Hi, I'm straysheep-dev. 👋
⚔️ I'm here learning security from an offensive perspective and documenting things in a useful way as I go.
🛡️ I also focus on building defensive (or "visibility") tools, and configuration templates learned from applying offensive techniques to systems.
 |
straysheep-dev |
|---|---|
 |
straysheep-dev |
 |
straysheep_dev |
 |
straysheepdev |
 |
straysheep.dev |
⬇️ Core projects. ➡️ My guides and utilities. ➡️ My blog illustrating various topics.
Utilities and configuration files accompanied by guides, focusing on security. These include web browsers, GPG, SSH, DNS, VPN's, shell profiles, hypervisors, tools to parse and summarize system processes, network activity, auditd logs, strings in project files (based on bstrings) and more.
PowerShell modules and scripts used to configure windows or automate tasks. Plus an extensive walkthrough of Windows specific items such as Hyper-V usage, Windows Sandbox, WSL + USB, logging & monitoring, and more.
A collection of ansible roles, with guidance on writing, debugging, and linting ansible code. This includes secrets management, testing plays, and more. The roles are meant to be mixed and used however needed, and offer conditional options for deployment. The main playbook.yml file is commented to help you get started.
How vagrant works, and everything needed to get started using it with security in mind. Includes a sample Vagrantfile for Kali on Hyper-V and VirtualBox showing what provider settings you may want to use. Quirks of Hyper-V and how to resolve them are covered. Lastly, resources to be aware of for building a home lab are linked.
Ready to use terraform templates, and an easy to follow guide to go from installing, to deploying resources. Also includes guidance on fixing partial deployments, secrets management, and how to generate an ansible inventory from your deployed resources.
Webhook based alerting (Slack, Discord...) for events, account access, honey files, etc. It's meant as a follow up to IppSec's video on this topic, with ready-to-use examples of sending an alert on both Windows and Linux using cyber deception to catch malicious behavior early.
| COMPONENTS | DESCRIPTION | LINKS |
|---|---|---|
    |
Deploy a Wireguard server with interface monitoring | Ansible + Terraform |
| |
Deploy a Tailscale node | Ansible + Terraform |
 |
pfSense administration, lab, usage guide | Guide |
  |
VMware kernel module signing for SecureBoot on Ubuntu | Bash |
| |
Deploy auditd + laurel | Ansible, Bash |
| |
Deploy unbound DNS resolver with DNS over TLS + logging | Ansible, Bash |
 |
Hyper-V Enhanced Session Linux guest tools (for manual installation) | Ansible, Fork |
 |
Deploy and manage OpenSSH Server on Windows | PS Module |
| |
Deploy and manage Sysinternals + Sysmon rules on Windows | PS Script |
| |
Windows Sandbox configuration files and startup scripts | WSB Files |
- 🎯 Other pentesting certifications
- 🏗️ Git, infrastructure, automation
- 🛠️ Building utilites for everyday use