cisagov / vulnrichment
A repo to conduct vulnerability enrichment.
☆476Updated this week
Related projects ⓘ
Alternatives and complementary repositories for vulnrichment
- Streamline vulnerability patching with CVSS, EPSS, and CISA's Known Exploited Vulnerabilities. Prioritize actions based on real-time thre…☆527Updated this week
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆247Updated this week
- Open source templates you can use to bootstrap your security programs☆502Updated 2 weeks ago
- ☆354Updated 6 months ago
- Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation o…☆835Updated last month
- Stakeholder-Specific Vulnerability Categorization☆128Updated this week
- Gram is Klarna's own threat model diagramming tool☆279Updated last week
- The TTPForge is a Cybersecurity Framework for developing, automating, and executing attacker Tactics, Techniques, and Procedures (TTPs).☆337Updated last week
- An open project to list all publicly known cloud vulnerabilities and CSP security issues☆307Updated this week
- ✨ A compilation of suggested tools/services for each component in a detection and response pipeline, along with real-world examples. The …☆255Updated 9 months ago
- A Risk-Based Prioritization Taxonomy for prioritizing CVEs (Common Vulnerabilities and Exposures).☆67Updated 6 months ago
- Global Security Database☆307Updated 6 months ago
- BLint is a Binary Linter to check the security properties, and capabilities in your executables. Since v2, blint is also an SBOM generato…☆341Updated this week
- This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple…☆562Updated 4 months ago
- CNAPPgoat is an open source project designed to modularly provision vulnerable-by-design components in cloud environments.☆266Updated 2 months ago
- ☆248Updated last month
- A curated list of annual cyber security reports☆308Updated this week
- ☆292Updated 3 months ago
- A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,…☆125Updated 9 months ago
- Save toil in security operations with: Detection & Intelligence Analysis for New Alerts (D.I.A.N.A. )☆148Updated 2 months ago
- AttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITRE…☆969Updated last month
- Microsoft ICSpector (ICS Forensics Tools framework) is an open-source forensics framework that enables the analysis of Industrial PLC met…☆324Updated last month
- RedFlag uses AI to identify high-risk code changes. Run it in batch mode for release candidate testing or in CI pipelines to flag PRs and…☆140Updated last week
- boostsecurityio/poutine☆229Updated last week
- OWASP Foundation Web Respository☆206Updated last week
- Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…☆189Updated last month
- ☆45Updated this week
- This is a collection of threat detection rules / rules engines that I have come across.☆274Updated 6 months ago
- practical toolkit for cybersecurity and IT professionals. It features a detailed Linux cheatsheet for incident response☆363Updated 10 months ago
- Halberd : Multi-Cloud Attack Tool☆193Updated this week