madchap

core

:house_with_garden: Open source home automation that puts local control and privacy first.

osv-scanner

Vulnerability scanner written in Go which uses the data provided by https://osv.dev

adversarial-robustness-toolbox

Adversarial Robustness Toolbox (ART) - Python Library for Machine Learning Security - Evasion, Poisoning, Extraction, Inference - Red and Blue Teams

Consent-O-Matic

Browser extension that automatically fills out cookie popups based on your preferences

CloudFlair

🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.

scancode-toolkit

:mag: ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase, the Google Summer of Code, Azure credits, nexB and others generous sponsors!

bearer

Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

ray-llm

RayLLM - LLMs on Ray

apexcharts-card

📈 A Lovelace card to display advanced graphs and charts based on ApexChartsJS for Home Assistant

rebuff

LLM Prompt Injection Detector

garak

LLM vulnerability scanner

packj

Packj stops :zap: Solarwinds-, ESLint-, and PyTorch-like attacks by flagging malicious/vulnerable open-source dependencies ("weak links") in your software supply-chain

llm-guard

The Security Toolkit for LLM Interactions

noir

Attack surface detector that identifies endpoints by static analysis

CVE-Half-Day-Watcher

attack_to_cve

🚨ATTENTION🚨 The CVE mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here as an archive.

vet

Tool to achieve policy driven vetting of open source dependencies

LogSlash

A standard for reducing log volume without sacrificing analytical capability

awesome-CISO-maturity-models

Maturity models help integrate traditionally separate organizational functions, set process improvement goals and priorities, provide guidance for quality processes, and provide benchmark for appraising current processes outcomes.

GitGoat

GitGoat is an open source tool that was built to enable DevOps and Engineering teams to design and implement a sustainable misconfiguration prevention strategy. It can be used to test products with access to GitHub repositories without a risk to your production environment.

postmaniac

Postman OSINT tool to extract creds, token, username, email & more from Postman Public Workspaces

pyEzviz

Python package for ezviz cameras

parlay

Enrich SBOMs with data from third party services

vexctl

A tool to create, transform and attest VEX metadata

PESD-Exporter-Extension

PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams

resol-vbus

A JavaScript library for processing RESOL VBus data

ChromeAudit

Nuclei plugins to audit Chrome extensions

materialize-threats

malicious-dependencies

Demonstrates how a malicious dependency could negatively impact the build output.

self-attestation

Markdown Version of the DHS/CISA Secure Software Development Self Attestation Form.