Automation

Shuffle Automation is an accessible automation platform that provides workflow automation capabilities for security operations with both self-hosted and cloud deployment options.

IRIS-SOAR is a Python-based modular SOAR platform that automates security incident response workflows and integrates with DFIR-IRIS for enhanced digital forensics operations.

CIRTKit is a DFIR console built on the Viper Framework that integrates various forensic tools and provides modules for packet analysis, memory analysis, and automated incident response workflows.

An open source cloud-native security data lake platform for AWS that normalizes security logs into structured data with Detection-as-Code capabilities and vendor-neutral storage using open standards.

A collection of Python scripts that automate tasks and extend IDA Pro disassembler functionality for reverse engineering workflows.

A command that builds and executes command lines from standard input, allowing for the execution of commands with multiple arguments.

PrismX is a cloud security dashboard that provides centralized AWS security monitoring based on CIS benchmarks with JIRA integration for issue management.

A Docker MultiStage build implementation that integrates CVE scanning into Alpine Linux container builds using Docker 17.05's build-time vulnerability assessment capabilities.

MetaHub is an open-source vulnerability management tool that provides impact-contextual analysis of security findings in AWS environments through automated contextualization, ownership identification, and prioritization scoring.

VolatilityBot automates memory dump analysis by extracting executables, detecting code injections, and performing automated malware scanning using YARA and ClamAV.

A community repository of workflow templates for the Ayehu NG platform that enables automated IT and business process execution.

StringSifter is a machine learning tool that automatically ranks strings extracted from malware samples based on their relevance for analysis.

A Python-based modular incident response tool for AWS environments that enables automated security actions across EC2, IAM, VPC, and other AWS resources.

A tool that checks if domains are present in Alexa or Cisco top one million domain lists for reputation assessment and threat analysis.

Teller is a command-line secret management tool that integrates with various cloud providers and vaults to securely populate environment variables during development workflows.

A community-driven repository and development framework for creating custom automation activities within the Ayehu NG IT orchestration platform.

A script that validates Group Policy Object audit settings required for proper Microsoft Defender for Endpoint functionality.

A Bash completion script that provides auto-completion functionality for Android SDK command-line tools including adb, emulator, fastboot, and repo.

An industrial control system testing tool that enables security researchers to enumerate SCADA controllers, read register values, and modify register data across different testing modes.

GitHub is a web-based platform that provides Git version control hosting and collaborative software development tools for managing code repositories and projects.

ASH is an automated security scanning tool that integrates multiple open-source security scanners to perform preliminary security checks on code, infrastructure, and IAM configurations during development.

A multi-cloud asset enumeration tool that helps blue teams centralize and inventory assets across multiple cloud providers with minimal configuration.

A lightweight web security auditing toolkit that simplifies security tasks and enhances productivity.

An automation framework that runs multiple open-source subdomain bruteforcing tools in parallel using Docker Compose and custom wordlists.