julianwieg's Stars
scrapy/scrapy
Scrapy, a fast high-level web crawling & scraping framework for Python.
imartinez/privateGPT
Interact with your documents using the power of GPT, 100% privately, no data leaks
opentofu/manifesto
The OpenTF Manifesto expresses concern over HashiCorp's switch of the Terraform license from open-source to the Business Source License (BSL) and calls for the tool's return to a truly open-source license.
mckaywrigley/chatbot-ui
Come join the best place on the internet to learn AI skills. Use code "chatbotui" for an extra 20% off.
danny-avila/LibreChat
Enhanced ChatGPT Clone: Features Anthropic, AWS, OpenAI, Assistants API, Azure, Groq, o1, GPT-4o, Mistral, OpenRouter, Vertex AI, Gemini, Artifacts, AI model switching, message search, langchain, DALL-E-3, ChatGPT Plugins, OpenAI Functions, Secure Multi-User System, Presets, completely open-source for self-hosting. Actively in public development.
prowler-cloud/prowler
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more
OthersideAI/self-operating-computer
A framework to enable multimodal models to operate a computer.
nccgroup/ScoutSuite
Multi-Cloud Security Auditing Tool
cloudquery/cloudquery
The open source high performance ELT framework powered by Apache Arrow
ihebski/DefaultCreds-cheat-sheet
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Ne0nd0g/merlin
Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
optiv/ScareCrow
ScareCrow - Payload creation framework designed around EDR bypass.
matro7sh/BypassAV
This map lists the essential techniques to bypass anti-virus and EDR
anse-app/anse
Supercharged experience for multiple models such as ChatGPT, DALL-E and Stable Diffusion.
iknowjason/Awesome-CloudSec-Labs
Awesome free cloud native security learning labs. Includes CTF, self-hosted workshops, guided vulnerability labs, and research labs.
pushsecurity/saas-attacks
Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face. #nolockdown
DataDog/KubeHound
Tool for building Kubernetes attack paths
jordanpotti/CloudScraper
CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.
center-for-threat-informed-defense/tram
TRAM is an open-source platform designed to advance research into automating the mapping of cyber threat intelligence reports to MITRE ATT&CK®.
mvelazc0/BadZure
BadZure orchestrates the setup of Azure AD tenants, populating them with diverse entities while also introducing common security misconfigurations to create vulnerable tenants with multiple attack paths.
google/dfiq
DFIQ is a collection of investigative questions and the approaches for answering them
SpecterOps/TierZeroTable
Table of AD and Azure assets and whether they belong to Tier Zero
LuemmelSec/Custom-BloodHound-Queries
elastic/SWAT
Simple Workspace Attack Tool (SWAT) is a tool for simulating malicious behavior against Google Workspace in reference to the MITRE ATT&CK framework.
invictus-ir/ALFA
ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit logs and to perform automated forensic analysis on the audit logs using statistics and the MITRE ATT&CK Cloud Framework
oscal-club/awesome-oscal
A list of tools, blog posts, and other resources that further the use and adoption of OSCAL standards.
wunderwuzzi23/ropci
So, you think you have MFA? AAD/ROPC/MFA bypass testing tool
vectra-ai-research/derf
DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation of repeatable detection samples in the cloud. Built on Google Workflows
trufflesecurity/how-to-rotate
An open-source collection of API key rotation tutorials.
ermetic-research/cnappgoat-scenarios
This repository provides a comprehensive collection of Pulumi scenarios utilized by cnappgoat