Monitoring

Secret Bridge monitors GitHub repositories to detect and alert on leaked secrets and sensitive data exposure.

A Chrome browser extension that uses machine learning to detect and alert users about sensitive data exposure and potential data breaches across web environments.

A CLI program that simplifies cybersecurity solution management through automated deployment, configuration, monitoring, and lifecycle operations across multiple hosts.

A Docker-based utility that monitors TLS certificate expiration dates and exposes the data as Prometheus metrics with support for Kubernetes ingress discovery and configurable domain filtering.

A command-line tool that shows configuration history and changes of AWS resources using AWS Config service.

An automated security response system for Google Cloud that processes Security Command Center findings and executes predefined remediation actions like disk snapshots, IAM revocation, and notifications.

A bash-based anti-forensic script that monitors USB ports and triggers system shutdown when unauthorized devices are detected.

WordPress honeypot tool running in a Docker container for monitoring access attempts.

A serverless application that creates and monitors fake HTTP endpoints as honeytokens to detect attackers, malicious insiders, and automated threats.

Watchmen is a framework that centralizes AWS Config rule lambda functions into a single account for streamlined compliance management and automation.

NodeSecure is a cybersecurity project that provides security monitoring and analysis capabilities specifically designed for Node.js applications.

Datadog offers a comprehensive suite of cybersecurity tools for various aspects of application and infrastructure monitoring.

PacBot is a cloud security platform that provides continuous compliance monitoring, automated policy enforcement, and security reporting through policy-as-code implementation and multi-source data integration.

A Python web application that provides statistical analysis and visualization for Glastopf honeypot data by connecting to the honeypot's SQLite database.

Troje is a honeypot that creates dynamic LXC container environments to attract and monitor attackers while recording their activities and system changes.

A Certificate Transparency log monitor that alerts users when SSL/TLS certificates are issued for their domains, helping detect unauthorized certificate issuance and potential security threats.

Scumblr is a web-based security automation platform that performs periodic data source synchronization and security analysis to help organizations proactively identify and track security issues.

A low-interaction SSH authentication logging honeypot that logs all authentication attempts in JSON format.

Santa is a macOS binary and file access authorization system that monitors executions and makes allow/block decisions based on local database rules.

An archived community-driven collection of open source cloud security tools that provided monitoring and compliance capabilities for cloud infrastructure.

A Python tool that analyzes AWS CloudTrail data to summarize IAM principal activities, API calls, regions, IP addresses, and user agents with configurable timeframes and visualization options.

Windows anti-forensics USB monitoring tool with the ability to shutdown the computer upon detecting the unplugging of a specified USB device.

An Event Hub to gather, process, and monitor system events and link them to an inventory.

CloudTrail Partitioner automates the creation and management of partitioned Athena tables for AWS CloudTrail logs with nightly partition updates.