glenn-sq's Stars
block/goose
Goose is a developer agent that operates from your command line to help you do the boring stuff.
dwillowtree/diana
Save toil in security operations with: Detection & Intelligence Analysis for New Alerts (D.I.A.N.A. )
ydkhatri/mac_apt
macOS (& ios) Artifact Parsing Tool
openai/openai-security-bots
CaliDog/certstream-python
Python library for connecting to CertStream
center-for-threat-informed-defense/insider-threat-ttp-kb
The principal objective of this project is to develop a knowledge base of the tactics, techniques, and procedures (TTPs) used by insiders in the IT environment. It will establish an Insider Threat TTP Knowledge Base, built upon data collected on insider threat incidents and lessons learned and experience from the ATT&CK knowledge base.
log2timeline/dfimagetools
Collection of tools for processing storage media images
google/GiftStick
1-Click push forensics evidence to the cloud
google/zoekt
Fast trigram based code search
rootlyhq/terraform-provider-rootly
Terraform provider for Rootly.
redcanaryco/mac-monitor
Red Canary Mac Monitor is an advanced, stand-alone system monitoring tool tailor-made for macOS security research. Beginning with Endpoint Security (ES), it collects and enriches system events, displaying them graphically, with an expansive feature set designed to reduce noise.
kpolley/slackurity
Slack bot which promotes Defense in Depth/Zero Trust security practices
square/keywhiz
A system for distributing and managing secrets
CrowdStrike/Falcon-Toolkit
Unleash the power of the Falcon Platform at the CLI
DataDog/guarddog
:snake: :mag: GuardDog is a CLI tool to Identify malicious PyPI and npm packages
cashapp/pivit
haidermdost/Threat-Detection-Maturity-Framework
CrowdStrike/automactc
AutoMacTC: Automated Mac Forensic Triage Collector
square/mssh
square/sudo_pair
Plugin for sudo that requires another human to approve and monitor privileged sudo sessions
orlikoski/Skadi
Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux