ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring supporting 100s of services and evaluations to harden your CSP & SaaS environments with controls mapped to over 20 industry, regulatory, and best practice controls frameworks

A repository of Security Engineering exercises: these exercises are designed to prepare you for interviews.

Multi-Stage Supply-Chain Malware Scanner & Code Forensics

MITRE ATT&CK-based adversary simulation framework for automated attack scenarios, red team workflows, and security validation.

End-to-end supply chain security demo using Flask, Syft (SBOM), Cosign (image signing), and GitHub Actions.

Python-based IAM authorization engine implementing Role-Based Access Control (RBAC) with layered architecture and permission evaluation.

Adaptive threat detection backend with behavioral trust modeling, MITRE ATT&CK mapping, and automated SOC-style triage.

🎯 Simulate real-world cyber attacks using a modular framework aligned with MITRE ATT&CK to test defenses and improve security strategies.

🛡️ Professional vulnerability scanner using OSV.dev API | Interview demonstration project showcasing API integration, security engineering, and Docker deployment | Visit maxrenke.com for more projects

Intern-realistic threat hunting & detection engineering lab using Linux host and network telemetry. Builds explainable detections for credential access, persistence, and suspicious outbound activity with auditable outputs.

Multi-platform threat detection pipeline with SIEM simulation (Linux, AIX, Unix, Cloud)

Software supply-chain security domain repository delivering modular components for artifact signing, build attestation, provenance tracking, SBOM generation, policy enforcement, and runtime integrity — designed to enable verifiable, tamper-resistant delivery pipelines.

A Flask-based attack surface visibility and risk assessment tool with multithreaded port scanning and threat simulation.

Python CLI that ingests alerts from CSV, Splunk, or Elasticsearch; enriches source IPs via VirusTotal and Shodan; scores priority with a 6-factor weighted model; detects correlated incidents and MITRE ATT&CK kill chains; and generates a self-contained HTML analyst report.

Presidio security-hardened enhancements and defaults for Flask applications

Serverless security scanning engine for AWS environments. Detects IAM privilege escalation, unauthenticated API exposure, and storage misconfigurations via active abuse simulation — not static checks.

Model Context Protocol (MCP) server for AWS Network Engineering. Uses NetworkX to build a directed graph of VPC infrastructure (SGs, NACLs, Route Tables), enabling deterministic reachability reasoning and 'shadow path' detection for AI agents.

Presidio security-hardened drop-in replacement for Python requests

Automated SSH and TLS renewal playbook with validation, failure-mode handling, and rollback safety notes.

Presidio security-hardened drop-in enhancements for FastAPI APIs