cisagov / vulnrichment
A repo to conduct vulnerability enrichment.
☆567Updated this week
Alternatives and similar repositories for vulnrichment:
Users that are interested in vulnrichment are comparing it to the libraries listed below
- Streamline vulnerability patching with CVSS, EPSS, and CISA's Known Exploited Vulnerabilities. Prioritize actions based on real-time thre…☆562Updated last week
- Vulnerability-Lookup facilitates quick correlation of vulnerabilities from various sources, independent of vulnerability IDs, and streaml…☆209Updated this week
- ☆359Updated 10 months ago
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆289Updated this week
- Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threa…☆1,255Updated this week
- Stakeholder-Specific Vulnerability Categorization☆136Updated this week
- AttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITRE…☆1,079Updated 2 weeks ago
- ✨ A compilation of suggested tools/services for each component in a detection and response pipeline, along with real-world examples. The …☆269Updated last year
- Global Security Database��☆315Updated 9 months ago
- A collection of real-world threat model examples across various technologies, providing practical insights into identifying and mitigatin…☆411Updated last month
- A curated list of annual cyber security reports☆450Updated this week
- The TTPForge is a Cybersecurity Framework for developing, automating, and executing attacker Tactics, Techniques, and Procedures (TTPs).☆356Updated this week
- Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @Webbi…☆226Updated 5 months ago
- ☆289Updated 6 months ago
- Gram is Klarna's own threat model diagramming tool☆319Updated this week
- Nord Stream is a tool that allows you to extract secrets stored inside CI/CD environments by deploying malicious pipelines. It currently …☆270Updated 2 weeks ago
- This repo contains IOC, malware and malware analysis associated with Public cloud☆248Updated 3 months ago
- Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by devel…☆584Updated last month
- Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation o…☆927Updated last month
- A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,…☆130Updated last year
- BLint is a Binary Linter to check the security properties, and capabilities in your executables. Since v2, blint is also an SBOM generato…☆356Updated this week
- OWASP Foundation Web Respository☆234Updated this week
- OASIS CSAF TC: Supporting version control for Work Product artifacts developed by members of TC, including prose specifications and secon…☆159Updated this week
- Logging Made Easy (LME) is a no cost, open source platform that centralizes log collection, enhances threat detection, and enables real-…☆960Updated this week
- An open project to list all publicly known cloud vulnerabilities and CSP security issues☆319Updated this week
- Scans Software Bill of Materials (SBOMs) for security vulnerabilities☆542Updated last week
- A full insecure kubernetes application for testing security tools☆66Updated this week
- Hourly updated database of exploit and exploitation reports☆254Updated 3 weeks ago
- Open source templates you can use to bootstrap your security programs☆747Updated this week
- A Risk-Based Prioritization Taxonomy for prioritizing CVEs (Common Vulnerabilities and Exposures).☆71Updated 9 months ago