rawsec-cybersecurity-inventory
awesome-security-hardening
Our great sponsors
| rawsec-cybersecurity-inventory | awesome-security-hardening | |
|---|---|---|
| 6 | 6 | |
| 238 | 4,935 | |
| - | - | |
| 9.5 | 4.7 | |
| about 11 hours ago | 20 days ago | |
| JavaScript | ||
| Mozilla Public License 2.0 | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
rawsec-cybersecurity-inventory
- Really isn't there a central hacking wiki?
-
lateralus - terminal based phishing campaign tool
You should MR/PR to add it here: https://inventory.raw.pm/
-
List of Open Source Security Tools
Search engine: https://inventory.raw.pm/
-
Search-That-Hash - Searches Hash Lookup APIs before automatically cracking in HashCat. Can reduce an 8 hour crack down to a couple of seconds.
https://inventory.raw.pm/ --> JWT
-
What should I learn as a beginner trying to get into cyber security?
If you are looking for cybersecurity tools & resources there is Rawsec's CyberSecurity Inventory: the resources page will help you find challenges platforms, information websites & blogs, wikis, trainings, courses, tutorials, etc.
-
Are there any crowd-sourced OSINT projects that need help?
Maybe this : https://github.com/noraj/rawsec-cybersecurity-inventory
awesome-security-hardening
-
rate my threat model i will be implementing and i need help and tips also
If you want to go extreme, I remember from many years ago, there used to be a publicly released document by Australia's cyber security agency, made largely for Windows, which used to list attack vectors on a complex scale. I used to follow their listed possible vectors to formulate threat models as a kid for my Windows computer. Back in the day they used to provide PDF, now its webpages (https://www.cyber.gov.au/acsc/view-all-content/advice/guidelines-system-hardening). This also exists (https://github.com/decalage2/awesome-security-hardening), a bit more wide coverage of OSes and practices.
-
Resources to learn backend security from scratch
Maybe these two repos can help you, I've used them both from time to time to look up stuff I have no idea about as a frontend main: https://github.com/imthenachoman/How-To-Secure-A-Linux-Server https://github.com/decalage2/awesome-security-hardening
- Android fans, what are the primary reasons why you will never ever switch to an Iphone?
- Resource for best practices/standard?
-
Brand new to Docker
here is a collection of hardening guides This will get you started in the right direction.
-
I Recently had a data breach and i think i secured everything. But did i? Help me please.
This is called system hardening. Try looking for CIS Benchmarks, awesome hardening (github), STIG's ,mitre baseline, hardening kitty, hardening checklist
What are some alternatives?
Search-That-Hash - 🔎Searches Hash APIs to crack your hash quickly🔎 If hash is not found, automatically pipes into HashCat⚡
windows_hardening - HardeningKitty and Windows Hardening settings and configurations
MrKaplan - MrKaplan is a tool aimed to help red teamers to stay hidden by clearing evidence of execution.
microsoft-windows-10-stig-baseline - InSpec profile for Microsoft Windows 10, against DISA's Microsoft Windows 10 Security Technical Implementation Guide (STIG) Version 1, Release 19
Lucifer - A Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration and More... Use Or Build Automation Modules To Speed Up Your Cyber Security Life
dockerholics - Apps and examples from the Dockerholics group.
pyWhat - 🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙♀️
NIST-to-Tech - An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)
lateralus - Lateralus is terminal based phishing campaign tool
awesome-golang-security - Awesome Golang Security resources 🕶🔐
applied-security - A curated collection of publicly available resources on how technology and tech-savvy organizations around the world practice Cybersecurity
awesome-cybersecurity-blueteam - :computer:🛡️ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.