awesome-security-hardening
rawsec-cybersecurity-inventory
awesome-security-hardening | rawsec-cybersecurity-inventory | |
---|---|---|
6 | 6 | |
4,965 | 238 | |
- | - | |
4.7 | 9.5 | |
about 1 month ago | 4 days ago | |
JavaScript | ||
- | Mozilla Public License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
awesome-security-hardening
-
rate my threat model i will be implementing and i need help and tips also
If you want to go extreme, I remember from many years ago, there used to be a publicly released document by Australia's cyber security agency, made largely for Windows, which used to list attack vectors on a complex scale. I used to follow their listed possible vectors to formulate threat models as a kid for my Windows computer. Back in the day they used to provide PDF, now its webpages (https://www.cyber.gov.au/acsc/view-all-content/advice/guidelines-system-hardening). This also exists (https://github.com/decalage2/awesome-security-hardening), a bit more wide coverage of OSes and practices.
-
Resources to learn backend security from scratch
Maybe these two repos can help you, I've used them both from time to time to look up stuff I have no idea about as a frontend main: https://github.com/imthenachoman/How-To-Secure-A-Linux-Server https://github.com/decalage2/awesome-security-hardening
- Android fans, what are the primary reasons why you will never ever switch to an Iphone?
- Resource for best practices/standard?
-
Brand new to Docker
here is a collection of hardening guides This will get you started in the right direction.
-
I Recently had a data breach and i think i secured everything. But did i? Help me please.
This is called system hardening. Try looking for CIS Benchmarks, awesome hardening (github), STIG's ,mitre baseline, hardening kitty, hardening checklist
rawsec-cybersecurity-inventory
- Really isn't there a central hacking wiki?
-
lateralus - terminal based phishing campaign tool
You should MR/PR to add it here: https://inventory.raw.pm/
-
List of Open Source Security Tools
Search engine: https://inventory.raw.pm/
-
Search-That-Hash - Searches Hash Lookup APIs before automatically cracking in HashCat. Can reduce an 8 hour crack down to a couple of seconds.
https://inventory.raw.pm/ --> JWT
-
What should I learn as a beginner trying to get into cyber security?
If you are looking for cybersecurity tools & resources there is Rawsec's CyberSecurity Inventory: the resources page will help you find challenges platforms, information websites & blogs, wikis, trainings, courses, tutorials, etc.
-
Are there any crowd-sourced OSINT projects that need help?
Maybe this : https://github.com/noraj/rawsec-cybersecurity-inventory
What are some alternatives?
windows_hardening - HardeningKitty and Windows Hardening settings and configurations
Search-That-Hash - 🔎Searches Hash APIs to crack your hash quickly🔎 If hash is not found, automatically pipes into HashCat⚡
microsoft-windows-10-stig-baseline - InSpec profile for Microsoft Windows 10, against DISA's Microsoft Windows 10 Security Technical Implementation Guide (STIG) Version 1, Release 19
MrKaplan - MrKaplan is a tool aimed to help red teamers to stay hidden by clearing evidence of execution.
dockerholics - Apps and examples from the Dockerholics group.
Lucifer - A Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration and More... Use Or Build Automation Modules To Speed Up Your Cyber Security Life
NIST-to-Tech - An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)
pyWhat - 🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙♀️
awesome-golang-security - Awesome Golang Security resources 🕶🔐
lateralus - Lateralus is terminal based phishing campaign tool
awesome-cybersecurity-blueteam - :computer:🛡️ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.
applied-security - A curated collection of publicly available resources on how technology and tech-savvy organizations around the world practice Cybersecurity