Enhance your malware detection with WAF + YARA (WAFARAY) WAFARAY is a LAB deployment based on Debian 11.3.0 (stable) x64 made and cooked between two main ingredients WAF + YARA to detect malicious files...
Self-Service Security Assessment tool Cybersecurity remains a very important topic and point of concern for many CIOs, CISOs, and their customers. To meet these important concerns, AWS has developed a primary set of services...
NetLlix A project was created with the aim to emulate and test the exfiltration of data over different network protocols. The emulation is performed w/o the usage of native API’s. This will help blue...
cis-vsphere A tool to assess the compliance of a VMware vSphere environment against the CIS Benchmark for VMware vSphere. Requirements VMware PowerCLI 12.0.0 or higher VMware vSphere 7.0 Usage Clone the repo: git clone...
YATAS Yet Another Testing & Auditing Solution Features YATAS is a simple and easy-to-use tool to audit your infrastructure for misconfiguration or potential security issues. AWS – 43 Checks APIGateway AWS_APG_001 Apigateway Cloudwatch Logs...
KRIe KRIe is a research project that aims to detect Linux Kernel exploits with eBPF. KRIe is far from being a bulletproof strategy: from eBPF-related limitations to post exploitation detections that might rely on...
PowerHuntShares PowerHuntShares is designed to automatically inventory, analyze, and report excessive privilege assigned to SMB shares on Active Directory domain joined computers. It is intended to help IAM and other blue teams gain a...
StackRox Kubernetes Security Platform The StackRox Kubernetes Security Platform performs a risk analysis of the container environment, delivers visibility and runtime alerts, and provides recommendations to proactively improve security by hardening the environment. StackRox...
DC Sonar Analyzing AD domains for security risks related to user accounts Architecture For the visual descriptions, open the diagram files using the diagrams.net tool. The app consists of: The dc-sonar-frontend is the fronted part of the user web interface...
BlueHound BlueHound is an open-source tool that helps blue teams pinpoint the security issues that actually matter. By combining information about user permissions, network access, and unpatched vulnerabilities, BlueHound reveals the paths attackers would...
Tarian Protect your applications running on Kubernetes from malicious attacks by pre-registering your trusted processes and trusted file signatures. Tarian will detect unknown processes and changes to the registered files, then it will send...
What is sandfly-entropyscan? sandfly-entropyscan is a utility to quickly scan files or running processes and report on their entropy (a measure of randomness) and if they are a Linux/Unix ELF type executable. Some malware for...
Popeye – A Kubernetes Cluster Sanitizer Popeye is a utility that scans live Kubernetes cluster and reports potential issues with deployed resources and configurations. It sanitizes your cluster based on what’s deployed and not...
What is Matano? Matano is an open-source security lake platform for AWS. It lets you ingest petabytes of security and log data from various sources, store and query them in a data lake, and...
Sandbox Scryer The Sandbox Scryer is an open-source tool for producing threat hunting and intelligence data from public sandbox detonation output. The tool leverages the MITRE ATT&CK Framework to organize and prioritize findings, assisting...
Secure Your Connection
