Cybersecurity and Infrastructure Security Agency

Commit today, secure tomorrow.

United States of America

Pinned Repositories

cset
Cybersecurity Evaluation Tool
Language:TSQL1.5k 76 159271
decider
A web application that assists network defenders, analysts, and researchers in the process of mapping adversary behaviors to the MITRE ATT&CK® framework.
Language:HTML1.2k 30 30128
development-guide
A set of guidelines and best practices for an awesome engineering team
Language:Python225 21 2758
LME
Logging Made Easy (LME) is a no cost, open source platform that centralizes log collection, enhances threat detection, and enables real-time alerting, helping small to medium-sized organizations secure their infrastructure.
Language:Python984 25 36289
log4j-scanner
log4j-scanner is a project derived from other members of the open-source community by CISA to help organizations identify potentially vulnerable web services affected by the log4j vulnerabilities.
Language:Java1.3k 47 17214
Malcolm
Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.
Language:Python2.1k 53 384350
manage.get.gov
A Django-based domain name registrar that interfaces with an EPP registry
Language:Python63 8 2.2k24
RedEye
RedEye is a visual analytic tool supporting Red & Blue Team operations
Language:TypeScript2.7k 44 30281
ScubaGear
Automation to assess the state of your M365 tenant against CISA's baselines
Language:PowerShell2k 55 1.1k274
Sparrow
Sparrow.ps1 was created by CISA's Cloud Forensics team to help detect possible compromised accounts and applications in the Azure/m365 environment.
Language:PowerShell1.4k 108 60184

Cybersecurity and Infrastructure Security Agency's Repositories

cisagov/Malcolm
Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.
Language:Python2.1k 53 384350
cisagov/ScubaGear
Automation to assess the state of your M365 tenant against CISA's baselines
Language:PowerShell2k 55 1.1k274
cisagov/cset
Cybersecurity Evaluation Tool
Language:TSQL1.5k 76 159271
cisagov/LME
Logging Made Easy (LME) is a no cost, open source platform that centralizes log collection, enhances threat detection, and enables real-time alerting, helping small to medium-sized organizations secure their infrastructure.
Language:Python984 25 36289
cisagov/vulnrichment
A repo to conduct vulnerability enrichment.
593 26 9962
cisagov/dotgov-data
Official list of .gov domains
Language:Shell248 26 2379
cisagov/ScubaGoggles
SCuBA Secure Configuration Baselines and assessment tool for Google Workspace
Language:Open Policy Agent211 11 36035
cisagov/CSAF
CISA CSAF Security Advisories
66 11 1620
cisagov/manage.get.gov
A Django-based domain name registrar that interfaces with an EPP registry
Language:Python63 8 2.2k24
cisagov/kali-packer
This project can be used to create AMIs based on Kali Linux, a penetration testing distribution.
Language:HCL19 6 2610
cisagov/nessus-packer
Create machine images containing the Nessus vulnerability scanner
Language:HCL12 8 25
cisagov/XFD
CyHy Dashboard
Language:Python12 6 21610
cisagov/scan-target-data
Contains data used to identify targets for scanning
Language:Shell8 8 213
cisagov/ScubaConnect
Native cloud infrastructure for automatically running ScubaGear/ScubaGoggles
Language:HCL72
cisagov/freeipa-server-packer
Create a Fedora-based AMI with FreeIPA server installed.
Language:HCL6 4 113
cisagov/openvpn-packer
Creates machine images for use as an OpenVPN gateway
Language:HCL6 4 55
cisagov/terraformer-packer
Create an AMI that can be used to deploy AWS resources via Terraform.
Language:HCL6 5 17
cisagov/debian-packer
Create a Debian AMI
Language:HCL5 4 05
cisagov/guacscanner
Scan for EC2 instances added (removed) from a VPC and create (destroy) the corresponding Guacamole connections.
Language:Python4 5 96
cisagov/docker-packer
Create an AMI with Docker installed
Language:HCL3 6 34
cisagov/epplib
Forked from https://gitlab.nic.cz/fred/utils/epplib
Language:Python3 9 03
cisagov/pca-gophish-composition-packer
Create machine images that include cisagov/pca-gophish-composition
Language:HCL3 7 165
cisagov/samba-packer
Build a Samba-enabled AWS EC2 AMI.
Language:HCL3 5 04
cisagov/egress-assess-packer
Create an AMI with the Egress-Assess egress data detection tool.
Language:HCL2 6 23
cisagov/setup-go-package
Composite GitHub action to install a Go package.
Language:Shell2 5 03
cisagov/ubuntu-server-packer
Create an Ubuntu AMI
Language:HCL2 6 35
cisagov/action-disable-apparmor
A GitHub Action to disable AppArmor on the GitHub runner.
Language:Shell2
cisagov/action-job-preamble
A GitHub Action to apply cisagov's standard permissions monitoring and runner hardening. This Action is intended to be applied at the beginning of every GitHub Actions job.
Language:Shell2
cisagov/github-search-gov
Language:Shell2
cisagov/skeleton-action-composite
This is a generic skeleton project that can be used to quickly get a new cisagov GitHub composite Action project started.
Language:Shell2