From 6ae31d77f50322428253067c26f1244eb3327d8b Mon Sep 17 00:00:00 2001 From: Yuli Date: Tue, 9 Feb 2021 10:56:44 +0200 Subject: [PATCH 01/15] Adding Databunker --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index ae87d02..b1fe828 100644 --- a/README.md +++ b/README.md @@ -345,6 +345,7 @@ Provided data: IPv4 hosts, sub/domains/whois, ports/banners/protocols, technolog ## Datastores +- [databunker](https://databunker.org/) - Databunker is an address book on steroids for storing personal data. GDPR and encryption are out of the box. - [acra](https://github.com/cossacklabs/acra) - Database security suite: proxy for data protection with transparent "on the fly" data encryption, data masking and tokenization, SQL firewall (SQL injections prevention), intrusion detection system. - [blackbox](https://github.com/StackExchange/blackbox) - Safely store secrets in a VCS repo using GPG - [confidant](https://github.com/lyft/confidant) - Stores secrets in AWS DynamoDB, encrypted at rest and integrates with IAM From 3b8667f761d9f1dd01665c1274bfad1da014c7b4 Mon Sep 17 00:00:00 2001 From: Justin Dorfman Date: Sat, 17 Apr 2021 08:03:07 -0700 Subject: [PATCH 02/15] Add Curiefense to Web Application Firewall section --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index d54d83a..a7143f0 100644 --- a/README.md +++ b/README.md @@ -265,6 +265,7 @@ Thanks to all [contributors](https://github.com/sbilly/awesome-security/graphs/c - [NAXSI](https://github.com/nbs-system/naxsi) - NAXSI is an open-source, high performance, low rules maintenance WAF for NGINX, NAXSI means Nginx Anti Xss & Sql Injection. - [sql_firewall](https://github.com/uptimejp/sql_firewall) SQL Firewall Extension for PostgreSQL - [ironbee](https://github.com/ironbee/ironbee) - IronBee is an open source project to build a universal web application security sensor. IronBee as a framework for developing a system for securing web applications - a framework for building a web application firewall (WAF). +- [Curiefense](https://github.com/curiefense/curiefense) - Curiefense adds a broad set of automated web security tools, including a WAF to Envoy Proxy. ### Scanning / Pentesting From eaaa992fda0d2523f17bee77c35425526cd951b4 Mon Sep 17 00:00:00 2001 From: anuragchula <83449657+anuragchula@users.noreply.github.com> Date: Sat, 8 May 2021 14:43:22 +0800 Subject: [PATCH 03/15] Add UDcide, an Android malware behavior editor UDcide is a tool that provides alternative way to deal with Android malware. We help you to detect and remove specific behaviors in the malware rather than just delete the whole binary. And surprisingly, we make the binary runs still. This enables possibilities of malware research and makes good use of the normal behaviors in the malware. --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index d54d83a..9b5e279 100644 --- a/README.md +++ b/README.md @@ -219,6 +219,7 @@ Thanks to all [contributors](https://github.com/sbilly/awesome-security/graphs/c - [hardened_malloc](https://github.com/GrapheneOS/hardened_malloc) - Hardened allocator designed for modern systems. It has integration into Android's Bionic libc and can be used externally with musl and glibc as a dynamic library for use on other Linux-based platforms. It will gain more portability / integration over time. - [AMExtractor](https://github.com/ir193/AMExtractor) - AMExtractor can dump out the physical content of your Android device even without kernel source code. - [frida](https://github.com/frida/frida) - Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers. +- [UDcide](https://github.com/UDcide/udcide) - Android Malware Behavior Editor. ### Forensics From e4edc86946f086500b0da8f9b6d1e7dd6d9b98ed Mon Sep 17 00:00:00 2001 From: "Dotan J. Nahum" Date: Thu, 27 May 2021 11:41:02 +0300 Subject: [PATCH 04/15] Add Netz to scanning, Preflight and Teller to DevOps --- README.