Projects

Open-source tools built around real problems I run into as a security engineer. All read-only, all free.

Enterprise-Zapp

Stable

Read-only scanner for Microsoft Entra ID tenants. Identifies security and hygiene issues across enterprise applications: expired credentials, stale apps, missing owners, orphaned registrations, overprivileged service principals, and Conditional Access gaps.

  • Risk scores each app 0-100 with Critical / High / Medium / Low classification
  • Outputs self-contained HTML reports, CSV exports, and optional PDF for audits
  • Uses device code flow with no stored credentials. Read-only by design.
PythonView on GitHub →

More projects in the works.