gitbotsman's starred repositories
nightingale
An all-in-one observability solution which aims to combine the advantages of Prometheus and Grafana. It manages alert rules and visualizes metrics, logs, traces in a beautiful web UI.
PhantomShodan
Shodan.io connector for Phantom Cyber Security Orchestration
Awesome-SOAR
A curated Cyber "Security Orchestration, Automation and Response (SOAR)" awesome list.
django-DefectDojo
DevSecOps, ASPM, Vulnerability Management. All on one platform.
PatrowlManager
PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
PatrowlEngines
PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
mosec-x-plugin-backend
MOSEC-X-PLUGIN 后端API服务
mosec-node-plugin
用于检测 node 项目的第三方依赖组件是否存在安全漏洞。
libaudit-go
go package for interfacing with Linux audit
auditd-attack
A Linux Auditd rule set mapped to MITRE's Attack Framework
linux-baseline
DevSec Linux Baseline - InSpec Profile
SysmonHunter
An easy ATT&CK-based Sysmon hunting tool, showing in Blackhat USA 2019 Arsenal
sysmon-config
Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events with wide CVE Coverage, and Risk Scoring of CVE, UEBA, Forensic, and MITRE ATT&CK Events.
sysmon-config
Sysmon configuration file template with default high-quality event tracing
sysmon-dfir
Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.