Description:
Planet-scale identity and access infrastructure
Security
TRASA
Description:
TRASA is a unified access control platform with identity-aware access proxy, privileged access management, two-factor authentication, device trust, and access policy features that enable secure remote access to Web, SSH, RDP, and Database services. These features cumulatively enables zero trust access control security model to every remote access endpoints.
The Helk
Description:
The Hunting ELK or simply the HELK is one of the first open source hunt platforms with advanced analytics capabilities such as SQL declarative language, graphing, structured streaming, and even machine learning via Jupyter notebooks and Apache Spark over an ELK stack. This project was developed primarily for research, but due to its flexible design and core components, it can be deployed in larger environments with the right configurations and scalable infrastructure.
T-Pot
Description:
T-Pot is the all in one, optionally distributed, multiarch (amd64, arm64) honeypot plattform, supporting 20+ honeypots and countless visualization options using the Elastic Stack, animated live attack maps and lots of security tools to further improve the deception experience.
Commando VM
Description:
Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution.
Trufflehog
Description:
TruffleHog is an open source secret-scanning engine that helps resolve exposed secrets across your company’s entire tech stack.
Sandbox
Description:
Sandwich is a multi-platform, multi-language, open-source library that provides a simple unified API for developers to use (multiple) cryptographic libraries in their applications.
Bloodhound CE
Description:
BloodHound is a monolithic web application composed of an embedded React frontend with Sigma.js and a Go based REST API backend. It is deployed with a Postgresql application database and a Neo4j graph database, and is fed by the SharpHound and AzureHound data collectors. BloodHound uses graph theory to reveal the hidden and often unintended relationships within an Active Directory or Azure environment. Attackers can use BloodHound to easily identify highly complex attack paths that would otherwise be impossible to quickly identify. Defenders can use BloodHound to identify and eliminate those same attack paths. Both blue and red teams can use BloodHound to easily gain a deeper understanding of privilege relationships in an Active Directory or Azure environment. BloodHound CE is created and maintained by the BloodHound Enterprise Team. The original BloodHound was created by @_wald0, @CptJesus, and @harmj0y.
Warpgate
Description:
Warpgate is a smart SSH, HTTPS and MySQL bastion host for Linux that doesn’t need special client apps. Set it up in your DMZ, add user accounts and easily assign them to specific hosts and URLs within the network. Warpgate will record every session for you to view (live) and replay later through a built-in admin web UI. Not a jump host – forwards your connections straight to the target instead. Native 2FA and SSO support (TOTP & OpenID Connect) Single binary with no dependencies. Written in 100% safe Rust.
OpenSnitch
Description:
OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.