https://github.com/jblukach/caretaker

Reputation is the most critical asset available when using the Internet, as it helps us decide which services we feel safe using. It can also impact a person's web useability if the connection has a previous misconfiguration or suspicious behavior. Project Caretaker aims to provide a Threat Feed for North Dakota so anyone can verify Internet reputation by visiting a website.

https://verify.tundralabs.org

Four colors return to indicate the reputation of the Internet connection.

• Gray - No Reputation Data Currently Available
• Orange - Reputation Concern(s) Summary
• Yellow - Internet Connection Not Monitored
• Red - Project Caretaker Technical Difficulties

Project Caretaker includes domains in the Threat Feed for email and website reputation monitoring of North Dakota brands.

https://feed.tundralabs.org

Aqueduct is a command line interface (CLI) utility that helps facilitate the development and deployment of AWS CDK applications. It aims to bridge local development with pipeline deployments by handling packaging, deployment, and other tasks. The CLI also supports secure access integration with AWS IAM Identity Center (SSO).

• https://github.com/jblukach/aqueduct

BotoPlus is a Python library for Jupyter Notebooks that enables data analysis using Amazon Security Lake for AWS Security Operations. It provides functionality for collecting log data from AWS accounts for analyzing and visualizing security events using common data science tools and techniques in Jupyter Notebooks.

• https://github.com/botoplus/botoplus

Distillery aims to provide network IP addresses and associated metadata for cloud service providers like AWS, Azure, GCP, and others. It allows researchers to glean additional context about IP addresses during analysis, such as determining services operating in a specific cloud region using open-source intelligence.

• https://github.com/jblukach/distillery

File Block Info is a digital forensics analysis tool that takes a block-based approach to examining files and memory images at the physical sector level. Splitting files into blocks regardless of logical structure allows quick analysis of corrupted data acquisitions. FBI enables byte-by-byte inspection of binary and memory data to find strings, which is one of the fastest analysis methods.

• https://github.com/jblukach/fbi

The lambda function extension captures the public IP address invoked by the Lambda function. It requests the AWS check address API from within the Lambda execution context. Capturing the public IP address can help correlate Lambda function invocations with entries in AWS CloudTrail logs.

• https://github.com/4n6ir/getpublicip

Match Meta Info is a digital forensics tool for conducting metadata analysis to uncover potentially malicious information hiding within standard operating system files and directories. As metadata provides only a surface-level indicator, it is easy to circumvent. However, examining metadata can still reveal clues when analyzing the exponential volumes of files and folders generated by modern operating systems.

• https://github.com/jblukach/mmi