GrepCaffeine's starred repositories
Ghostwriter
The SpecterOps project management and reporting engine
adversary_emulation_library
An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.
govready-q
An open source, self-service GRC tool to automate security assessments and compliance.
docker-awssecrets
Thin wrapper around AWS Secrets Manager. Useful for CI.
AzureC2Relay
AzureC2Relay is an Azure Function that validates and relays Cobalt Strike beacon traffic by verifying the incoming requests based on a Cobalt Strike Malleable C2 profile.
attack-navigator
Web app that provides basic navigation and annotation of ATT&CK matrices
owasp-mastg
The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).
ssl-kill-switch2
Blackbox tool to disable SSL certificate validation - including certificate pinning - within iOS and macOS applications.
DetectionLab
Automate the creation of a lab environment complete with security tooling and logging best practices
ThreatHunter-Playbook
A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.
attack_range
A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data into Splunk
atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
Red-Teaming-Toolkit
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
sysmon-modular
A repository of sysmon configuration modules
sysmon-dfir
Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.
celerystalk
An asynchronous enumeration & vulnerability scanner. Run all the tools on all the hosts.