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/README.md b/README.md index d54d83a..a725a7d 100644 --- a/README.md +++ b/README.md @@ -72,6 +72,7 @@ Thanks to all [contributors](https://github.com/sbilly/awesome-security/graphs/c - [RustScan](https://github.com/RustScan/RustScan) - Faster Nmap scanning with Rust. Take a 17 minute Nmap scan down to 19 seconds. - [Boofuzz](https://github.com/jtpereyda/boofuzz) - Fuzzing engine and fuzz testing framework. - [monsoon](https://github.com/RedTeamPentesting/monsoon) - Very flexible and fast interactive HTTP enumeration/fuzzing. +- [Netz](https://github.com/spectralops/netz)- Discover internet-wide misconfigurations, using zgrab2 and others. ### Monitoring / Logging @@ -328,6 +329,8 @@ Provided data: IPv4 hosts, sub/domains/whois, ports/banners/protocols, technolog - [ansible-os-hardening](https://github.com/dev-sec/ansible-os-hardening) - Ansible role for OS hardening - [bunkerized-nginx](https://github.com/bunkerity/bunkerized-nginx) - nginx Docker image secure by default - [Trivy](https://github.com/aquasecurity/trivy) - A simple and comprehensive vulnerability scanner for containers and other artifacts, suitable for CI. +- [Preflight](https://github.com/spectralops/preflight) - helps you verify scripts and executables to mitigate supply chain attacks in your CI and other systems. +- [Teller](https://github.com/spectralops/teller) - a secrets management tool for devops and developers - manage secrets across multiple vaults and keystores from a single place. ## Operating Systems From 4d1c27d9234e4d49afa38c720b2c7f929d16b986 Mon Sep 17 00:00:00 2001 From: Mads Jensen Date: Thu, 17 Jun 2021 15:33:06 +0200 Subject: [PATCH 05/15] Add tfsec to development section --- README.md | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index d54d83a..37a3b55 100644 --- a/README.md +++ b/README.md @@ -296,6 +296,7 @@ Provided data: IPv4 hosts, sub/domains/whois, ports/banners/protocols, technolog - [OWASP ZAP Node API](https://github.com/zaproxy/zap-api-nodejs) - Leverage the OWASP Zed Attack Proxy (ZAP) within your NodeJS applications with this official API. - [GuardRails](https://github.com/apps/guardrails) - A GitHub App that provides security feedback in Pull Requests. - [Checkov](https://github.com/bridgecrewio/checkov/) - A static analysis tool for infrastucture as code (Terraform). +- [TFSec](https://github.com/tfsec/tfsec/) - A static analysis tool for infrastucture as code (Terraform). - [KICS](https://github.com/Checkmarx/kics) - Scans IaC projects for security vulnerabilities, compliance issues, and infrastructure misconfiguration. Currently working with Terraform projects, Kubernetes manifests, Dockerfiles, AWS CloudFormation Templates, and Ansible playbooks. - [Insider CLI](https://github.com/insidersec/insider) - A open source Static Application Security Testing tool (SAST) written in GoLang for Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C# and Javascript (Node.js). @@ -327,7 +328,7 @@ Provided data: IPv4 hosts, sub/domains/whois, ports/banners/protocols, technolog - [Securing DevOps](https://manning.com/books/securing-devops) - A book on Security techniques for DevOps that reviews state of the art practices used in securing web applications and their infrastructure. - [ansible-os-hardening](https://github.com/dev-sec/ansible-os-hardening) - Ansible role for OS hardening - [bunkerized-nginx](https://github.com/bunkerity/bunkerized-nginx) - nginx Docker image secure by default -- [Trivy](https://github.com/aquasecurity/trivy) - A simple and comprehensive vulnerability scanner for containers and other artifacts, suitable for CI. +- [Trivy](https://github.com/aquasecurity/trivy) - A simple and comprehensive vulnerability scanner for containers and other artifacts, suitable for CI. ## Operating Systems @@ -335,7 +336,7 @@ Provided data: IPv4 hosts, sub/domains/whois, ports/banners/protocols, technolog - [Qubes OS](https://www.qubes-os.org/) - Qubes OS is a free and open-source security-oriented operating system meant for single-user desktop computing. - [Whonix](https://www.whonix.org) - Operating System designed for anonymity. -- [Tails OS](https://tails.boum.org/) - Tails is a portable operating system that protects against surveillance and censorship. +- [Tails OS](https://tails.boum.org/) - Tails is a portable operating system that protects against surveillance and censorship. ### Online resources @@ -405,7 +406,7 @@ Provided data: IPv4 hosts, sub/domains/whois, ports/banners/protocols, technolog - [Awesome Crypto Papers](https://github.com/pFarb/awesome-crypto-papers) - A curated list of cryptography papers, articles, tutorials and howtos. - [Awesome Shodan Search Queries](https://github.com/jakejarvis/awesome-shodan-queries) - A collection of interesting, funny, and depressing search queries to plug into Shodan.io. - [Awesome Anti Forensics](https://github.com/remiflavien1/awesome-anti-forensic) - A