Compare commits
4 Commits
1726e7ee53
...
d60561a973
| Author | SHA1 | Date |
|---|---|---|
Bradley Kemp
|
d60561a973 | |
0xACAB
|
f8ee8314b7 | |
fabacab
|
52614c3dc1 | |
|
Bradley Kemp
|
10463305f8 |
11
README.md
11
README.md
|
|
@ -44,6 +44,7 @@ Many cybersecurity professionals enable racist state violence, wittingly or unwi
|
|||
- [Operating System distributions](#operating-system-distributions)
|
||||
- [Phishing awareness and reporting](#phishing-awareness-and-reporting)
|
||||
- [Preparedness training and wargaming](#preparedness-training-and-wargaming)
|
||||
- [Post-engagement analysis and reporting](#post-engagement-analysis-and-reporting)
|
||||
- [Security configurations](#security-configurations)
|
||||
- [Security monitoring](#security-monitoring)
|
||||
- [Endpoint Detection and Response (EDR)](#endpoint-detection-and-response-edr)
|
||||
|
|
@ -269,6 +270,7 @@ See also [Security Orchestration, Automation, and Response (SOAR)](#security-orc
|
|||
- [OSXCollector](https://github.com/Yelp/osxcollector) - Forensic evidence collection & analysis toolkit for macOS.
|
||||
- [ir-rescue](https://github.com/diogo-fernan/ir-rescue) - Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.
|
||||
- [Margarita Shotgun](https://github.com/ThreatResponse/margaritashotgun) - Command line utility (that works with or without Amazon EC2 instances) to parallelize remote memory acquisition.
|
||||
- [Untitled Goose Tool](https://github.com/cisagov/untitledgoosetool) - Assists incident response teams by exporting cloud artifacts from Azure/AzureAD/M365 environments in order to run a full investigation despite lacking in logs ingested by a SIEM.
|
||||
|
||||
## Network perimeter defenses
|
||||
|
||||
|
|
@ -298,6 +300,7 @@ See also [awesome-pentest § Social Engineering Tools](https://github.com/fabaca
|
|||
- [Gophish](https://getgophish.com/) - Powerful, open-source phishing framework that makes it easy to test your organization's exposure to phishing.
|
||||
- [King Phisher](https://github.com/securestate/king-phisher) - Tool for testing and promoting user awareness by simulating real world phishing attacks.
|
||||
- [NotifySecurity](https://github.com/certsocietegenerale/NotifySecurity) - Outlook add-in used to help your users to report suspicious e-mails to security teams.
|
||||
- [Phish.Report](https://phish.report) - Report phishing sites to both the host and multiple blocklist providers from a single tool.
|
||||
- [Phishing Intelligence Engine (PIE)](https://github.com/LogRhythm-Labs/PIE) - Framework that will assist with the detection and response to phishing attacks.
|
||||
- [Swordphish](https://github.com/certsocietegenerale/swordphish-awareness) - Platform allowing to create and manage (fake) phishing campaigns intended to train people in identifying suspicious mails.
|
||||
- [mailspoof](https://github.com/serain/mailspoof) - Scans SPF and DMARC records for issues that could allow email spoofing.
|
||||
|
|
@ -317,8 +320,13 @@ See also [awesome-pentest § Social Engineering Tools](https://github.com/fabaca
|
|||
- [Metta](https://github.com/uber-common/metta) - Automated information security preparedness tool to do adversarial simulation.
|
||||
- [Network Flight Simulator (`flightsim`)](https://github.com/alphasoc/flightsim) - Utility to generate malicious network traffic and help security teams evaluate security controls and audit their network visibility.
|
||||
- [RedHunt OS](https://github.com/redhuntlabs/RedHunt-OS) - Ubuntu-based Open Virtual Appliance (`.ova`) preconfigured with several threat emulation tools as well as a defender's toolkit.
|
||||
- [Stratus Red Team](https://stratus-red-team.cloud/) - Emulate offensive attack techniques in a granular and self-contained manner against a cloud environment; think "Atomic Red Team™ for the cloud."
|
||||
- [tcpreplay](https://tcpreplay.appneta.com/) - Suite of free Open Source utilities for editing and replaying previously captured network traffic originally designed to replay malicious traffic patterns to Intrusion Detection/Prevention Systems.
|
||||
|
||||
### Post-engagement analysis and reporting
|
||||
|
||||
- [RedEye](https://cisagov.github.io/RedEye/) - Analytic tool to assist both Red and Blue teams with visualizing and reporting command and control activities, replay and demonstrate attack paths, and more clearly communicate remediation recommendations to stakeholders.
|
||||
|
||||
## Security configurations
|
||||
|
||||
(Also known as *secure-by-default baselines* and *implemented best practices*.)
|
||||
|
|
@ -327,7 +335,8 @@ See also [awesome-pentest § Social Engineering Tools](https://github.com/fabaca
|
|||
|
||||
## Security monitoring
|
||||
|
||||
* [Starbase](https://github.com/JupiterOne/starbase) - Collects assets and relationships from services and systems into an intuitive graph view to offer graph-based security analysis for everyone.
|
||||
- [Crossfeed](https://docs.crossfeed.cyber.dhs.gov/) - Continuously enumerates and monitors an organization’s public-facing attack surface in order to discover assets and flag potential security flaws.
|
||||
- [Starbase](https://github.com/JupiterOne/starbase) - Collects assets and relationships from services and systems into an intuitive graph view to offer graph-based security analysis for everyone.
|
||||
|
||||
### Endpoint Detection and Response (EDR)
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue