- Your Production Environment
Stars
Expose a lot of MDE telemetry that is not easily accessible in any searchable form
xforcered / ADOKit
Forked from h4wkst3r/ADOKitAzure DevOps Services Attack Toolkit
This project aims to compare and evaluate the telemetry of various EDR products.
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
The iOS IPA file Reverse Engineering reference
A launch point for your personal nvim configuration
Terraform provider for Panther resources
ADRecon is a tool which gathers information about the Active Directory and generates a report which can provide a holistic picture of the current state of the target AD environment.
Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark
A curated list of awesome Kubernetes security resources
Open Source Cloud Native Application Protection Platform (CNAPP)
A curated list for Awesome Kubernetes Security resources
Are your (sub)domains pwnable ? SubPwnable is a simple Python tool designed to helps you answer this question.
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
Fast subdomains enumeration tool for penetration testers
Awesome free cloud native security learning labs. Includes CTF, self-hosted workshops, guided vulnerability labs, and research labs.
Red Canary Mac Monitor is an advanced, stand-alone system monitoring tool tailor-made for macOS security research. Beginning with Endpoint Security (ES), it collects and enriches system events, dis…
Tools to automate and/or expedite response.
A Burp Suite extension to add OpenAI (GPT) on Burp and help you with your Bug Bounty recon to discover endpoints, params, URLs, subdomains and more!
A highly opinionated, fully featured Obsidian vault that can get you from Zero to Zettelkasten lickety split!
An enterprise friendly way of detecting and preventing secrets in code.
Geo-scale, next-generation peer-to-peer sharing platform built on top of OpenZiti.
Commandline tool for running SQL queries against JSON, CSV, Excel, Parquet, and more.