OtsecaOpen source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.
Stars: ✭ 416 (+890.48%)
LynisLynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Stars: ✭ 9,137 (+21654.76%)
LogontracerInvestigate malicious Windows logon by visualizing and analyzing Windows event log
Stars: ✭ 1,914 (+4457.14%)
AdtimelineTimeline of Active Directory changes with replication metadata
Stars: ✭ 252 (+500%)
Information Security TasksThis repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions
Stars: ✭ 108 (+157.14%)
LolbasLiving Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
Stars: ✭ 1,506 (+3485.71%)
MurMurHashThis little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.
Stars: ✭ 79 (+88.1%)
VulsAgent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Stars: ✭ 8,844 (+20957.14%)
github-watchmanMonitoring GitHub for sensitive data shared publicly
Stars: ✭ 60 (+42.86%)
LolbasLiving Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
Stars: ✭ 3,810 (+8971.43%)
RdpCacheStitcherRdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.
Stars: ✭ 176 (+319.05%)
NIST-to-TechAn open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)
Stars: ✭ 61 (+45.24%)
LogESPOpen Source SIEM (Security Information and Event Management system).
Stars: ✭ 162 (+285.71%)
BTPS-SecPackThis repository contains a collection of PowerShell tools that can be utilized to protect and defend an environment based on the recommendations of multiple cyber security researchers at Microsoft. These tools were created with a small to medium size enterprise environment in mind as smaller organizations do not always have the type of funding a…
Stars: ✭ 33 (-21.43%)
prowlerProwler is an Open Source Security tool for AWS, Azure and GCP to perform Cloud Security best practices assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. It contains hundreds of controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.
Stars: ✭ 8,046 (+19057.14%)
ProwlerProwler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 200 controls covering CIS, ISO27001, GDPR, HIPAA, SOC2, ENS and other security frameworks.
Stars: ✭ 4,561 (+10759.52%)
CypherothAutomated, extensible toolset that runs cypher queries against Bloodhound's Neo4j backend and saves output to spreadsheets.
Stars: ✭ 179 (+326.19%)
Ir RescueA Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.
Stars: ✭ 311 (+640.48%)
EventTranscriptParserPython based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)
Stars: ✭ 22 (-47.62%)
MemlabsEducational, CTF-styled labs for individuals interested in Memory Forensics
Stars: ✭ 696 (+1557.14%)
Blue-Team-NotesYou didn't think I'd go and leave the blue team out, right?
Stars: ✭ 899 (+2040.48%)
CDIRCDIR (Cyber Defense Institute Incident Response) Collector - live collection tool based on oss tool/library
Stars: ✭ 122 (+190.48%)
awesome-rails-securityA curated list of security resources for a Ruby on Rails application
Stars: ✭ 36 (-14.29%)
ElectriceyeContinuously monitor your AWS services for configurations that can lead to degradation of confidentiality, integrity or availability. All results will be sent to Security Hub for further aggregation and analysis.
Stars: ✭ 255 (+507.14%)
DawnscannerDawn is a static analysis security scanner for ruby written web applications. It supports Sinatra, Padrino and Ruby on Rails frameworks.
Stars: ✭ 642 (+1428.57%)
uacUAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts.
Stars: ✭ 260 (+519.05%)
humbleA humble, and fast, security-oriented HTTP headers analyzer
Stars: ✭ 17 (-59.52%)
SherlockThis script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)
Stars: ✭ 36 (-14.29%)
MarsnakeSystem Optimizer and Monitoring, Security Auditing, Vulnerability scanner for Linux, macOS, and UNIX-based systems
Stars: ✭ 16 (-61.9%)
Dsinternals Directory Services Internals (DSInternals) PowerShell Module and Framework
Stars: ✭ 776 (+1747.62%)
Skf FlaskSecurity Knowledge Framework (SKF) Python Flask / Angular project
Stars: ✭ 573 (+1264.29%)
Badkarmanetwork reconnaissance toolkit
Stars: ✭ 353 (+740.48%)
Rails Security Checklist🔑 Community-driven Rails Security Checklist (see our GitHub Issues for the newest checks that aren't yet in the README)
Stars: ✭ 1,265 (+2911.9%)
Btle SnifferPassively scan for Bluetooth Low Energy devices and attempt to fingerprint them
Stars: ✭ 87 (+107.14%)
Audit scriptsScripts to gather system configuration information for offline/remote auditing
Stars: ✭ 55 (+30.95%)
HardentheworldHarden the world is a community driven project to develop hardening guidelines and checklists for common software and devices.
Stars: ✭ 158 (+276.19%)
DirsearchA Go implementation of dirsearch.
Stars: ✭ 164 (+290.48%)
Gscan本程序旨在为安全应急响应人员对Linux主机排查时提供便利,实现主机侧Checklist的自动全面化检测,根据检测结果自动数据聚合,进行黑客攻击路径溯源。
Stars: ✭ 1,177 (+2702.38%)
Golang TlsSimple Golang HTTPS/TLS Examples
Stars: ✭ 857 (+1940.48%)
PackratLive system forensic collector
Stars: ✭ 16 (-61.9%)
OSINTBookmarksOSINT Bookmarks for Firefox / Chrome / Edge / Safari
Stars: ✭ 34 (-19.05%)
CCXDiggerThe CyberCX Digger project is designed to help Australian organisations determine if they have been impacted by certain high profile cyber security incidents. Digger provides threat hunting functionality packaged in a simple-to-use tool, allowing users to detect certain attacker activities; all for free.
Stars: ✭ 45 (+7.14%)
MindMaps#ThreatHunting #DFIR #Malware #Detection Mind Maps
Stars: ✭ 224 (+433.33%)
dnslogMinimalistic DNS logging tool
Stars: ✭ 40 (-4.76%)
Hack4Squad💀 A bash hacking and scanning framework.
Stars: ✭ 45 (+7.14%)
ScyllaThe Simplistic Information Gathering Engine | Find Advanced Information on a Username, Website, Phone Number, etc.
Stars: ✭ 424 (+909.52%)
BlueCloudCyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.
Stars: ✭ 88 (+109.52%)
urlRecon📝 urlRecon - Info Gathering or Recon tool for Urls -> Retrieves * Whois information of the domain * DNS Details of the domain * Server Fingerprint * IP geolocation of the server
Stars: ✭ 31 (-26.19%)
netizenshipa commandline #OSINT tool to find the online presence of a username in popular social media websites like Facebook, Instagram, Twitter, etc.
Stars: ✭ 33 (-21.43%)
nerfballWant to see how something like Internet Chemotherapy works without bricking your own vms? This is a jail to reduce the python runtime from doing bad things on the host when running untrusted code. Nerf what you do not need 👾 + 🐛 ⚽ 🏈 🐳
Stars: ✭ 19 (-54.76%)
INDXRipperCarve file metadata from NTFS index ($I30) attributes
Stars: ✭ 32 (-23.81%)
BlowholeDocker auditing and enumeration script.
Stars: ✭ 21 (-50%)
MEATThis toolkit aims to help forensicators perform different kinds of acquisitions on iOS devices
Stars: ✭ 101 (+140.48%)