https://github.com/jblukach/caretaker

Reputation is the most critical asset available when using the Internet, as it helps us decide which services we feel safe using. It can also impact a person's web useability if the connection has a previous misconfiguration or suspicious behavior. Project Caretaker aims to provide a Threat Feed for North Dakota so anyone can verify Internet reputation by visiting a website.

https://verify.tundralabs.org

Four colors return to indicate the reputation of the Internet connection.

• Gray - No Reputation Data Currently Available
• Orange - Reputation Concern(s) Summary
• Yellow - Internet Connection Not Monitored
• Red - Project Caretaker Technical Difficulties

Project Caretaker includes domains in the Threat Feed for email and website reputation monitoring of North Dakota brands.

https://github.com/jblukach/botoplus

BotoPlus is a Python library for Jupyter Notebooks that enables data analysis using Amazon Security Lake for AWS Security Operations. It provides functionality for collecting log data from AWS accounts to analyze and visualize security events using standard data science tools and techniques in Jupyter Notebooks.

https://github.com/jblukach/cloudcruft

Public IP addresses from a shared pool are automatically assigned using the Dynamic Host Configuration Protocol (DHCP) as resources launch. Addresses occasionally develop a poor reputation on the Internet before being returned. The next organization blindly assumes those addresses, which can result in a negative customer experience.

https://github.com/jblukach/distillery

Distillery aims to provide network IP addresses and associated metadata for cloud service providers like AWS, Azure, GCP, and others. It allows researchers to glean additional context about IP addresses during analysis, such as determining services operating in a specific cloud region using open-source intelligence.

https://github.com/4n6ir/getpublicip

The lambda function extension captures the public IP address invoked by the Lambda function. It requests the AWS check address API from within the Lambda execution context. Capturing the public IP address can help correlate Lambda function invocations with entries in AWS CloudTrail logs.

https://github.com/jblukach/mmi

Match Meta Info is a digital forensics tool for conducting metadata analysis to uncover potentially malicious information hiding within standard operating system files and directories. As metadata provides only a surface-level indicator, it is easy to circumvent. However, examining metadata can still reveal clues when analyzing the exponential volumes of files and folders generated by modern operating systems.