Theragus's Stars
hashicorp/terraform
Terraform enables you to safely and predictably create, change, and improve infrastructure. It is a source-available tool that codifies APIs into declarative configuration files that can be shared amongst team members, treated as code, edited, reviewed, and versioned.
yeti-platform/yeti
Your Everyday Threat Intelligence
wazuh/wazuh
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
TracecatHQ/tracecat
The open source Tines / Splunk SOAR alternative for security engineers.
malvuln/RansomLord
RansomLord is a proof-of-concept Anti-Ransomware exploitation tool that automates the creation of PE files, used to compromise ransomware pre-encryption.
PhonePe/mantis
Mantis is a security framework that automates the workflow of discovery, reconnaissance, and vulnerability scanning.
fail2ban/fail2ban
Daemon to ban hosts that cause multiple authentication errors
Keyfactor/ejbca-ce
EJBCA® – Open-source public key infrastructure (PKI) and certificate authority (CA) software.
Permiso-io-tools/CloudConsoleCartographer
Released at Black Hat Asia on April 18, 2024, Cloud Console Cartographer is a framework for condensing groupings of cloud events (e.g. CloudTrail logs) and mapping them to the original user input actions in the management console UI for simplified analysis and explainability.
SAP/cloud-active-defense
Add a layer of active defense to your cloud applications.
authelia/authelia
The Single Sign-On Multi-Factor portal for web apps
h4r5h1t/webcopilot
An automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities.
Lissy93/web-check
🕵️♂️ All-in-one OSINT tool for analysing any website
Stratus-Security/Subdominator
The Internets #1 Subdomain Takeover Tool
FalconForceTeam/SOAPHound
SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Directory Web Services (ADWS) protocol.
prowler-cloud/prowler
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more
factionsecurity/faction
Pen Test Report Generation and Assessment Collaboration
projectdiscovery/cvemap
Navigate the CVE jungle with ease.
Permiso-io-tools/CloudGrappler
lkarlslund/Adalanche
Active Directory ACL Visualizer and Explorer - who's really Domain Admin? (Commerical versions available from NetSection)
oryxlabs/PolarDNS
PolarDNS is a specialized authoritative DNS server suitable for penetration testing and vulnerability research.
Orange-Cyberdefense/GOAD
game of active directory
Shuffle/Shuffle
Shuffle: A general purpose security automation platform. Our focus is on collaboration and resource sharing.
milanm/azure-cheat-sheet
Every product, feature and service in the Azure family.
kristofferandreasen/awesome-azure
A Curated List of Azure Resources. The list provides you with enough resources to get a full overview of the services in Azure and get started with cloud computing.
ManagedSentinel/AzureSentinelKQLScripts
Various tools used to monitor and troubleshoot Azure Sentinel data
microsoft/Microsoft-Cloud-App-Security
Additional Resources to improve Customer Experience with Microsoft Cloud App Security
rod-trent/MustLearnKQL
Code included as part of the MustLearnKQL blog series
Azure/powerautomate-avd-starter-kit
Starter kit to help customers integrate with and leverage Azure Virtual Desktop to scale their Power Automate Desktop machine groups
tailscale/tailscale
The easiest, most secure way to use WireGuard and 2FA.