🕶 Awesome Mac Admin Tools list

This project aims to compare and evaluate the telemetry of various EDR products.

Creating a resource to help build and manage an Insider Threat program.

Archive of Potential Insider Threats

The principal objective of this project is to develop a knowledge base of the tactics, techniques, and procedures (TTPs) used by insiders in the IT environment. It will establish an Insider Threat …

Built-in Panther detection rules and policies

Data Hacking Project

A Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.

GRR Rapid Response: remote live forensics for incident response

notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)

An AI-powered threat modeling tool that leverages OpenAI's GPT models to generate threat models for a given application based on the STRIDE methodology.

Burp Plugin to Bypass WAFs through the insertion of Junk Data

Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database.

A curated list of awesome Amazon Web Services (AWS) libraries, open source repos, guides, blogs, and other resources. Featuring the Fiery Meter of AWSome.

CloudMapper helps you analyze your Amazon Web Services (AWS) environments.

Microsoft ICSpector (ICS Forensics Tools framework) is an open-source forensics framework that enables the analysis of Industrial PLC metadata and project files.

Terratest is a Go library that makes it easier to write automated tests for your infrastructure code.

This repository contains sample programs that mimick behavior found in real-world malware. The goal is to provide source code that can be compiled and used for learning purposes, without having to …

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

Fast and customizable vulnerability scanner based on simple YAML based DSL.

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Configuration Management (CM) Security Playground. A small enterprise security lab to practice automation + CM tooling like Ansible, Chef, Puppet, DSCv2, DSCv3, SaltStack.

Vulnerable REST API with OWASP top 10 vulnerabilities for security testing

Generate CloudFormation / Terraform / Troposphere templates from your existing AWS resources.

Serverless Python

open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF