tnvo

adversary_emulation_library

An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

architecture-decision-record

Architecture decision record (ADR) examples for software planning, IT leadership, and template documentation

attack-navigator

Web app that provides basic navigation and annotation of ATT&CK matrices

attack_range

A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data into Splunk

AWAE-PREP

This repository will serve as the "master" repo containing all trainings and tutorials done in preperation for OSWE in conjunction with the AWAE course. This repo will likely contain custom code by me and various courses.

aws-customer-playbook-framework

This repository provides sample templates for security playbooks against various scenarios when using Amazon Web Services.

aws-fast-fixes

Scripts to quickly fix security and compliance issues

aws-service-control-policies

Collection of semi-useful Service Control Policies and scripts to manage them

aws_responder

AWS Incident Response Kit (AIRK) - AWS Incident Response

axiom

A dynamic infrastructure toolkit for red teamers and bug bounty hunters!

brim

Desktop application to efficiently search large packet captures and Zeek logs.

brrcon

BrrCon website

canarytokens-docker

Docker configuration to quickly setup your own Canarytokens.

capes-docker

Cyber Analytics Platform and Examination System (CAPES) Project Page

decode-spam-headers

A script that helps you understand why your E-Mail ended up in Spam

juice-shop

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

Malware-Lake

A python script that allows a researcher to merge databases from Malshare and Malware Bazaar to created enrriched datasets from SIEM tools

malz

panther

Detect threats with log data and improve cloud security posture

prisma-cloud-devsecops-workshop

DevSecOps with Prisma Cloud

pysnyk

A Python client for the Snyk API.

RedELK

Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.

security_content

Splunk Security Content

Security_list

Great security list for fun and profit

securityheaders

Check any website (or set of websites) for insecure security headers.

terraform-aws-secure-baseline

Terraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.

TIDoS-Framework

The Offensive Manual Web Application Penetration Testing Framework.

useful-scripts

Venator

Venator is a python tool used to gather data for proactive detection of malicious activity on macOS devices.

zq

Command-line processor for structured logs