Keep Calm and Read the Friendly Manual :-)
Description:
Clear NDR Community is an open-source Suricata-based network detection and response distribution (NSM/IDS). A turnkey Linux stack (Docker or Debian ISO) incorporating Suricata, OpenSearch, EveBox, Arkime, and Scirius; successor to SELKS. Licensed under GPL-3.0-or-later.
Description:
BruteForceAI is an advanced penetration-testing tool that uses LLMs to analyze login forms and automate multi-threaded brute-force and password-spray attacks, with AI-discovered selectors, evasion features, and webhook notifications for authorized testing.
Description:
garak is an open-source LLM vulnerability scanner that probes for weaknesses in large language models, including hallucination, data leakage, prompt injection, misinformation, toxicity, jailbreaks, and more, using static, dynamic, and adaptive probes.
Description:
Nosey Parker is a CLI tool that detects secrets and sensitive data in text and Git history.
Description:
AIDEFEND (Artificial Intelligence Defense Framework) is an open-source knowledge base of defensive countermeasures to protect AI/ML systems. It features interactive views and maps defenses to threats from MITRE ATLAS, MAESTRO, and OWASP, helping security professionals safeguard AI deployments.
Description:
EntraGoat is a deliberately vulnerable Microsoft Entra ID environment that simulates real-world identity misconfigurations and attack paths for security training. It uses PowerShell scripts and Microsoft Graph APIs to deploy vulnerable configurations in an isolated Entra ID tenant, offering multiple privilege-escalation challenges for hands-on learning.
Description:
Thorium is a scalable, distributed malware analysis framework designed to facilitate cyber incident response, file analysis, and data generation with sandboxed environments, automation, and secure data handling.
Description:
CISA has developed and maintains the publicly accessible Eviction Strategies Tool to support cyber defenders during the containment and eviction phases of incident response (IR). The tool comprises:
Together, Playbook-NG and COUN7ER can assemble a systematic eviction plan that leverages distinct countermeasures to contain and evict a unique intrusion
Description:
GitPhish is a security research tool that assesses GitHub device code authentication flows through various modules, including an auth server and deployment engine, for security testing and analysis.
Description:
A Rust-based utility to scan SSH and TLS servers for Post-Quantum Cryptography support. It generates JSON results and helps identify assets lacking PQC support, aiding in migration efforts aligned with global deadlines for PQC adoption.