olegzhr's Stars
6mile/DevSecOps-Playbook
This is a step-by-step guide to implementing a DevSecOps program for any size organization
crowdsecurity/crowdsec
CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI.
scipag/vulscan
Advanced vulnerability scanning with Nmap NSE
Sysinternals/SysmonForLinux
SophosRapidResponse/OSQuery
Hestat/ossec-sysmon
A Ruleset to enhance detection capabilities of Ossec using Sysmon
NextronSystems/APTSimulator
A toolset to make a system look as if it was the victim of an APT attack
mitre-attack/attack-arsenal
A collection of red team and adversary emulation resources developed and released by MITRE.
palantir/alerting-detection-strategy-framework
A framework for developing alerting and detection strategies for incident response.
yeti-platform/yeti
Your Everyday Threat Intelligence
NUKIB/misp
Docker image for MISP
0x4D31/awesome-threat-detection
✨ A curated list of awesome threat detection and hunting resources 🕵️♂️
coolacid/docker-misp
A (nearly) production ready Dockered MISP
aws-solutions/automated-security-response-on-aws
Automated Security Response on AWS is an add-on solution that works with AWS Security Hub to provide a ready-to-deploy architecture and a library of automated playbooks. The solution makes it easier for AWS Security Hub customers to resolve common security findings and to improve their security posture in AWS.
sbousseaden/EVTX-ATTACK-SAMPLES
Windows Events Attack Samples
4auvar/VulnNodeApp
A vulnerable node.js application
OTRF/OSSEM
Open Source Security Events Metadata (OSSEM)
cloud-custodian/cloud-custodian
Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources
Cyb3r-Monk/Threat-Hunting-and-Detection
Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).
jthuraisamy/SysWhispers
AV/EDR evasion via direct system calls.
iann0036/former2
Generate CloudFormation / Terraform / Troposphere templates from your existing AWS resources.
aws-solutions/aws-waf-security-automations
This solution automatically deploys a single web access control list (web ACL) with a set of AWS WAF rules designed to filter common web-based attacks.
miztiik/url-filtering-with-nw-firewall
Deploy a firewall that should allow or drop traffic based on customisable rules
prowler-cloud/prowler
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more
sullo/nikto
Nikto web server scanner
panther-labs/panther-analysis
Built-in Panther detection rules and policies
aws-samples/amazon-guardduty-waf-acl
AWS GD2ACL
aws-samples/aws-security-hub-workshop
A Workshop for AWS Security Hub Integration, Prioritization, and Response
aws-samples/siem-on-amazon-opensearch-service
A solution for collecting, correlating and visualizing multiple types of logs to help investigate security incidents.
perryk/ansible-role-nginx-modsec3-crs3
Ansible role for Installing Nginx, compiling ModSecurity3, and installing the OWASP CRS v3 ruleset