Stars
An AI-powered threat modeling tool that leverages OpenAI's GPT models to generate threat models for a given application based on the STRIDE methodology.
Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management
A comprehensive, systematic and actionable way to understand attacker behaviors and techniques with respect to the software supply chain
An open source, self-hosted implementation of the Tailscale control server
A web application that assists network defenders, analysts, and researchers in the process of mapping adversary behaviors to the MITRE ATT&CK® framework.
A collection of modern/faster/saner alternatives to common unix commands.
A daily curated list of jobs that allow working from anywhere.
a structural diff that understands syntax 🟥🟩
🔐CNCF Security Technical Advisory Group -- secure access, policy control, privacy, auditing, explainability and more!
The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis
ThreatModel for Amazon S3 - Library of all the attack scenarios on Amazon S3, and how to mitigate them following a risk-based approach
Scripts automate the installation and use of Wireguard on AWS with Ubuntu Server 18.04
A requested Github Repo for my Grafana Home Dashboard
A simple, modern and secure encryption tool (and Go library) with small explicit keys, no config options, and UNIX-style composability.
Prevents you from committing secrets and credentials into git repositories
Git commit message: how to write a great git commit message and commit template for version control
A simple zero-config tool to make locally trusted development certificates with any names you'd like.
Awesome Firmware Security & Other Helpful Documents
Simple implementation of an AppSec Pipeline using the Gasp library
Home of the dockerfiles used to build the gasp docker containers
DevSecOps, ASPM, Vulnerability Management. All on one platform.
🔒 OpenVPN server in a Docker container complete with an EasyRSA PKI CA
Sample code and examples for the Web Security Analysis Toolkit workshop.
Things to know when DFIR occurs near a vault deployment.