AWS Threat Simulation and Detection
AWS Threat Detection with Stratus Red Team This repository is a documentation of my adventures with Stratus Red Team – a tool for adversary emulation for the cloud. Stratus Red Team is “Atomic Red Team for the...
Category: Defense
Get-PDInvokeImports: perform automatic detection of P/Invoke, Dynamic P/Invoke and D/Invoke
Get-PDInvokeImports Get-PDInvokeImports is a tool (PowerShell module) which is able to perform automatic detection of P/Invoke, Dynamic P/Invoke, and D/Invoke usage in assembly. Showing all locations from where they are referenced and Exports all...
lockc: Making containers more secure with eBPF and Linux Security Modules
lockc lockc is open source software for providing MAC (Mandatory Access Control) type of security audit for container workloads. The main reason why lockc exists is that containers do not contain. Containers are not as secure and isolated...
atomic-operator: Python package is used to execute Atomic Red Team tests
atomic-operator This python package is used to execute Atomic Red Team tests (Atomics) across multiple operating system environments. Why? atomic-operator enables security professionals to test their detection and defensive capabilities against prescribed techniques defined...
attack flow v2.1.1 releases: helps defenders move from tracking adversary behaviors
Attack Flow The Attack Flow project helps defenders move from tracking adversary behaviors individually to the sequence of techniques adversaries use to achieve their goals. Understanding the context within those sequences, as well as...
TMOC: Threat Modelers on Chain
TMOC TMOC (Threat Modelers on Chain) is a tool that combines threat modeling with a blockchain-based collective intelligence system developed as a blockchain-based Web3 in the form of a decentralized web. Threat modeling is a...
Node Security Shield: Securing NodeJS Applications
Node Security Shield Node Security Shield (NSS) is a Developer and Security Engineer friendly module for Securing NodeJS Applications by allowing developers to declare what resources an application can access. NSS is an Open...
nightingale v6.7.1 releases: enterprise-level cloud-native monitoring system
Nightingale Nightingale is an enterprise-level cloud-native monitoring system, which can be used as a drop-in replacement for Prometheus for alerting and management. Nightingale is a cloud-native monitoring system by All-In-On design, that supports enterprise-class...
IOSSecuritySuite v1.9.10 releases: iOS platform security & anti-tampering Swift library
IOSSecuritySuite iOS Security Suite is an advanced and easy-to-use platform security & anti-tampering library written in pure Swift! If you are developing for iOS and you want to protect your app according to the...
API Firewall v0.6.14 releases: Fast and light-weight API proxy firewall
Open Source API Firewall API Firewall is a high-performance proxy with API request and response validation based on OpenAPI/Swagger schema. It is designed to protect REST API endpoints in cloud-native environments. It provides API...
batfish v2023.12.16 releases: network configuration analysis tool
What is Batfish? Batfish is a network validation tool that provides correctness guarantees for security, reliability, and compliance by analyzing the configuration of network devices. It builds complete models of network behavior from device...
ggshield v1.21 releases: Detect secret in source code, scan your repo for leaks
GitGuardian Shield: protect your secrets with GitGuardian GitGuardian shield (ggshield) is a CLI application that runs in your local environment or in a CI environment to help you detect more than 300 types of secrets,...
hcltm v0.1.6 releases: Threat Modeling with HCL
hcltm Threat Modeling with HCL Overview There are many different ways in which a threat model can be documented. From a simple text file to more in-depth word documents, to fully instrumented threat models...
nettrust: Dynamic Outbound Firewall Authorizer
NetTrust: Dynamic Outbound Firewall Authorizer NetTrust is a Dynamic Outbound Firewall Authorizer. It uses a DNS as a source of truth to allow/deny outbound requests Overview The idea is that we want to grant...
PurplePanda: AUTOMATED Privilege Escalation IN THE CLOUD
PurplePanda This tool fetches resources from different cloud/saas applications focusing on permissions in order to identify privilege escalation paths and dangerous permissions in the cloud/saas configurations. Note that PurplePanda searches both privileges escalation paths within a platform...
