FalconHound: blue team multi-tool
FalconHound FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is designed to be used in conjunction with an SIEM...
Category: Defense
Security Onion 2.4.30 releases: Linux distro for intrusion detection, enterprise security monitoring, and log management
Security Onion Security Onion is a free and open-source Linux distribution for intrusion detection, enterprise security monitoring, and log management. It includes Elasticsearch, Logstash, Kibana, Snort, Suricata, Bro, OSSEC, Sguil, Squert, NetworkMiner, and many...
ved-ebpf: Kernel Exploit and Rootkit Detection using eBPF
VED-eBPF: Kernel Exploit and Rootkit Detection using eBPF VED (Vault Exploit Defense)-eBPF leverages eBPF (extended Berkeley Packet Filter) to implement runtime kernel security monitoring and exploit detection for Linux systems. Introduction eBPF is an...
nightingale v6.5 releases: enterprise-level cloud-native monitoring system
Nightingale Nightingale is an enterprise-level cloud-native monitoring system, which can be used as a drop-in replacement for Prometheus for alerting and management. Nightingale is a cloud-native monitoring system by All-In-On design, that supports enterprise-class...
prowler v3.11.1 releases: AWS security assessment, auditing and hardening
Prowler: AWS Security Tool Prowler is a command-line tool for AWS Security Best Practices Assessment, Auditing, Hardening, and Forensics Readiness Tool. It follows guidelines of the CIS Amazon Web Services Foundations Benchmark (49 checks)...
ggshield v1.21 releases: Detect secret in source code, scan your repo for leaks
GitGuardian Shield: protect your secrets with GitGuardian GitGuardian shield (ggshield) is a CLI application that runs in your local environment or in a CI environment to help you detect more than 300 types of secrets,...
PurpleOps: open-source self-hosted purple team management web application
PurpleOps PurpleOps is a free, open-source web app to track Purple Team assessments. Create assessments aligned with MITRE ATT&CK, leveraging data from sources like Atomic Red Team and SIGMA. Centralise blue and red team...
opensnitch v1.6.4 releases: GNU/Linux port of the Little Snitch application firewall
OpenSnitch OpenSnitch is a GNU/Linux port of the Little Snitch application firewall. How Does It Work OpenSnitch is an application level firewall, meaning then while running, it will detect and alert the user for...
vast v4.4 releases: network telemetry engine for data-driven security investigations
VAST — Visibility Across Space and Time VAST is a network telemetry engine for data-driven security investigations. It ingests high-volume streams of network and logs data, indexes it for later retrieval, and offers several...
PersistenceSniper v1.14 releases: hunt persistences implanted in Windows machines
PersistenceSniper PersistenceSniper is a Powershell script that can be used by Blue Teams, Incident Responders, and System Administrators to hunt persistences implanted in Windows machines. The script is also available on Powershell Gallery. The...
