Skip to content
View pirateape's full-sized avatar
0 followers · 1 following

Achievements

Achievement: Pull Sharkx3Achievement: QuickdrawAchievement: Pair Extraordinairex2Achievement: YOLO

Achievements

Achievement: Pull Sharkx3Achievement: QuickdrawAchievement: Pair Extraordinairex2Achievement: YOLO

Block or report pirateape

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
pirateape/README.md

🔐 Building security tools, one zero‑day at a time

Security engineer. Rust builder. Zero‑trust practitioner.

I build tools that make security measurable, actionable, and free.
No SaaS. No exfiltration. No licensing traps — just a binary, your terminal, and your code.

🛡️ What I've Built

Project Description Stack
ApeGuard One-command local security audit — 5 scanner layers, ZT mapping, multi-format reports Rust · CLI · MCP
Azure Security 100+ KQL queries, PowerShell audits, Azure Policies, Bicep baselines, Sentinel workbooks & playbooks KQL · PowerShell · ARM
UZTF The Unified Zero Trust Framework — 8-pillar maturity model that extends CISA ZTMM with quantitative scoring Spec · YAML · Kyōto

brew install apeguard → finds secrets, vulns, misconfigs, and attack chains in your codebase.
Outputs Markdown, JSON, SARIF, or HTML — for engineers, leadership, and auditors.

📦 Quick Start

# Install ApeGuard (macOS / Linux)
brew tap pirateape/tap && brew install apeguard

# Full audit — your source code right now
apeguard run --dir . --report md

📊 What I'm Focused On

  • Making security posture zero‑cost — every team deserves enterprise‑grade tooling
  • Closing the CISA-to-execution gap — frameworks are useless without CLI tools that implement them
  • Rust-native security tooling — memory‑safe, single binary, no runtime deps
  • AI‑augmented remediation — using LLMs to close findings, not just find them

🔗 Links

ApeGuard Azure Security UZTF

📈 Activity & Stats 
▲   ApeGuard         — Rust security scanner        ▲ 131 tests · 0 warnings · v0.1.0
▲   Azure Security   — Azure defense-in-depth       ▲ 45 KQL · 35 PS1 · 14 policies · 7 alert rules
▲   UZTF             — Zero Trust Framework         ▲ Released v1.0 · CISA-aligned

Pinned Loading

  1. ape-guard ape-guard Public

    One-command security posture assessment — layered scanning, Unified Zero Trust Framework mapping, multi-audience reports.

    Rust

  2. Azure-Security Azure-Security Public

    A comprehensive security library for Azure infrastructure, Entra ID, M365, and Edge security.

    PowerShell

  3. unified-zero-trust-framework unified-zero-trust-framework Public

    Unified Zero Trust Framework — an 8-pillar maturity model that builds on CISA's ZT Maturity Model to provide actionable, implementation-focused security posture assessment