WhiteBeam Open source EDR with application whitelisting Features Block file-based malware, with planned support for fileless Modern...
Defense
TamaGo – bare metal Go for ARM SoCs TamaGo is a project that aims to provide compilation...
Threat Bus The missing tool to interconnect open-source security applications. Key Features Connect Open-Source Security Tools: Threat...
auditd-attack A Linux Auditd rule set mapped to MITRE’s Attack Framework Login Events Event Description AUDIT_CRYPTO_KEY_USER Create...
Spray-AD, a Cobalt Strike tool to perform a fast Kerberos password spraying attack against Active Directory. This...
sentinel-attack Sentinel ATT&CK aims to simplify the rapid deployment of a threat hunting capability that leverages Sysmon...
Real-time detection of high-risk attacks leveraging Kerberos and SMB This is a real-time detection tool for detecting...
Active Directory security workshops Pentesters or attackers often exploit the same obvious vulnerabilities in Active directory. Come...
pytm: A Pythonic framework for threat modeling Define your system in Python using the elements and properties...
Threat Alert Logic Repository (TALR) A public repository for the collection and sharing of detection rules in...
The OWASP Risk Assessment Framework The OWASP Risk Assessment Framework is Static application security testing and Risk...
AgentSmith-HIDS About AgentSmith-HIDS Technically, AgentSmith-HIDS is not a Host-based Intrusion Detection System (HIDS) due to a lack...
policy sentry Writing security-conscious IAM Policies by hand can be very tedious and inefficient. Many Infrastructure as...
Windows Firewall Ruleset Windows firewall rules organized into individual powershell scripts according to: Rule group Traffic direction...
s3tk A security toolkit for Amazon S3 Installation pip install s3tk You can use the AWS CLI to set...