Keep Calm and Read the Friendly Manual :-)
Description:
encrypted/remote secret manager. A cross-platform toolset for securely storing and retrieving secrets, with support for age encryption and cloud secret managers (AWS, Azure, GCP), plus OS Keychain and shell integration to load secrets on demand.
Description:
OpenThreat is a free, open-source platform for tracking CVEs and security threats. It aggregates data from trusted sources (NVD, CISA KEV, BSI CERT-Bund) into a REST API with a Next.js frontend and PostgreSQL backend, enabling advanced search, filters, and real-time threat intelligence.
Description:
Clear NDR Community is an open-source Suricata-based network detection and response distribution (NSM/IDS). A turnkey Linux stack (Docker or Debian ISO) incorporating Suricata, OpenSearch, EveBox, Arkime, and Scirius; successor to SELKS. Licensed under GPL-3.0-or-later.
Description:
BruteForceAI is an advanced penetration-testing tool that uses LLMs to analyze login forms and automate multi-threaded brute-force and password-spray attacks, with AI-discovered selectors, evasion features, and webhook notifications for authorized testing.
Description:
garak is an open-source LLM vulnerability scanner that probes for weaknesses in large language models, including hallucination, data leakage, prompt injection, misinformation, toxicity, jailbreaks, and more, using static, dynamic, and adaptive probes.
Description:
Nosey Parker is a CLI tool that detects secrets and sensitive data in text and Git history.
Description:
AIDEFEND (Artificial Intelligence Defense Framework) is an open-source knowledge base of defensive countermeasures to protect AI/ML systems. It features interactive views and maps defenses to threats from MITRE ATLAS, MAESTRO, and OWASP, helping security professionals safeguard AI deployments.
Description:
EntraGoat is a deliberately vulnerable Microsoft Entra ID environment that simulates real-world identity misconfigurations and attack paths for security training. It uses PowerShell scripts and Microsoft Graph APIs to deploy vulnerable configurations in an isolated Entra ID tenant, offering multiple privilege-escalation challenges for hands-on learning.
Description:
Thorium is a scalable, distributed malware analysis framework designed to facilitate cyber incident response, file analysis, and data generation with sandboxed environments, automation, and secure data handling.
Description:
CISA has developed and maintains the publicly accessible Eviction Strategies Tool to support cyber defenders during the containment and eviction phases of incident response (IR). The tool comprises:
Together, Playbook-NG and COUN7ER can assemble a systematic eviction plan that leverages distinct countermeasures to contain and evict a unique intrusion