rseedorff's Stars
owasp-amass/amass
In-depth attack surface mapping and asset discovery
gophish/gophish
Open-Source Phishing Toolkit
prowler-cloud/prowler
Prowler is an Open Cloud Security tool for AWS, Azure, GCP and Kubernetes. It helps for continuos monitoring, security assessments and audits, incident response, compliance, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more.
anchore/grype
A vulnerability scanner for container images and filesystems
guardicore/monkey
Infection Monkey - An open-source adversary emulation platform
anchore/syft
CLI tool and library for generating a Software Bill of Materials from container images and filesystems
A-poc/RedTeam-Tools
Tools and Techniques for Red Team / Penetration Testing
fastfire/deepdarkCTI
Collection of Cyber Threat Intelligence sources from the deep and dark web
sigstore/cosign
Code signing and transparency for containers and binaries
grafana/mimir
Grafana Mimir provides horizontally scalable, highly available, multi-tenant, long-term storage for Prometheus.
grafana/tempo
Grafana Tempo is a high volume, minimal dependency distributed tracing backend.
Threekiii/Awesome-Redteam
一个攻防知识仓库 Red Teaming and Offensive Security
NVIDIA/garak
the LLM vulnerability scanner
jtesta/ssh-audit
SSH server & client security auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)
Orange-Cyberdefense/arsenal
Arsenal is just a quick inventory and launcher for hacking programs
intuitem/ciso-assistant-community
CISO Assistant is a one-stop-shop for GRC, covering Risk, AppSec and Audit Management and supporting +70 frameworks worldwide with auto-mapping: NIST CSF, ISO 27001, SOC2, CIS, PCI DSS, NIS2, CMMC, PSPF, GDPR, HIPAA, Essential Eight, NYDFS-500, DORA, NIST AI RMF, 800-53, 800-171, CyFun, CJIS, AirCyber, NCSC, ECC, SCF and so much more
greshake/llm-security
New ways of breaking app-integrated LLMs
Syslifters/sysreptor
A customizable and powerful penetration testing reporting platform for offensive security professionals. Simplify, customize, and automate your pentest reports with ease.
kubernetes-sigs/kueue
Kubernetes-native Job Queueing
12Knocksinna/Office365itpros
PowerShell examples for articles published on https://office365itpros.com and https://practical365.com. See https://o365itpros.gumroad.com/l/M365PS for the Automating Microsoft 365 with PowerShell eBook (included in the Office 365 for IT Pros bundle https://gum.co/O365IT/)
Zeyad-Azima/Offensive-Resources
A Huge Learning Resources with Labs For Offensive Security Players
d0nkeys/redteam
Red Team Scripts by d0nkeys (ex SnadoTeam)
RedTeamOperations/RedCloud-OS
RedCloudOS is a Cloud Adversary Simulation Operating System for Red Teams to assess the Cloud Security of Leading Cloud Service Providers (CSPs)
r1cksec/cheatsheets
Collection of knowledge about information security
TalEliyahu/Threat_Model_Examples
A collection of real-world threat model examples across various technologies, providing practical insights into identifying and mitigating security risks.
mantvydasb/Red-Team-Infrastructure-Automation
Disposable and resilient red team infrastructure with Terraform
AirbusProtect/AD-Canaries
The purpose of this project is to publish and maintain the deployment PowerShell script that automates deployments for Active Directory Canary objects.
Mrskos-SMP/policies
34 Policy Templates
Mrskos-SMP/prozessbeschreibungen
Kostenlose Prozessbeschreibungen
devsecopsmaturitymodel/metricCA