Automation to assess the state of your M365 tenant against CISA's baselines

AdaptixC2 is a highly modular advanced redteam toolkit

Proactive, Open source API security → API discovery, Testing in CI/CD, Test Library with 150+ Tests, Add custom tests, Sensitive data exposure

DFIR Timeline Analysis for macOS — SQLite-backed viewer for CSV, TSV, XLSX, EVTX, and Plaso files with built-in process inspection, lateral movement tracking, and persistence detection.

The OWASP SecureTea Project provides a one-stop security solution for various devices (personal computers / servers / IoT devices)

Security compliance platform - SOC2, CMMC, ASVS, ISO27001, HIPAA, NIST CSF, NIST 800-53, CSC CIS 18, PCI DSS, SSF tracking. https://gapps.darkbanner.com

Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources

A GitHub action that scans the Azure resources for policy violations.

Tool to look for several security related Android application vulnerabilities

DongTai is an interactive application security testing(IAST) product that supports the detection of OWASP WEB TOP 10 vulnerabilities, multi-request related vulnerabilities (including logic vulnerab…

Investigate malicious Windows logon by visualizing and analyzing Windows event log

Tools for Kerberos PKINIT and relaying to AD CS

All in one tool for Information Gathering, Vulnerability Scanning and Crawling. A must have tool for all penetration testers

Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark