freedomofpress / threat-modeling
experimental threat modeling tools
☆14Updated last year
Related projects: ⓘ
- A Java library for programmatically calculating OWASP Risk Rating scores☆18Updated last year
- FSL Test bench - Ansible playbook repository to setup a save environment for security auditing and testing. It can be used for teaching s…☆27Updated 2 months ago
- Notes and reference for ongoing forecasting.☆16Updated 2 years ago
- ☆11Updated this week
- Looks for GitHub org users without 2FA turned on☆9Updated 8 years ago
- Script to check ModSecurity rules agains some WAF☆11Updated 5 years ago
- Command line utility for parsing certificates☆59Updated 3 years ago
- D4 core software (server and sample sensor client)☆43Updated 8 months ago
- OCSP Responder monitor☆31Updated last month
- Extract, defang, resolve names and IPs from text☆22Updated 8 months ago
- A low/zero interaction ssh authentication logging honeypot☆17Updated last month
- ☆13Updated this week
- Expand CIDRs or wrangle a list of IPs back to its smallest CIDR blocks possible☆10Updated 4 years ago
- Tachikoma is a security alerting framework for human beings☆22Updated 6 years ago
- Browser extension that complements the PhishDetect service☆20Updated last year
- Simple tool to monitor network changes over time and trigger alerts☆14Updated 4 years ago
- PCC's aim is to provide a high performing offline tool to easily assess which users are vulnerable to Password Reuse Attacks (a.k.a. Pass…☆18Updated 4 years ago
- Using osquery for Mass Incident Detection & Response☆18Updated 8 years ago
- Salesforce Policy Deviation Checker☆29Updated 3 years ago
- A starter-kit for a source-controlled, CLI-based osquery management workflow.☆30Updated 6 years ago
- Documents pertaining to internal policies and guidelines☆12Updated 7 years ago
- Repo to hold veracode related issues and code snippets☆9Updated 7 years ago
- Passive Bitcoin Project☆10Updated 9 years ago
- Detect Phishing fetching Certificate Transparency Logs☆20Updated 3 years ago
- go-audit is an alternative to the auditd daemon that ships with many distros☆16Updated 5 years ago
- Wrapper for concurrent batch processing of testssl.sh commands☆13Updated 5 years ago
- Slides from presentations I give!☆20Updated 4 months ago
- Custom slash command to do a basic dnsrecon from within Slack☆13Updated 8 years ago
- Notebook collection☆10Updated 5 years ago
- Deceptive tradecraft should be fun and light, not stern and stressful. It is cool to be cute.☆13Updated 9 months ago