dukr

hosts

🔒 Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.

nuclei

Fast and customizable vulnerability scanner based on simple YAML based DSL.

prowler

Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more

kestra

:zap: Open-source workflow automation platform. Orchestrate any language using YAML, hundreds of integrations. Alternative to Airflow, Zapier, RunDeck, Camunda, ...

magika

Detect file content types with deep learning

C4-PlantUML

C4-PlantUML combines the benefits of PlantUML and the C4 model for providing a simple way of describing and communicate software architectures

tart

macOS and Linux VMs on Apple Silicon to use in CI and other automations

awesome-etl

A curated list of awesome ETL frameworks, libraries, and software.

cloudgoat

CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

shodan-python

The official Python library for Shodan

stratus-red-team

:cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud

PyRIT

The Python Risk Identification Tool for generative AI (PyRIT) is an open access automation framework to empower security professionals and machine learning engineers to proactively find risks in their generative AI systems.

security_content

Splunk Security Content

PasteHunter

Scanning pastebin with yara rules

LME

Logging Made Easy (LME) is a no-cost and open logging and protective monitoring solution serving all organizations.

MalConfScan

Volatility plugin for extracts configuration data of known malware

autopsy_addon_modules

Repo to store compiled modules or links to 3rd party add-on modules.

detection-rules

Collection of YARA-L 2.0 sample rules for the Chronicle Detection API

kestrel-lang

Kestrel threat hunting language: building reusable, composable, and shareable huntflows across different data sources and threat intel.

IDiagnosticProfileUAC

YAMA

Yet Another Memory Analyzer for malware detection

Awesome-Deception

An awesome list of resources on deception-based security with honeypots and honeytokens

Security

General Security Scripts

dwarf2json

convert ELF/DWARF symbol and type information into vol3's intermediate JSON

volatility3-symbols

Collection of Linux and macOS Volatility3 Intermediate Symbol Files (ISF), suitable for memory analysis 🔍

IBM-QRadar-Universal-Cloud-REST-API

These workflows are provided for sample usage, new submissions and updates from the community, and are NOT supported by IBM.

dfrws2023-challenge

The DFRWS 2023 challenge (The Troubled Elevator) takes a deep dive into the domain of Industrial Control Systems (ICS), specifically focusing on programmable logic controllers (PLC). This challenge aims to provide deeper insights into ICS network traffic analysis and device memory in a real-world scenario.

malware-research

General malware analysis stuff

Crowdstrike-Deploy

The ultimate solution for remotely deploying Crowdstrike sensors quickly and discreetly on any other EDR platform.

Playbooks

Playbooks designed for IBM SOAR developed by The IR Gurus. These playbooks can be used to demonstrate how to design playbooks, perform automations, and expand your SOP library within your environment.