BEWARE: sudo make setup

https://github.com/CycodeLabs/raven

Bandit - for Python code

https://github.com/PyCQA/bandit

Container image scanning in AWS

https://docs.aws.amazon.com/AmazonECR/latest/userguide/image-scanning.html

Terraform, IaC scanning

https://trivy.dev/

Cloud security audits

Cloudsplaining

AWS IAM Security Assessment tool
https://github.com/salesforce/cloudsplaining

Cloudquery

store cloud resource info and query with SQL https://github.com/cloudquery/cloudquery

Pen testing

Kali Linux

https://www.kali.org/

Exploits

Traitor - priv esc

https://github.com/liamg/traitor

Graph View

Deterministic password generator instead of password manager
GitOops -
Software vulnerability scanning / DevSecOps
GitHub software scanning
CI/CD scanning
Bandit - for Python code
Container image scanning in AWS
Terraform, IaC scanning
Cloud security audits
Cloudsplaining
Cloudquery
Pen testing
Kali Linux
Exploits
Traitor - priv esc

Backlinks

No backlinks found

Created with Quartz v4.2.3 © 2025

GitHub
Discord Community