collection of awesome tools used to counter forensics activities. -- [Awesome Security Talks & Videos](https://github.com/PaulSec/awesome-sec-talks) - A curated list of awesome security talks, organized by year and then conference. +- [Awesome Security Talks & Videos](https://github.com/PaulSec/awesome-sec-talks) - A curated list of awesome security talks, organized by year and then conference. ### Other Common Awesome Lists From fa26220d4f9b975712985a999c4d7c72f860ae29 Mon Sep 17 00:00:00 2001 From: Dennis Byrne Date: Sun, 18 Jul 2021 13:29:40 -0800 Subject: [PATCH 06/15] Full Stack Python Security --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 2aca6c2..7d23a68 100644 --- a/README.md +++ b/README.md @@ -302,6 +302,7 @@ Provided data: IPv4 hosts, sub/domains/whois, ports/banners/protocols, technolog - [TFSec](https://github.com/tfsec/tfsec/) - A static analysis tool for infrastucture as code (Terraform). - [KICS](https://github.com/Checkmarx/kics) - Scans IaC projects for security vulnerabilities, compliance issues, and infrastructure misconfiguration. Currently working with Terraform projects, Kubernetes manifests, Dockerfiles, AWS CloudFormation Templates, and Ansible playbooks. - [Insider CLI](https://github.com/insidersec/insider) - A open source Static Application Security Testing tool (SAST) written in GoLang for Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C# and Javascript (Node.js). +- [Full Stack Python Security](https://www.manning.com/books/full-stack-python-security) - A comprehensive look at cybersecurity for Python developers ## Exploits & Payloads From e154f0ee1bfea276e980f2a7826ca6b1dd53bb08 Mon Sep 17 00:00:00 2001 From: Flavian Hautbois Date: Mon, 23 Aug 2021 12:47:27 +0200 Subject: [PATCH 07/15] Add a social engineering tool: Gophish --- README.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/README.md b/README.md index 2aca6c2..beff9f3 100644 --- a/README.md +++ b/README.md @@ -30,6 +30,7 @@ Thanks to all [contributors](https://github.com/sbilly/awesome-security/graphs/c - [Mobile / Android / iOS](#mobile--android--ios) - [Forensics](#forensics) - [Threat Intelligence](#threat-intelligence) + - [Social Engineering](#social-engineering) - [Web](#web) - [Organization](#organization) - [Web Application Firewall](#web-application-firewall) @@ -254,6 +255,10 @@ Thanks to all [contributors](https://github.com/sbilly/awesome-security/graphs/c - [MISP - Open Source Threat Intelligence Platform ](https://www.misp-project.org/) - MISP threat sharing platform is a free and open source software helping information sharing of threat intelligence including cyber security indicators. A threat intelligence platform for gathering, sharing, storing and correlating Indicators of Compromise of targeted attacks, threat intelligence, financial fraud information, vulnerability information or even counter-terrorism information. The MISP project includes software, common libraries ([taxonomies](https://www.misp-project.org/taxonomies.html), [threat-actors and various malware](https://www.misp-project.org/galaxy.html)), an extensive data model to share new information using [objects](https://www.misp-project.org/objects.html) and default [feeds](https://www.misp-project.org/feeds/). - [PhishStats](https://phishstats.info/) - Phishing Statistics with search for IP, domain and website title. +## Social Engineering + +- [Gophish](https://getgophish.com/) - An Open-Source Phishing Framework. + ## Web ### Organization From b4f0ea9fb41ac8261f635de5a733bc0cfaa388d4 Mon Sep 17 00:00:00 2001 From: "Dotan J. Nahum" Date: Mon, 4 Oct 2021 13:25:04 +0300 Subject: [PATCH 08/15] Adding Keyscope (OSS) --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 413694d..b527864 100644 --- a/README.md +++ b/README.md @@ -289,6 +289,7 @@ Provided data: IPv4 hosts, sub/domains/whois, ports/banners/protocols, technolog - [padding-oracle-attacker](https://github.com/KishanBagaria/padding-oracle-attacker) - padding-oracle-attacker is a CLI tool and library to execute padding oracle attacks (which decrypts data encrypted in CBC mode) easily, with support for concurrent network requests and an elegant UI. - [is-website-vulnerable](https://github.com/lirantal/is-website-vulnerable) - finds publicly known security vulnerabilities in a website's frontend JavaScript libraries. - [PhpSploit](https://github.com/nil0x42/phpsploit) - Full-featured