Skip to content
View bgeesaman's full-sized avatar
223 followers · 3 following

Achievements

Achievement: Pair Extraordinairex4Achievement: Pull Sharkx4Achievement: QuickdrawAchievement: YOLOAchievement: Arctic Code Vault ContributorAchievement: Starstruckx2

Achievements

Achievement: Pair Extraordinairex4Achievement: Pull Sharkx4Achievement: QuickdrawAchievement: YOLOAchievement: Arctic Code Vault ContributorAchievement: Starstruckx2

Highlights

Organizations

@ghostsecurity

Block or report bgeesaman

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
bgeesaman/README.md

Hello

I'm Brad Geesaman 👋 , a Cloud and AI Native Cyber Security Professional at Ghost

In the past, I've been:

I'v also enjoyed:

You may prefer to see all my conference talks in one handy playlist.

Lately, I've had fun getting deep into using LLMs to solve the problem of toil in AppSec.

Pinned Loading

  1. OpenCSPM/opencspm OpenCSPM/opencspm Public archive

    Open Cloud Security Posture Management Engine

    Ruby 346 68

  2. kube-env-stealer kube-env-stealer Public

    Automated GKE Kubelet Impersonation and Cluster Secret Stealer via kube-env

    Shell 102 11

  3. darkbitio/k8s-mirror darkbitio/k8s-mirror Public archive

    Creates a local mirror of a Kubernetes cluster in a docker container to support offline reviewing

    Ruby 339 21

  4. darkbitio/gcp-iam-role-permissions darkbitio/gcp-iam-role-permissions Public

    Exports primitive and predefined GCP IAM Roles and their permissions

    Ruby 111 21

  5. CVE-2019-11253 Kubernetes API Server... CVE-2019-11253 Kubernetes API Server YAML Parsing Remote Denial of Service PoC aka "Billion Laughs"
    1 
    #!/usr/bin/env bash
    2 
    
              
    
              
    
                3
                
    # CVE-2019-11253
    
              
    
              
    
                4
                
    # https://github.com/kubernetes/kubernetes/issues/83253
    
              
    
              
    
                5
                
    # Shout out: @raesene for poc collab, @iancoldwater + @mauilion for
    
              
    
          
    
    
    
  
    

    6. 

      
  6. 
  
    
    
    
      
    
        
    
            
          darkbitio/mkit  darkbitio/mkit          Public archive
        
    
      
    


      
    
        MKIT is a Managed Kubernetes Inspection Tool that validates several common security-related configuration settings of managed Kubernetes cluster objects and the workloads/resources running inside t…
      
    

      
    
          
  
  Dockerfile


          
            
    

            396
          
          
            
    

            25
          
      
    
    
    
  
    

    7.