Open Threat Modeling Template

Best Practice Auditd Configuration

This python app generates NIST 800 53 control implementation for each control and generate the CSV file.

NextDNS CLI client (DoH Proxy)

⭐️ A curated list of awesome forensic analysis tools and resources

One place for all the default credentials to assist the Blue/Red teamers identifying devices with default password 🛡️

Python library to parse and convert Sigma rules into queries (and whatever else you could imagine)

Useful resources for SOC Analyst and SOC Analyst candidates.

Enterprise Data Loss Prevention - Profile, Classify, Protect Enterprise Data

Data Loss Prevention (DLP) Sample Data Files

The Elevation of Privilege Threat Modeling Game

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.

Security Certification Roadmap HTML5/CSS3 version

Google SRE Book Generator (EPUB/MOBI/PDF).

The principal objective of this project is to develop a knowledge base of the tactics, techniques, and procedures (TTPs) used by insiders in the IT environment. It will establish an Insider Threat …

🔥 Web-application firewalls (WAFs) from security standpoint.

CISO Assistant is a one-stop-shop for GRC, covering Risk, AppSec and Compliance/Audit Management and supporting +70 frameworks worldwide with auto-mapping: NIST CSF, ISO 27001, SOC2, CIS, PCI DSS, …

List of Awesome Asset Discovery Resources

This project aims to compare and evaluate the telemetry of various EDR products.

Mark Baggett's (@MarkBaggett - GSE #15, SANS SEC573 Author) tool for detecting randomness using NLP techniques rather than pure entropy calculations. Uses character pair frequency analysis to deter…

Automatically assess and score software repositories for supply chain risk.

Warning lists to inform users of MISP about potential false-positives or other information in indicators