C2 framework which silently persists on webserver via evil PHP oneliner. Built for stealth persistence, with many privilege-escalation & post-exploitation features. +- [Keyscope](https://github.com/SpectralOps/keyscope) - Keyscope is an extensible key and secret validation for checking active secrets against multiple SaaS vendors built in Rust ### Runtime Application Self-Protection From 0c3ec9c8c2cdde09030cc967142cf0bdf67846fc Mon Sep 17 00:00:00 2001 From: mazzma12 Date: Fri, 8 Oct 2021 15:22:18 +0200 Subject: [PATCH 09/15] Add mention of CrowdSec to the IDS/IPS section --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index b527864..65aa7b3 100644 --- a/README.md +++ b/README.md @@ -101,6 +101,7 @@ Thanks to all [contributors](https://github.com/sbilly/awesome-security/graphs/c - [Fail2Ban](http://www.fail2ban.org/wiki/index.php/Main_Page) - Scans log files and takes action on IPs that show malicious behavior. - [SSHGuard](http://www.sshguard.net/) - A software to protect services in addition to SSH, written in C - [Lynis](https://cisofy.com/lynis/) - an open source security auditing tool for Linux/Unix. +- [CrowdSec](https://github.com/crowdsecurity/crowdsec) - CrowdSec is a free, modern & collaborative behavior detection engine, coupled with a global IP reputation network. It stacks on Fail2Ban's philosophy but is IPV6 compatible and 60x faster (Go vs Python), uses Grok patterns to parse logs and YAML scenario to identify behaviors. CrowdSec is engineered for modern Cloud / Containers / VM based infrastructures (by decoupling detection and remediation). Once detected, you can remedy threats with various bouncers (firewall block, nginx http 403, Captchas, etc.) while the aggressive IPs can be sent to CrowdSec for curation before being shared among all users to further strengthen the community ### Honey Pot / Honey Net From 7b1bbaf60a1a5552330b035963e63f666c7a3719 Mon Sep 17 00:00:00 2001 From: David Wong Date: Sun, 10 Oct 2021 12:52:59 -0700 Subject: [PATCH 10/15] added The Security Engineer Handbook --- README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index b527864..e9a05cd 100644 --- a/README.md +++ b/README.md @@ -388,9 +388,10 @@ Provided data: IPv4 hosts, sub/domains/whois, ports/banners/protocols, technolog - [How to Hack Like a Legend](https://amzn.to/2uWh1Up) - A hacker’s tale breaking into a secretive offshore company, Sparc Flow, 2018 - [How to Investigate Like a Rockstar](https://books2read.com/u/4jDWoZ) - Live a real crisis to master the secrets of forensic analysis, Sparc Flow, 2017 - [Real World Cryptography](https://www.manning.com/books/real-world-cryptography) - This early-access book teaches you applied cryptographic techniques to understand and apply security at every level of your systems and applications. -- [AWS Security](https://www.manning.com/books/aws-security?utm_source=github&utm_medium=organic&utm_campaign=book_shields_aws_1_31_20) - This early-access book covers commong AWS security issues and best practices for access policies, data protection, auditing, continuous monitoring, and incident response. +- [AWS Security](https://www .manning.com/books/aws-security?utm_source=github&utm_medium=organic&utm_campaign=book_shields_aws_1_31_20) - This early-access book covers commong AWS security issues and best practices for access policies, data protection, auditing, continuous monitoring, and incident response. - [The Art of Network Penetration Testing](https://www.manning.com/books/the-art-of-network-penetration-testing) - Book that is a hands-on guide to running your own penetration test on an enterprise network. (early access, published continuously, final release December 2020) - [Spring Boot in Practice](https://www.manning.com/books/spring-boot-in-practice) - Book that is a practical guide which presents dozens of relevant scenarios in a convenient problem-solution-discussion format.. (early access, published continuously, final release fall 2021) +- [The Security Engineer Handbook](https://securityhandbook.io/) - A short read that discusses the dos and dont's of working in a security team, and the many tricks and tips that can help you in your day-to-day as a security engineer. ## Other Awesome Lists From 6eb9f11a05ce87a0b12f1cf2444762e84ef1cf9f Mon Sep 17 00:00:00 2001 From: David Wong Date: Mon, 11 Oct 2021 08:52:50 -0700 Subject: [PATCH 11/15] fix typo --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index e9a05cd..b38b96e 100644 --- a/README.md +++ b/README.md @@ -388,7 +388,7 @@ Provided data: IPv4 hosts, sub/domains/whois, ports/banners/protocols, technolog - [How to Hack Like a Legend](https://amzn.to/2uWh1Up) - A hacker’s tale breaking into a secretive offshore company, Sparc Flow, 2018 - [How to Investigate Like a Rockstar](https://books2read.com/u/4jDWoZ) - Live a real crisis to master the secrets of forensic analysis, Sparc Flow, 2017 - [Real World Cryptography](https://www.manning.com/books/real-world-cryptography) - This early-access book teaches you applied cryptographic techniques to understand and apply security at every level of your systems and applications. -- [AWS Security](https://www .manning.com/books/aws-security?utm_source=github&utm_medium=organic&utm_campaign=book_shields_aws_1_31_20) - This early-access book covers commong AWS security issues and best practices for access policies, data protection, auditing, continuous monitoring, and incident response. +- [AWS Security](https://www.manning.com/books/aws-security?utm_source=github&utm_medium=organic&utm_campaign=book_shields_aws_1_31_20) - This early-access book covers commong AWS security issues and best practices for access policies, data protection, auditing, continuous monitoring, and incident response. - [The Art of Network Penetration Testing](https://www.manning.com/books/the-art-of-network-penetration-testing) - Book that is a hands-on guide to running your own penetration test on an enterprise network. (early access, published continuously, final release December 2020) - [Spring Boot in Practice](https://www.manning.com/books/spring-boot-in-practice) - Book that is a practical guide which presents dozens of relevant scenarios in a convenient problem-solution-discussion format.. (early access, published continuously, final release fall 2021) - [The Security Engineer Handbook](https://securityhandbook.io/) - A short read that discusses the dos and dont's of working in a security team, and the many tricks and tips that can help you in your day-to-day as a security engineer. From d3259cf660cea0d9d495124e3db8694b8e1768bc Mon Sep 17 00:00:00 2001 From: Ramanan Ravikumar Date: Tue, 19 Oct 2021 14:53:25 +0530 Subject: [PATCH 12/15] Add ThreatMapper --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 65aa7b3..e89f7e3 100644 --- a/README.md +++ b/README.md @@ -74,6 +74,7 @@ Thanks to all [contributors](https://github.com/sbilly/awesome-security/graphs/c - [Boofuzz](https://github.com/jtpereyda/boofuzz) - Fuzzing engine and fuzz testing framework. - [monsoon](https://github.com/RedTeamPentesting/monsoon) - Very flexible and fast interactive HTTP enumeration/fuzzing. - [Netz](https://github.com/spectralops/netz)- Discover internet-wide misconfigurations, using zgrab2 and others. +- [Deepfence ThreatMapper](https://github.com/deepfence/ThreatMapper) - Apache v2, powerful runtime vulnerability scanner for kubernetes, virtual machines and serverless. ### Monitoring / Logging From b64fccccff11eb0e572b1fe9a5037b55128cf608 Mon Sep 17 00:00:00 2001 From: jsirichai Date: Tue, 26 Oct 2021 17:55:07 +0700 Subject: [PATCH 13/15] Add reFlutter --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index cd82456..10f6a42 100644 --- a/README.md +++ b/README.md @@ -224,6 +224,7 @@ Thanks to all [contributors](https://github.com/sbilly/awesome-security/graphs/c - [AMExtractor](https://github.com/ir193/AMExtractor) - AMExtractor can dump out the physical content of your Android device even without kernel source code. - [frida](https://github.com/frida/frida) - Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers. - [UDcide](https://github.com/UDcide/udcide) - Android Malware Behavior Editor. +- [reFlutter](https://github.com/ptswarm/reFlutter) - Flutter Reverse Engineering Framework ### Forensics From 206e0f016b6b13d01d032207f9ad718ded5613b0 Mon Sep 17 00:00:00 2001 From: Pedro de Castro Date: Fri, 29 Oct 2021 00:21:40 +0200 Subject: [PATCH 14/15] Add Wazuh --- README.