jorgeorchilles's Stars
BenderScript/PromptInjectionBench
Prompt Injection Attacks against GPT-4, Gemini, Azure, Azure with Jailbreak
dhammon/ai-goat
Learn AI security through a series of vulnerable LLM CTF challenges. No sign ups, no cloud fees, run everything locally on your system.
explodinggradients/ragas
Supercharge Your LLM Application Evaluations 🚀
looCiprian/GC2-sheet
GC2 is a Command and Control application that allows an attacker to execute commands on the target machine using Google Sheet or Microsoft SharePoint List and exfiltrate files using Google Drive or Microsoft SharePoint Document.
IncludeSecurity/c2-vulnerabilities
PoCs of RCEs against open source C2 servers
BushidoUK/Russian-APT-Tool-Matrix
A tool matrix for Russian APTs based on the Ransomware Tool Matrix
zyn3rgy/smbtakeover
BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions
securitytemplates/sectemplates
Open source templates you can use to bootstrap your security programs
BushidoUK/Ransomware-Tool-Matrix
A resource containing all the tools each ransomware gangs uses
hacksider/Deep-Live-Cam
real time face swap and one-click video deepfake with only a single image
rasta-mouse/OST-C2-Spec
Open Source C&C Specification
referefref/sinon
Automation tool for Windows Deception Host Burn-In
NetSPI/gcpwn
Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @WebbinRoot
Comcast/ProjectGuardRail
AI/ML applications have unique security threats. Project GuardRail is a set of security and privacy requirements that AI/ML applications should meet during their design phase that serve as guardrails against these threats. These requirements help scope the threats such applications must be protected against.
BCG-X-Official/artkit
Automated prompt-based testing and evaluation of Gen AI applications
nccgroup/SteppingStones
A Red Team Activity Hub
An0nUD4Y/Evilginx-Phishing-Infra-Setup
Evilginx Phishing Engagement Infrastructure Setup Guide
its-a-feature/Mythic
A collaborative, multi-platform, red teaming framework
BishopFox/sliver
Adversary Emulation Framework
vulncheck-oss/go-exploit
A Go-based Exploit Framework
center-for-threat-informed-defense/cwe-calculator
The CWE Calculator enables software development teams to score and prioritize discovered weaknesses empirically based on data in the National Vulnerability Database (NVD).
elder-plinius/L1B3RT4S
TOTALLY HARMLESS LIBERATION PROMPTS FOR GOOD LIL AI'S
open-webui/open-webui
User-friendly AI Interface (Supports Ollama, OpenAI API, ...)
InfoSecInnovations/concierge
Repo for Concierge AI dev work
SecureStackCo/visualizing-software-supply-chain
A project to visualize the software supply chain
tml-epfl/llm-adaptive-attacks
Jailbreaking Leading Safety-Aligned LLMs with Simple Adaptive Attacks [arXiv, Apr 2024]
robwillisinfo/Invoke-EncryptionSimulator
Invoke-EncryptionSimulator is designed to be a simple and safe way to emulate the encryption stage of a ransomware deployment to aid in development and testing of controls focusing on file system level changes rather than process related telemetry.
phidatahq/phidata
Build AI Agents with memory, knowledge, tools and reasoning. Chat with them using a beautiful Agent UI.
pytorch/torchtune
PyTorch native finetuning library
maester365/maester
The core repository for the Maester module with helper cmdlets that will be called from the Pester tests.