Skip to content
View 0xBahalaNa's full-sized avatar
🛠️
Building
🛠️
Building
31 followers · 63 following

Achievements

Achievement: Pull Sharkx2Achievement: YOLOAchievement: QuickdrawAchievement: Pair Extraordinaire

Achievements

Achievement: Pull Sharkx2Achievement: YOLOAchievement: QuickdrawAchievement: Pair Extraordinaire

Block or report 0xBahalaNa

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
0xBahalaNa/README.md

Hey, I'm Luigi (0xBahalaNa)

About Me

I work at the intersection of compliance engineering and public safety technology. My background spans Identity Governance and Administration (privileged access monitoring, user access reviews, RBAC analysis) in regulated financial environments and compliance-focused technical support in a FedRAMP High environment serving federal and state/local law enforcement agencies.

I build tools that automate audit evidence collection, continuous monitoring, and compliance-as-code workflows in AWS, replacing manual checkbox processes with repeatable, scriptable, auditor-ready outputs.

Open to: GRC Engineer | Compliance Engineer | Security Analyst roles specializing in public safety technology

Frameworks: CJIS Security Policy v6.0 | FedRAMP High | NIST 800-53 Rev 5 | NIST CSF 2.0

Certifications: SSCP | CySA+ | PenTest+ | Security+ | Network+ | A+ | Project+ | ITIL 4 Foundations | Linux LPI Essentials

What I'm Building

These repos form a compliance lifecycle: each tool handles a stage of the continuous monitoring and audit evidence pipeline.

Audit tools detect -> Config monitor watches -> Remediation fixes
    -> Evidence logger collects -> Compliance report visualizes
  • GRC Engineering: automating audit evidence collection and compliance-as-code workflows, mapping tools to CJIS Security Policy, FedRAMP, and NIST 800-53 controls
  • Identity Engineering (IAM/IGA): streamlining access reviews and provisioning pipelines, applying AC-family control requirements to real infrastructure
  • Cloud Security: building AWS security tooling aligned to compliance baselines with CI/CD integration

Technical Stack

Category Technologies
Cloud AWS (CloudTrail, Config, EventBridge, GovCloud, IAM, KMS, Lambda, S3, Security Hub)
Languages Python (boto3, oscal-pydantic, compliance-trestle), Bash, AWS CLI
Infrastructure as Code AWS CloudFormation, Terraform
Policy-as-Code OPA/Rego, Checkov, Conftest
CI/CD GitHub Actions
IAM & IGA Access Reviews, Privileged Access Monitoring, RBAC, Least Privilege, SSO
Compliance CJIS Security Policy v6.0, FedRAMP High, NIST 800-53 Rev 5, NIST CSF 2.0, OSCAL
Observability Kibana/OpenSearch, Splunk, Sentry, SIEM dashboards (KQL)

Featured Projects

Infrastructure & Continuous Monitoring

  • AWS Compliance as Code: CloudFormation templates and Service Control Policies enforcing security baselines
  • AWS Config Compliance Monitor: Event-driven compliance monitoring and auto-remediation for CJIS and FedRAMP High environments using AWS Config, Lambda, and SSM

Audit & Evidence Collection Tools

  • IAM Audit: Audits AWS IAM users for MFA compliance and credential hygiene
  • S3 Audit: Audits S3 buckets for encryption, public access, and versioning
  • Security Group Audit: Audits security groups for overly permissive inbound rules
  • CloudTrail Audit: Audits CloudTrail configuration for logging compliance
  • Evidence Logger: Generates timestamped, auditor-ready evidence files from compliance checks
  • Compliance Report: Aggregates compliance data into structured reports with pass/fail summaries

Security & Policy-as-Code

  • Policy Checker: Scans AWS IAM policies for overly permissive configurations and CJIS v6.0 violations. 27 unit tests, GitHub Actions CI/CD.
  • Secret Scanner: Scans files and repos for exposed credentials and secrets with CI/CD gating via non-zero exit codes

Each tool includes control mappings to NIST 800-53 Rev 5, FedRAMP High, and CJIS Security Policy v6.0 requirements.

Currently Learning

  • OSCAL and IBM Compliance Trestle for machine-readable compliance artifacts (FedRAMP 20x alignment)
  • Terraform for multi-environment IaC deployments
  • Open Policy Agent (OPA) and Rego for policy-as-code enforcement
  • CJIS Security Policy v6.0 deltas from FedRAMP High (FIPS 140-2/3, agency-managed keys, CJI-specific access controls)

Where to Find Me

LinkedIn | Medium | HackTheBox

Pinned Loading

  1. iam-audit iam-audit Public

    A Python tool that audits all IAM users in your AWS account for MFA compliance.

    Python 3 2

  2. evidence-logger evidence-logger Public

    A Python tool that generates timestamped audit evidence files from a AWS policy compliance check.

    Python 1

  3. aws-compliance-as-code aws-compliance-as-code Public

    Automated AWS compliance guardrails using Service Control Policies and CloudFormation. Controls enforce audit log protection, encryption at rest, boundary protection, and least functionality, mappe…

    1

  4. s3-audit s3-audit Public

    A Python tool that audits all S3 buckets in your AWS account for security compliance.

    Python