Grub-Meister's Stars
google/clusterfuzz
Scalable fuzzing infrastructure.
OWASP/ASVS
Application Security Verification Standard
excalidraw/excalidraw
Virtual whiteboard for sketching hand-drawn like diagrams
docker/docker-bench-security
The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in production.
its-a-feature/Mythic
A collaborative, multi-platform, red teaming framework
center-for-threat-informed-defense/attack-flow
Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flows for a small corpus of incidents, and creating visualization tools to display attack flows.
tidalcyber/cyber-threat-profiling
A library of reference materials, tools, and other resources to aid threat profiling, threat quantification, and cyber adversary defense
monkbai/DNN-decompiler
BTD - Bin To DNN: A DNN Executables Decompiler
wazuh/wazuh
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
ossec/ossec-hids
OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.
toniblyx/my-arsenal-of-aws-security-tools
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
anchore/grype
A vulnerability scanner for container images and filesystems
anchore/syft
CLI tool and library for generating a Software Bill of Materials from container images and filesystems
CISOfy/lynis
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
quay/clair
Vulnerability Static Analysis for Containers
authelia/authelia
The Single Sign-On Multi-Factor portal for web apps
ory/kratos
Headless cloud-native authentication and identity management written in Go. Scales to a billion+ users. Replace Homegrown, Auth0, Okta, Firebase with better UX and DX. Passkeys, Social Sign In, OIDC, Magic Link, Multi-Factor Auth, SMS, SAML, TOTP, and more. Runs everywhere, runs best on Ory Network.
cilium/cilium
eBPF-based Networking, Security, and Observability
aquasecurity/trivy
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
falcosecurity/falco
Cloud Native Runtime Security
prowler-cloud/prowler
Prowler is an Open Cloud Security tool for AWS, Azure, GCP and Kubernetes. It helps for continuos monitoring, security assessments and audits, incident response, compliance, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more.
salesforce/cloudsplaining
Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.
OWASP/threat-dragon
An open source threat modeling tool from OWASP
securego/gosec
Go security checker
tmobile/pacbot
PacBot (Policy as Code Bot)
ramimac/aws-customer-security-incidents
A repository of breaches of AWS customers
OWASP/threat-model-cookbook
This project is about creating and publishing threat model examples.
hysnsec/awesome-threat-modelling
A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for learning Threat modeling and initial phases of security review.
soyersoyer/cameractrls
Camera controls for Linux
dzhng/deep-seek
LLM powered retrieval engine designed to process a ton of sources to collect a comprehensive list of entities.