cisagov / vulnrichment
A repo to conduct vulnerability enrichment.
☆484Updated this week
Related projects ⓘ
Alternatives and complementary repositories for vulnrichment
- Streamline vulnerability patching with CVSS, EPSS, and CISA's Known Exploited Vulnerabilities. Prioritize actions based on real-time thre…☆534Updated 2 weeks ago
- Stakeholder-Specific Vulnerability Categorization☆130Updated this week
- ☆356Updated 7 months ago
- The TTPForge is a Cybersecurity Framework for developing, automating, and executing attacker Tactics, Techniques, and Procedures (TTPs).☆342Updated this week
- This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple…☆567Updated 4 months ago
- Open source templates you can use to bootstrap your security programs☆518Updated 3 weeks ago
- AttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITRE…☆973Updated last month
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆255Updated this week
- Gram is Klarna's own threat model diagramming tool☆282Updated this week
- A Risk-Based Prioritization Taxonomy for prioritizing CVEs (Common Vulnerabilities and Exposures).☆68Updated 6 months ago
- Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation o…☆852Updated 2 months ago
- Save toil in security operations with: Detection & Intelligence Analysis for New Alerts (D.I.A.N.A. )☆158Updated 2 months ago
- Vulnerability-Lookup facilitates quick correlation of vulnerabilities from various sources, independent of vulnerability IDs, and streaml…☆136Updated this week
- ✨ A compilation of suggested tools/services for each component in a detection and response pipeline, along with real-world examples. The …☆260Updated 9 months ago
- boostsecurityio/poutine☆232Updated this week
- BLint is a Binary Linter to check the security properties, and capabilities in your executables. Since v2, blint is also an SBOM generato…☆343Updated 2 weeks ago
- A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,…☆126Updated 9 months ago
- Halberd : Multi-Cloud Attack Tool☆209Updated this week
- A curated list of annual cyber security reports☆332Updated this week
- OWASP Foundation Web Respository☆209Updated last week
- Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…☆199Updated this week
- ☆252Updated last month
- An AI-powered threat modeling tool that leverages OpenAI's GPT models to generate threat models for a given application based on the STRI…☆490Updated last month
- GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment☆443Updated last month
- Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by devel…☆556Updated 2 weeks ago
- GitHub Actions Pipeline Enumeration and Attack Tool☆569Updated 3 months ago
- Community reconstruction of the legacy JSON NVD Data Feeds. This project uses and redistributes data from the NVD API but is neither endo…☆114Updated this week
- Global Security Database☆309Updated 6 months ago
- Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @Webbi…☆209Updated 2 months ago
- MITRE Caldera™ for OT Plugins & Capabilities☆195Updated this week