Rogueapps
RogueApps is a repository that documents observed Tactics, Techniques, and Procedures (TTPs) associated with OIDC/OAuth 2.0 application attacks. It serves as a collaborative platform for security professionals to share information about malicious applications exploiting OAuth 2.0 and OpenID Connect protocols. The project maintains a curated list of rogue applications, their characteristics, and attack patterns. This information is stored in a JSON format, allowing for easy integration and analysis. RogueApps provides a web interface for browsing the collected data, making it accessible for researchers and practitioners in the field of cybersecurity. The platform encourages community contributions through a structured process, ensuring the quality and relevance of the information shared.
FEATURES
SIMILAR TOOLS
A platform providing real-time threat intelligence streams and reports on internet-exposed assets to help organizations monitor and secure their attack surface.
NECOMA focuses on data collection, threat analysis, and developing new cyberdefense mechanisms to protect infrastructure and endpoints.
yarAnalyzer creates statistics on a yara rule set and files in a sample directory, generating tables and CSV files, including an inventory feature.
Cyber Intelligence Management Platform with threat tracking, forensic artifacts, and YARA rule storage.
A PowerShell script to interact with the MITRE ATT&CK Framework via its own API using the deprecated MediaWiki API.
msticpy is a library for InfoSec investigation and hunting in Jupyter Notebooks with extensive functionality for log data analysis, threat intelligence enrichment, and visualization.
A command-line tool that fetches known URLs from various sources to identify potential security threats and vulnerabilities.
A collection of Yara rules licensed under the DRL 1.1 License.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.