mrz-secops-offsec's repositories
cloudsec-rg
Cloud Remediation Guides for Security Events
manager-playbook
:book: Heuristics for effective management
aws-cloudsaga
AWS CloudSaga - Simulate security events in AWS
blocklist-ipsets
ipsets dynamically updated with firehol's update-ipsets.sh script
caldera_pathfinder
Pathfinder is a plugin for mapping network vulnerabilities, scanned by CALDERA or imported by a supported network scanner, and translating those scans into adversaries for network traversal.
cloudgoat
CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool
docker-docusaurus
A docker image for running Docusaurus 2, which is a development version yet, based on lightweight Alpine Linux.
elastalert
Easy & Flexible Alerting With ElasticSearch
ghostbuster
Eliminate dangling elastic IPs by performing analysis on your resources within all your AWS accounts.
grype
A vulnerability scanner for container images and filesystems
ipsum
Daily feed of bad IPs (with blacklist hit scores)
malwoverview
Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, ThreatCrowd, Valhalla, Malware Bazaar, ThreatFox, Triage and it is able to scan Android devices against VT and HA.
nuclei
Fast and customizable vulnerability scanner based on simple YAML based DSL.
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
PEASS-ng
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
PurplePanda
Identify privilege escalation paths within and across different clouds
rtr
Real-time Response scripts and schema
RulesEngine
A Json based Rules Engine with extensive Dynamic expression support
sankeymatic-image
A Sankey diagram builder for containerization
stratus-red-team
:cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud.
syft
CLI tool and library for generating a Software Bill of Materials from container images and filesystems
teller
A secrets management tool for developers built in Go - never leave your command line for secrets.
TesSense
Charge your Tesla with surplus solar generation as detected by your Sense Energy Monitor
tsunami-security-scanner
Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence.
WELA
WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅(ウェラ)