Automation

A Python-based modular incident response tool for AWS environments that enables automated security actions across EC2, IAM, VPC, and other AWS resources.

A tool that checks if domains are present in Alexa or Cisco top one million domain lists for reputation assessment and threat analysis.

Teller is a command-line secret management tool that integrates with various cloud providers and vaults to securely populate environment variables during development workflows.

A community-driven repository and development framework for creating custom automation activities within the Ayehu NG IT orchestration platform.

A script that validates Group Policy Object audit settings required for proper Microsoft Defender for Endpoint functionality.

A Bash completion script that provides auto-completion functionality for Android SDK command-line tools including adb, emulator, fastboot, and repo.

An industrial control system testing tool that enables security researchers to enumerate SCADA controllers, read register values, and modify register data across different testing modes.

24/7 MDR service with threat detection, hunting, and guided remediation

GitHub is a web-based platform that provides Git version control hosting and collaborative software development tools for managing code repositories and projects.

ASH is an automated security scanning tool that integrates multiple open-source security scanners to perform preliminary security checks on code, infrastructure, and IAM configurations during development.

A multi-cloud asset enumeration tool that helps blue teams centralize and inventory assets across multiple cloud providers with minimal configuration.

A lightweight web security auditing toolkit that simplifies security tasks and enhances productivity.

An automation framework that runs multiple open-source subdomain bruteforcing tools in parallel using Docker Compose and custom wordlists.

A repository of public applications for the Shuffle security orchestration platform that enables automated security workflows and integrations.

A repository of sample security playbooks with ARM templates for Microsoft Sentinel that enable automated security orchestration and response capabilities.

A declarative language for describing binary data structures that compiles into parsers for multiple programming languages.

Open-source observable analysis engine and companion tool for TheHive platform

A CLI tool for generating AWS IAM policy documents, SAM policy templates, and SAM Connectors using JSON definitions from the AWS Policy Generator.

A multi-threaded Ruby tool for comprehensive AWS security inventory collection that gathers detailed resource attributes, metadata, and policy information across AWS environments.

Docker's Actuary is an automated security assessment tool that checks Docker container deployments against configurable best-practice checklists to ensure production readiness.

IAM Floyd is a code generation tool that provides a fluent interface for creating AWS IAM policy statements with comprehensive service coverage and CDK integration support.

ICSREF is a modular framework that automates reverse engineering of CODESYS industrial control system binaries to identify functions, library calls, and program structures.

Catalyst is a SOAR platform that automates alert handling and incident response procedures through ticket management, templates, and playbooks.

A comprehensive IT infrastructure automation platform for managing hybrid infrastructure through configuration, patch, and security management.