smbowen Goto Github PK

insider-threat-ttp-kb

The principal objective of this project is to develop a knowledge base of the tactics, techniques, and procedures (TTPs) used by insiders in the IT environment. It will establish an Insider Threat TTP Knowledge Base, built upon data collected on insider threat incidents and lessons learned and experience from the ATT&CK knowledge base.

it-depends

A tool to automatically build a dependency graph and Software Bill of Materials (SBOM) for packages and arbitrary source code repositories.

kamerka-gui

Ultimate Internet of Things/Industrial Control Systems reconnaissance tool.

kpn-security-policy

KPN Security Policy

kubernetes-security-checklist

Kubernetes Security Checklist and Requirements - All in One (authentication, authorization, logging, secrets, configuration, network, workloads, dockerfile)

learn-cantrill-io-labs

Standard and Advanced Demos for learn.cantrill.io courses

log4shell

Operational information regarding the vulnerability in the Log4j logging library.

maturity-models

Maturity models for IT, Agile, DevOps, TOGAF, Six Sigma, P3M3, etc.

measure-mate

Simple tool to track maturity assessments

metagpt

🌟 The Multi-Agent Framework: Given one line Requirement, return PRD, Design, Tasks, Repo

mindmap

monkey

Infection Monkey - An automated pentest tool

mvsp

Minimum Viable Secure Product mvsp.dev

my-arsenal-of-aws-security-tools

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

network-segmentation-cheat-sheet

Best practices for segmentation of the corporate network of any company

nist-csf

NIST CyberSecurity Framework management tool

nist-ssdf-markdown

A version of the NIST Secure Software Development Framework (SSDF), in Markdown

ocsf-schema

OCSF Schema

opencspm

Open Cloud Security Posture Management Engine

ort

A suite of tools to assist with reviewing Open Source Software dependencies.

osint_toolkit

A full stack web application that combines many tools and services for security analysts into a single tool.

oss-ssc-framework

Open Source Software Secure Supply Chain Framework

owasp-calculator

🧮 An online calculator to assess the risk of web vulnerabilities based on OWASP Risk Assessment

payloads

Git All the Payloads! A collection of web attack payloads.

personal-security-checklist

🔒 A curated checklist of 300+ tips for protecting digital security and privacy in 2021

phishing.database

Phishing Domains, urls websites and threats database. We use the PyFunceble testing tool to validate the status of all known Phishing domains and provide stats to reveal how many unique domains used for Phishing are still active.

phoneinfoga

Information gathering & OSINT framework for phone numbers

podcast

This GitHub page shows the CISO Tradecraft Podcast broken down by Topic

prowler

Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 200 controls covering CIS, ISO27001, GDPR, HIPAA, SOC2, ENS and other security frameworks.

purple-team-exercise-framework

Purple Team Exercise Framework