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 10f6a42..836d125 100644 --- a/README.md +++ b/README.md @@ -87,6 +87,7 @@ Thanks to all [contributors](https://github.com/sbilly/awesome-security/graphs/c - [ntopng](http://www.ntop.org/products/traffic-analysis/ntop/) - Ntopng is a network traffic probe that shows the network usage, similar to what the popular top Unix command does. - [Fibratus](https://github.com/rabbitstack/fibratus) - Fibratus is a tool for exploration and tracing of the Windows kernel. It is able to capture the most of the Windows kernel activity - process/thread creation and termination, file system I/O, registry, network activity, DLL loading/unloading and much more. Fibratus has a very simple CLI which encapsulates the machinery to start the kernel event stream collector, set kernel event filters or run the lightweight Python modules called filaments. - [opensnitch](https://github.com/evilsocket/opensnitch) - OpenSnitch is a GNU/Linux port of the Little Snitch application firewall +- [wazuh](https://github.com/wazuh/wazuh) - Wazuh is a free and open source platform used for threat prevention, detection, and response. It is capable of monitoring file system changes, system calls and inventory changes. ### IDS / IPS / Host IDS / Host IPS @@ -103,6 +104,7 @@ Thanks to all [contributors](https://github.com/sbilly/awesome-security/graphs/c - [SSHGuard](http://www.sshguard.net/) - A software to protect services in addition to SSH, written in C - [Lynis](https://cisofy.com/lynis/) - an open source security auditing tool for Linux/Unix. - [CrowdSec](https://github.com/crowdsecurity/crowdsec) - CrowdSec is a free, modern & collaborative behavior detection engine, coupled with a global IP reputation network. It stacks on Fail2Ban's philosophy but is IPV6 compatible and 60x faster (Go vs Python), uses Grok patterns to parse logs and YAML scenario to identify behaviors. CrowdSec is engineered for modern Cloud / Containers / VM based infrastructures (by decoupling detection and remediation). Once detected, you can remedy threats with various bouncers (firewall block, nginx http 403, Captchas, etc.) while the aggressive IPs can be sent to CrowdSec for curation before being shared among all users to further strengthen the community +- [wazuh](https://github.com/wazuh/wazuh) - Wazuh is a free and open source XDR platform used for threat prevention, detection, and response. It is capable of protecting workloads across on-premises, virtualized, containerized, and cloud-based environments. Great tool foor all kind of deployments, it includes SIEM capabitilies (indexing + searching + WUI). ### Honey Pot / Honey Net @@ -140,7 +142,8 @@ Thanks to all [contributors](https://github.com/sbilly/awesome-security/graphs/c - [OSSIM](https://www.alienvault.com/open-threat-exchange/projects) - OSSIM provides all of the features that a security professional needs from a SIEM offering – event collection, normalization, and correlation. - [FIR](https://github.com/certsocietegenerale/FIR) - Fast Incident Response, a cybersecurity incident management platform. - [LogESP](https://github.com/dogoncouch/LogESP) - Open Source SIEM (Security Information and Event Management system). - +- [wazuh](https://github.com/wazuh/wazuh) -Wazuh is a free, open source and enterprise-ready security monitoring solution for threat detection, integrity monitoring, incident response and compliance. It works with tons of data supported by an OpenSearch fork and custom WUI. +- ### VPN - [OpenVPN](https://openvpn.net/) - OpenVPN is an open source software application that implements virtual private network (VPN) techniques for creating secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. It uses a custom security protocol that utilizes SSL/TLS for key exchange. From 1c0340d3518c2fc020d72101be2f7e66ebeb3747 Mon Sep 17 00:00:00 2001 From: Johnathan Free Wortley Date: Fri, 29 Oct 2021 23:21:58 +0000 Subject: [PATCH 15/15] Add LunaSec to Datastores --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 10f6a42..89874ec 100644 --- a/README.md +++ b/README.md @@ -377,6 +377,7 @@ Provided data: IPv4 hosts, sub/domains/whois, ports/banners/protocols, technolog - [passbolt](https://www.passbolt.com/) - The password manager your team was waiting for. Free, open source, extensible, based on OpenPGP. - [passpie](https://github.com/marcwebbie/passpie) - Multiplatform command-line password manager - [Vault](https://www.vaultproject.io/) - An encrypted datastore secure enough to hold environment and application secrets. +- [LunaSec](https://github.com/lunasec-io/lunasec) - Database for PII with automatic encryption/tokenization, sandboxed components for handling data, and centralized authorization controls. ## Fraud prevention