Projects

Personal and open-source work across cybersecurity, cloud engineering, and GRC — built in public, documented with architecture diagrams.

These projects are where concepts from certification study and security practice turn into real code and infrastructure. Everything is open source. github.com/Godfreymaiwun →

SecureOps Dashboard

🔧 Active ☁️ AWS · Python · Lambda 📅 Jan 2025

A cloud-native security monitoring dashboard that aggregates CloudTrail events, GuardDuty findings, and Security Hub alerts into a single prioritised feed. Built on AWS Lambda and EventBridge with SNS notifications and a DynamoDB state store. Designed for lean teams who need actionable signal without enterprise SIEM cost.

AWS LambdaCloudTrail GuardDutySecurity Hub EventBridgeDynamoDB Python
View on GitHub →

ThreatModel CLI

🔧 Active 🐍 Python · STRIDE · Markdown 📅 Feb 2025

A command-line tool that parses a simple YAML system description and generates a STRIDE-based threat model report in Markdown and HTML. Each component and data flow is automatically evaluated against Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege threat categories, with risk ratings and recommended mitigations. Designed to slot into a CI/CD pipeline so threat modelling happens continuously alongside code changes.

PythonSTRIDE CLIThreat Modelling YAMLMarkdown CI/CD
View on GitHub →

Honeypot Telemetry Collector

🔬 Research 🐍 Python · AWS EC2 · ELK 📅 Mar 2025

A lightweight SSH and HTTP honeypot deployed on an AWS EC2 instance that captures attacker TTPs (tactics, techniques, and procedures) in real time. All interactions — commands attempted, payloads dropped, IP sources, timing patterns — are streamed to an Elasticsearch cluster and visualised in Kibana. The goal is to build a living picture of unsolicited internet threat activity to inform defensive posture and security awareness training content.

PythonAWS EC2 HoneypotElasticsearch KibanaTTP Collection Logstash
View on GitHub →

Zero Trust Lab

🔧 In Progress ☁️ Terraform · AWS IAM · VPC 📅 Feb 2025

A Terraform-managed reference architecture implementing Zero Trust principles on AWS — identity-based access, microsegmentation via VPC security groups, continuous authentication via AWS IAM Identity Center, and encrypted east-west traffic. Intended as both a reproducible learning environment and a template for lean security teams migrating away from perimeter-based access models.

TerraformAWS IAM VPCZero Trust IAM Identity CentermTLS IaC
View on GitHub →

Multi-Region DR Runbook

🔧 Active ☁️ AWS · Terraform · Route 53 📅 Mar 2025

A documented and Terraform-coded disaster recovery architecture for multi-region AWS workloads, implementing a warm-standby pattern with automated failover via Route 53 health checks. The accompanying runbook details RTO and RPO targets, failover trigger criteria, step-by-step operational procedures, and rollback paths — bridging the gap between architecture diagrams and what an ops team actually does when something goes wrong at 2 a.m.

AWSRoute 53 RDS Multi-AZTerraform DR PlanningWarm Standby Runbook
View on GitHub →

Cloud Cost Sentinel

🔧 Active ☁️ AWS · Lambda · Cost Explorer 📅 Apr 2025

A serverless cost anomaly detection and alerting tool that monitors AWS spend in real time using Cost Explorer and AWS Budgets. A scheduled Lambda function analyses daily spend deltas, identifies services with unexpected growth, and publishes a formatted digest to SNS — surfacing cost anomalies before they become invoice surprises. Configurable thresholds, per-service breakdown, and a weekly trend report in HTML email.

AWS LambdaCost Explorer AWS BudgetsSNS EventBridgePython SES
View on GitHub →

GRC Automation Toolkit

🗂 Planning 🐍 Python · AWS Config · NIST 📅 Q2 2025

A lightweight toolkit that automates the most repetitive elements of GRC work: pulling control evidence from AWS Config and Security Hub, mapping findings to NIST 800-53 and ISO 27001 controls, and generating audit-ready reports in Markdown and PDF. Designed for practitioners who need GRC rigour without enterprise GRC platform cost — turning hours of evidence collection into a single command.

PythonAWS Config Security HubNIST 800-53 ISO 27001Markdown PDF
View on GitHub →

Policy-as-Code Framework

🔧 Active 🐍 Python · OPA · Terraform 📅 Mar 2025

A framework for expressing organisational security policies as code using Open Policy Agent (OPA) and Rego, integrated into a Terraform CI/CD pipeline. Infrastructure changes are evaluated against policy rules — encryption requirements, public access controls, tagging mandates, network boundaries — before deployment. Failed policies block the pipeline and produce a human-readable remediation report, making compliance a pre-deployment gate rather than a post-incident discovery.

OPARego TerraformGitHub Actions Policy-as-CodePython Conftest
View on GitHub →

Incident Response Playbook Generator

🔧 Active 🐍 Python · Markdown · Jinja2 📅 Apr 2025

A templating tool that generates organisation-specific incident response playbooks from a structured YAML configuration — covering escalation trees, containment steps, evidence preservation checklists, communication templates, and post-incident review structures. Output is a navigable HTML playbook and a printable PDF, aligned to NIST SP 800-61. Teams define their environment once; the generator produces role-specific playbook variants for analysts, managers, and executives from the same source of truth.

PythonJinja2 YAMLNIST 800-61 Incident ResponseHTML PDF
View on GitHub →

All projects are open source. Contributions, issues, and forks welcome.

github.com/Godfreymaiwun →