Cloud Security • Malware Analysis • Digital Forensics
This repository (and associated projects) showcases real-world and simulated applications in:
- Cloud Security: Hardening AWS environments, serverless security, IAM auditing, and policy enforcement.
- Malware Analysis: Static and dynamic analysis of malicious code, obfuscated JavaScript deconstruction, and sandboxing.
- Digital Forensics: Memory forensics, log correlation, reverse engineering, and traceback investigations.
- AWS IAM & Lambda least-privilege policies
- S3 bucket misconfiguration scanning
- GuardDuty, CloudTrail, and Config integration
- Terraform/IaC security baselines
- JavaScript and Powershell deobfuscation
- C2 traffic decoding and packet analysis
- Custom Python tools for static/dynamic inspection
- Analysis of web-based attacks (XSS, skimming)
- Memory dump analysis (Volatility, Rekall)
- Windows & Linux incident triage
- Log analysis pipelines (ELK, Loki, Sigma)
- Timeline reconstruction and threat attribution
| Project | Description |
|---|---|
JSDeFr | the Javascript deobfuscation framework. |
AWS-PyScripts | collection of Python scripts used to evaluate AWS infrastructure security. |
rmp4_meta | a fast and lightweight Rust CLI tool for extracting metadata from .mp4 video files. |
pv-chat | end-to-end encrypted chat server and client developed on python. |
Feel free to reach out if you’d like to collaborate on:
- Cybersecurity automation tools
- Threat simulation environments
- Cloud threat detection and response
You can find me on LinkedIn or email me at
monterrozagerardo@icloud.com.