Keep Calm and Read the Friendly Manual :-)
Description:
AIDEFEND (Artificial Intelligence Defense Framework) is an open-source knowledge base of defensive countermeasures to protect AI/ML systems. It features interactive views and maps defenses to threats from MITRE ATLAS, MAESTRO, and OWASP, helping security professionals safeguard AI deployments.
Description:
EntraGoat is a deliberately vulnerable Microsoft Entra ID environment that simulates real-world identity misconfigurations and attack paths for security training. It uses PowerShell scripts and Microsoft Graph APIs to deploy vulnerable configurations in an isolated Entra ID tenant, offering multiple privilege-escalation challenges for hands-on learning.
Description:
Thorium is a scalable, distributed malware analysis framework designed to facilitate cyber incident response, file analysis, and data generation with sandboxed environments, automation, and secure data handling.
Description:
CISA has developed and maintains the publicly accessible Eviction Strategies Tool to support cyber defenders during the containment and eviction phases of incident response (IR). The tool comprises:
Together, Playbook-NG and COUN7ER can assemble a systematic eviction plan that leverages distinct countermeasures to contain and evict a unique intrusion
Description:
GitPhish is a security research tool that assesses GitHub device code authentication flows through various modules, including an auth server and deployment engine, for security testing and analysis.
Description:
A Rust-based utility to scan SSH and TLS servers for Post-Quantum Cryptography support. It generates JSON results and helps identify assets lacking PQC support, aiding in migration efforts aligned with global deadlines for PQC adoption.
Description:
AdaptixC2 is an extensible post-exploitation and adversarial emulation framework designed for penetration testers. It features a server/client architecture, cross-platform GUI, encrypted communication, plugin support, task management, and multi-platform agents, making it a versatile tool for cybersecurity assessments.
Description:
VaulTLS is a self-hosted web app for managing mutual TLS certificates centrally, featuring a modern web interface, OpenID Connect support, email notifications, RESTful API, and Docker support. Built with Rust and Vue.js, it simplifies certificate management for home labs and small environments.
Description:
mitmproxy is an interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
Description:
A mitmproxy addon designed to identify malicious web traffic, supporting rule management, real-time alerts, event logging, and traffic filtering.