My Projects & Tooling

Projects, tools, and weekend experiments: what worked, what didn't, what I learned

AWS Automated Vulnerability Remediation System

AWS Automated Vulnerability Remediation System

Event-driven vulnerability patching solution that automatically detects, validates, and applies security updates across AWS infrastructure with minimal manual intervention.

AWS Inspector AWS SSM AWS Lambda EventBridge DynamoDB Vulnerability Management
PolicyGuard

PolicyGuard

IaC security scanner with 15+ AWS services coverage, OPA policies, and CI/CD integration

Go Open Policy Agent HCL
CredScan

CredScan

Security scanner that identifies credentials, API keys, and sensitive information across codebases, archives, and web applications. Features intelligent pattern recognition with 400+ signatures, binary file analysis, technology-aware detection for cloud/container environments, and context-aware scanning that minimizes false positive

Python Pre-commit hook GIT history Credentials Secrets
AWS Secrets Management Solution

AWS Secrets Management Solution

Secrets management with automated rotation, and monitoring. Combines AWS Secrets Manager and Parameter Store.

AWS Secrets Manager AWS Parameter Store Terraform Lambda KMS CloudWatch EventBridge

Project

Chaos Engineering on AWS EKS

Chaos engineering implementation using Chaos Mesh on Amazon EKS to build resilient cloud-native applications. Features multi-tier application testing, progressive failure scenarios, and safety controls.

AWS EKS Chaos Mesh Kubernetes Terraform containerd CloudWatch Helm RBAC
AWS GENAI for Security Remediation - IAM

AWS GENAI for Security Remediation - IAM

Leveraging AWS Generative AI (Claude 3.7 via Amazon Bedrock) to automate the remediation of AWS Security Hub findings.

AWS Bedrock AWS SageMaker AI AWS Security Hub AWS Guard Duty AWS IAM AWS CloudFormation

Project

AWS WAF Security Implementation with OWASP Juice Shop

AWS security engineering project implementing OWASP Juice Shop with WAF protection, achieving 100% attack blocking effectiveness. Features Infrastructure as Code, real-time analytics, emergency response automation, and CI/CD security pipelines.

AWS WAF ECS Fargate Terraform OWASP Juice Shop Athena CloudWatch Kinesis GitHub Actions Python CI/CD
Microservice Project

Microservice Project

Three-tier microservices template with monitoring and observability stack. For learning purposes.

Docker Grafana Prometheus Jaeger PostgreSQL Nginx

Project

AWS DLP Implementation

Implemented automated data protection to detect and remediate sensitive data exposure using AWS native services

AWS Macie AWS S3 AWS EventBridge AWS SNS AWS Lambda

Project

KubeScan - Multi-Tool Container Security Scanner

A container security scanner integrating Trivy, Grype, and Snyk with AWS ECR and EKS deployment automation. Features pre-push vulnerability gates, supply chain analysis, and automated CronJob scanning

Trivy Grype Snyk Python AWS ECR EKS Kubernetes DevSecOps Container Security Shell Scripting

Project

Container Security Attack Simulation with Trend Micro Vision One Container Security

Developed demo environment showcasing Trend Vision One's container security features, integrated with CI/CD pipelines and Trend Micro Artifact Scanner for automated vulnerability assessment

Kubernetes Container Security GitHub Actions Trend Vision One Trend Micro Artifact Scanner Shell Scripting
ECS Deployment via GitLab CI

ECS Deployment via GitLab CI

Multi-Tier Application featuring Spring Boot-based role-based access control, integrated with AWS ECS for containerized deployment, GitLab CI/CD pipeline

AWS Secret Manager AWS ECS Docker Terraform GitLab CI Trivy SonarQube RDS - MySQL

Project

AWS Security Assessment Automation

A collection of automated security assessment tools and remediation scripts for AWS environments.

AWS Lambda AWS Trusted Advisor GitHub Actions Prowler ScoutSuite
AWS Cloud Native CI/CD Pipeline

AWS Cloud Native CI/CD Pipeline

A stream application featuring a CI/CD pipeline built with AWS cloud-native services

AWS CodeBuild AWS CodeDeploy AWS CodePipeline AWS ECS Trivy SonarCloud AWS ECR Docker Hub

Project

AWS Serverless Lambda Deployment via CI/CD

Implemented Lambda deployment pipeline via Jenkins featuring automated code analysis, infrastructure scanning

Jenkins AWS CodeDeploy AWS Lambda AWS CloudFormation Bandit cfn-nag
Secure AWS Deployment with Terraform

Secure AWS Deployment with Terraform

Deployed an auto-scaling AWS web infrastructure with Terraform, featuring cross-AZ redundancy, integrated security scanning, and automated CI/CD pipeline.

AWS Terraform GitHub Actions Checkov Python OIDC