yevh / TaaC-AI
AI-driven Threat modeling-as-a-Code (TaaC-AI)
☆113Updated 5 months ago
Related projects ⓘ
Alternatives and complementary repositories for TaaC-AI
- ☆184Updated 3 months ago
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …☆55Updated 4 months ago
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…☆82Updated 10 months ago
- A tool to uncover undocumented APIs from the AWS Console.☆80Updated last month
- A Risk-Based Prioritization Taxonomy for prioritizing CVEs (Common Vulnerabilities and Exposures).☆67Updated 6 months ago
- OWASP Foundation Web Respository☆19Updated 3 weeks ago
- An AI-powered tool for discovering privilege escalation opportunities in AWS IAM configurations.☆96Updated last month
- ☆248Updated last month
- RedFlag uses AI to identify high-risk code changes. Run it in batch mode for release candidate testing or in CI pipelines to flag PRs and…☆140Updated 2 weeks ago
- ☆67Updated 8 months ago
- Cloud Commotion intends to cause chaos to simulate security incidents☆138Updated 4 months ago
- MetaHub is an automated contextual security findings enrichment and impact evaluation tool for vulnerability management.☆155Updated last week
- AIGoat: A deliberately Vulnerable AI Infrastructure. Learn AI security through solving our challenges.☆78Updated 2 months ago
- The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.☆169Updated 9 months ago
- A self assessment tool to help understand your level in the SANS Vulnerability Management Maturity Model (VMMM).☆19Updated last year
- Save toil in security operations with: Detection & Intelligence Analysis for New Alerts (D.I.A.N.A. )☆152Updated 2 months ago
- The Security Champion Framework provides both a measuring stick and a roadmap generator for Champion Programs.☆104Updated 9 months ago
- This is a companion to the Security Engineer Questions☆200Updated 11 months ago
- Curated list of Open Source project focused on LLM security☆28Updated this week
- StartLeft is an automation tool for generating Threat Models written in the Open Threat Model (OTM) format from a variety of different so…☆48Updated last week
- A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.☆61Updated 6 months ago
- Use AI to Scan Your Code from the Command Line for security and code smells. Bring your own keys. Supports OpenAI and Gemini☆149Updated 7 months ago
- Nextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrix☆57Updated last year
- Anvilogic Forge☆86Updated this week
- Adaptive AWS Zero Trust Policy made easy: Auto-generate least-privilege policies based on user activity in real time! Accelerate the adop…☆73Updated 6 months ago
- Gram is Klarna's own threat model diagramming tool☆280Updated 2 weeks ago
- When good OAuth apps go rogue. Documents observed OAuth application tradecraft☆42Updated 3 weeks ago
- Dragon-GPT uses Chat-GPT, or local LLM, to execute automatic and AI-powered threat modeling analysis on a given OWASP Threat Dragon diagr…☆31Updated last year
- Static code analyser for backdoors and malicious code in git repos using OpenAI compatible LLM APIs☆69Updated 8 months ago
- AWS honey token manager☆84Updated 3 months ago
- OWASP Foundation Web Respository☆54Updated last year