Clear NDR Community

Clear NDR Community

License: GPL-3.0-or-later


Description:

Clear NDR Community is an open-source Suricata-based network detection and response distribution (NSM/IDS). A turnkey Linux stack (Docker or Debian ISO) incorporating Suricata, OpenSearch, EveBox, Arkime, and Scirius; successor to SELKS. Licensed under GPL-3.0-or-later.

BruteForceAI

BruteForceAI

License: Non-Commercial License


Description:

BruteForceAI is an advanced penetration-testing tool that uses LLMs to analyze login forms and automate multi-threaded brute-force and password-spray attacks, with AI-discovered selectors, evasion features, and webhook notifications for authorized testing.

garak

garak

License: Apache-2.0


Description:

garak is an open-source LLM vulnerability scanner that probes for weaknesses in large language models, including hallucination, data leakage, prompt injection, misinformation, toxicity, jailbreaks, and more, using static, dynamic, and adaptive probes.

AIDEFEND Framework

AIDEFEND Framework

License: Creative Commons Attribution 4.0 International (CC BY 4.0)


Description:

AIDEFEND (Artificial Intelligence Defense Framework) is an open-source knowledge base of defensive countermeasures to protect AI/ML systems. It features interactive views and maps defenses to threats from MITRE ATLAS, MAESTRO, and OWASP, helping security professionals safeguard AI deployments.

EntraGoat


EntraGoat

License: MIT


Description:

EntraGoat is a deliberately vulnerable Microsoft Entra ID environment that simulates real-world identity misconfigurations and attack paths for security training. It uses PowerShell scripts and Microsoft Graph APIs to deploy vulnerable configurations in an isolated Entra ID tenant, offering multiple privilege-escalation challenges for hands-on learning.

thorium


thorium

License:


Description:

Thorium is a scalable, distributed malware analysis framework designed to facilitate cyber incident response, file analysis, and data generation with sandboxed environments, automation, and secure data handling.

Eviction Strategies Tool – Playbook-NG


Eviction Strategies Tool

License: MIT


Description:

CISA has developed and maintains the publicly accessible Eviction Strategies Tool to support cyber defenders during the containment and eviction phases of incident response (IR). The tool comprises: 

  • Playbook-NG, a web application for next-generation operations; and
  • COUN7ER, a database of atomic post-compromise countermeasures mapped to adversary tactics, techniques, and procedures (TTPs). 

Together, Playbook-NG and COUN7ER can assemble a systematic eviction plan that leverages distinct countermeasures to contain and evict a unique intrusion

GitPhish

GitPhish

License: Apache-2.0 license


Description:

GitPhish is a security research tool that assesses GitHub device code authentication flows through various modules, including an auth server and deployment engine, for security testing and analysis.