βββ βββ ββββββ βββββββββββ βββ
ββββ βββββββββββββββββββββββ βββ
βββββββ ββββββββββββββββββββββββ
βββββ ββββββββββββββββββββββββ
βββ βββ ββββββββββββββ βββ
βββ βββ ββββββββββββββ βββ
βββ(yashγΏkali)-[~]
ββ$ cat about.txt
> Name : Yash
> Role : DevOps & Security Engineer
> Focus : Cloud Infrastructure Β· CI/CD Β· ISO 27001 Β· SOC 2
> OSINT Β· Recon Β· DevSecOps Β· Compliance Automation
> Status : Building AI-powered compliance tooling
> Motto : "Know the system. Break the assumptions. Secure everything."
> OpenTo : DevSecOps collabs Β· Security automation Β· Red team tooling
βββ(yashγΏkali)-[~]
ββ$ β
[*] Scanning target repositories... 8 found
[+] Loading payloads...
[COMPLIANCE]AI-powered ISO 27001 & SOC 2 policy framework β 27 policies, GROQ AI generation, auto-export to Word/PDF
- 27 policy templates covering full ISMS documentation
- GROQ AI integration for policy generation & editing via plain-English prompts
- Auto-export to Word (.docx) and PDF
- Company profile onboarding β all policies branded automatically
- Control mappings across ISO 27001:2013, ISO 27001:2022, and SOC 2 TSC
# Generate a complete policy in seconds
python generate_policy.py --policy "Access Control Policy" --framework iso27001
# Edit any policy with a natural-language instruction
python edit_policy.py --policy "access_control" --instruction "add a Zero Trust section"
# Generate ALL 27 policies at once
python generate_policy.py --all
π Port-Scanner
[RECON]Python-based network recon tool for bulk IP / subnet scanning
- Scans lists of IPs and CIDR subnets for open ports 80 & 443
- Reverse DNS lookup β maps IPs back to domain names automatically
- CSV-friendly output for reporting and triage workflows
π subdomain-enum
[OSINT]Automated subdomain enumeration via SecurityTrails API
- Discovers all subdomains of a target domain using SecurityTrails
- Useful for attack surface mapping and external asset inventory
- Clean output for piping into further recon tooling
[OSINT]Certificate Transparency log harvester using crt.sh
- Queries crt.sh for SSL/TLS certificate records by domain or org
- Exports results to Excel (.xlsx) for analysis and reporting
- Useful for discovering shadow IT, expired certs, and org exposure
π‘οΈ Security-scan
[BLUE TEAM]TypeScript-based automated security scanning toolkit
[DEVSECOPS]Production-ready GitHub Actions pipeline β drop into any repo for instant security scanning
- 6-stage pipeline: Secret scanning (Gitleaks), SAST (Semgrep OWASP Top 10), SCA (Trivy), Container scan, IaC scan, Security summary
- SARIF output uploaded to GitHub Security tab on every run
- Full config for Semgrep custom rules, Trivy severity thresholds, Gitleaks allowlists
- Python CLI
parse_results.pyfor colored severity tables and CI exit-code control
# Drop into your repo β security scanning runs on every push
cp -r devsecops-pipeline-template/.github/workflows/ .github/workflows/
cp -r devsecops-pipeline-template/configs/ configs/
[BLUE TEAM]Convert Trivy JSON scan output into an interactive HTML report with severity charts β zero dependencies
- Parses Trivy JSON from filesystem, container image, or Kubernetes scans
- Interactive severity bar charts (Chart.js), filterable CVE table, misconfiguration table
- Auto-computed risk rating (CRITICAL / HIGH / MEDIUM / LOW) from scan results
- Dark-theme dashboard, single self-contained HTML file output
- Zero pip dependencies β pure Python stdlib + CDN Chart.js
# Scan a container and generate dashboard in one command
trivy image nginx:latest --format json --output trivy.json
python dashboard.py --input trivy.json --open
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β β
β DevOps βββββββββββββββββββββ 95% β
β Cloud (AWS/GCP) βββββββββββββββββββββ 90% β
β Kubernetes βββββββββββββββββββββ 85% β
β ISO 27001 βββββββββββββββββββββ 95% β
β SOC 2 βββββββββββββββββββββ 90% β
β DevSecOps βββββββββββββββββββββ 95% β
β IaC (Terraform) βββββββββββββββββββββ 85% β
β Python βββββββββββββββββββββ 90% β
β β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
[*] Initializing threat model...
[+] Loading attack surface...
[!] Rules of engagement:
"Know the system. Break the assumptions. Secure everything."
[SHIFT LEFT]β Security baked into every stage of the pipeline, not bolted on at the end[COMPLIANCE AS CODE]β Policy frameworks automated, version-controlled, AI-generated[ZERO TRUST]β Never trust, always verify, continuously validate[DEFENSE IN DEPTH]β Layers of controls across people, process, and technology[OSINT FIRST]β Know your attack surface before the attacker does
I'm always open to discussing DevSecOps, cloud security architecture, ISO 27001 / SOC 2 implementation, or interesting open-source collaboration.
[+] Session established.
[+] Stay curious. Stay ethical. Keep hacking.
[*] EOF