GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → mikeprivette → NIST-to-Tech

mikeprivette / NIST-to-Tech

Licence: GPL-3.0 license
An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)

Labels

nistcybersecurityvulnerabilityinfosecpentestingpentestnetseccyber-securityinfosec-referenceblueteamnist800-53nist-csfredteampurpleteampentesting-toolscyber-security-teamnetsec-toolsnetsecurityinfosec-approvednist-cybersecurity-framework

Projects that are alternatives of or similar to NIST-to-Tech

github-watchman
Monitoring GitHub for sensitive data shared publicly
Stars: ✭ 60 (-1.64%)
Mutual labels:  cybersecurity, infosec, blueteam, redteam, purpleteam
MurMurHash
This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.
Stars: ✭ 79 (+29.51%)
Mutual labels:  cybersecurity, infosec, blueteam, redteam, purpleteam
Vuldash
Vulnerability Dashboard
Stars: ✭ 16 (-73.77%)
Mutual labels:  cybersecurity, vulnerability, infosec, pentest
1earn
ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 3,715 (+5990.16%)
Mutual labels:  infosec, pentest, blueteam, redteam
phisherprice
All In One Pentesting Tool For Recon & Auditing , Phone Number Lookup , Header , SSH Scan , SSL/TLS Scan & Much More.
Stars: ✭ 38 (-37.7%)
Mutual labels:  cybersecurity, infosec, cyber-security, pentesting-tools
Snoop
Snoop — инструмент разведки на основе открытых данных (OSINT world)
Stars: ✭ 886 (+1352.46%)
Mutual labels:  infosec, pentest, blueteam, redteam
Defaultcreds Cheat Sheet
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Stars: ✭ 1,949 (+3095.08%)
Mutual labels:  cybersecurity, infosec, pentest, blueteam
Pentesting
Misc. Public Reports of Penetration Testing and Security Audits.
Stars: ✭ 24 (-60.66%)
Mutual labels:  vulnerability, infosec, pentest, infosec-reference
Slack Watchman
Monitoring your Slack workspaces for sensitive information
Stars: ✭ 159 (+160.66%)
Mutual labels:  cybersecurity, infosec, blueteam, redteam
argus
Argus Advanced Remote & Local Keylogger For macOS and Windows
Stars: ✭ 87 (+42.62%)
Mutual labels:  cybersecurity, pentest, cyber-security, pentesting-tools
Gitlab Watchman
Monitoring GitLab for sensitive data shared publicly
Stars: ✭ 127 (+108.2%)
Mutual labels:  cybersecurity, infosec, blueteam, redteam
Spiderfoot
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+11181.97%)
Mutual labels:  cybersecurity, infosec, pentest
A Red Teamer Diaries
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (+526.23%)
Mutual labels:  cybersecurity, vulnerability, redteam
py-scripts-other
A collection of some of my scripts
Stars: ✭ 79 (+29.51%)
Mutual labels:  cybersecurity, infosec, pentesting-tools
ReversePowerShell
Functions that can be used to gain Reverse Shells with PowerShell
Stars: ✭ 48 (-21.31%)
Mutual labels:  cybersecurity, cyber-security, redteam
Awesome Security Hardening
A collection of awesome security hardening guides, tools and other resources
Stars: ✭ 630 (+932.79%)
Mutual labels:  cybersecurity, infosec, blueteam
tryhackme-ctf
TryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.
Stars: ✭ 140 (+129.51%)
Mutual labels:  cybersecurity, pentest, cyber-security
Zeek-Network-Security-Monitor
A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the necessary hardware and setup and finally provide some examples of how you can use the power of Zeek to have absolute control over your network.
Stars: ✭ 38 (-37.7%)
Mutual labels:  cybersecurity, cyber-security, cyber-security-team
Awesome Nodejs Security
Awesome Node.js Security resources
Stars: ✭ 1,294 (+2021.31%)
Mutual labels:  cybersecurity, infosec, pentest
conti-pentester-guide-leak
Leaked pentesting manuals given to Conti ransomware crooks
Stars: ✭ 772 (+1165.57%)
Mutual labels:  cybersecurity, infosec, pentesting-tools
View All Similar Projects ➔

NIST-to-Tech

An open-source listing of cybersecurity technologies mapped to the NIST Cybersecurity Framework (CSF).

The NIST Cybersecurity Framework

Recognizing that the national and economic security of the United States depends on the reliable function of critical infrastructure, an Executive Order in 2013 instructed the National Institute of Standards and Technology (NIST) to create a cybersecurity framework (CSF) for Improving Critical Infrastructure Cybersecurity.

The framework focuses on using business drivers to guide cybersecurity activities. It considers cybersecurity risks as part of the organization’s risk management processes.

Why the NIST CSF

It’s a helpful way to relate cybersecurity tools to the NIST CSF capabilities.

NIST isn’t applicable to everyone, but it’s a common way to speak and maps well to other frameworks. It helped me on a few projects, and I hadn’t seen anything like this before in the wild, so I thought others would find it valuable too.

The Technology

What's not included in the framework is a guide on how to apply technology. There are so many technologies and open-source tools available to achieve the goals of the framework.

Organizations are all complex in different ways. Technology and it's implementation requires nuance and results can often vary.

There is no one-size-fits-all or truisms when it comes to technology, other than the fact that every organization needs technology and needs ways to secure their business.

This repository is a starting point to help the community make technology decisions that map to the NIST CSF. It will give you a framework to see how your current tools measure up and see what you may be missing and need to consider.

Looking for a more in-depth analysis on cybersecurity ceoncepts and technologies? Check out Return on Security.

The Tools

Here is the mapping:

Contributing

Please feel free to fork and/or add issues/PRs to help make this work better for everyone.
Feel free to challenge categorizations and move things around where it makes sense.
If anyone has a better way to display this, I'm all ears! 👂

Discoverability

infosec, information security, cybersec, cyber security, cybersecurity, netsec, vulnerability, disclosure, hacking
pentest, penetration test, red team, blue team, purple team
nist-to-tech, nist-to-tools, nist tools, nist, nist csf, cybersercurity framework, identify, detect, protect, respond, recover, nist 800-53, 800-53, nist 800-53-ra5

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].