spire
caldera
spire | caldera | |
---|---|---|
4 | 16 | |
1,674 | 5,182 | |
1.1% | 1.6% | |
9.7 | 9.1 | |
4 days ago | 4 days ago | |
Go | Python | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
spire
-
How to automate certificate renewal with Azure Key vault?
If this seems a bit complicated, you could use SPIRE server to issue certificates and Otterize SPIRE integration operator to renew them in Kubernetes and update Secrets.
- Spire - The spiffe runtime environment
-
What are the most important metrics for measuring cloud and endpoint security?
BlindSPOT: https://blindspotsec.com/ Specific graphic from BlindSPOT: https://blindspotsec.com/wp-content/uploads/2021/04/Failure_Before.jpg How to Measure Anything in Cybersecurity Risk: https://www.amazon.com/dp/B01J4XYM16/ Monte Carlo simulation approach: https://embracethered.com/blog/posts/2020/red-teaming-and-monte-carlo-simulations/ D3FEND: https://d3fend.mitre.org/ ATT&CK mappings: https://github.com/center-for-threat-informed-defense/attack-control-framework-mappings ATT&CK evals: https://attackevals.mitre-engenuity.org/index.html CALDERA: https://github.com/mitre/caldera Offensive Countermeasures: https://www.amazon.com/dp/1974671690/ SPIFFE: https://spiffe.io/ SPIRE: https://github.com/spiffe/spire Zerotier: https://www.zerotier.com/ Zerotier libzt: https://github.com/zerotier/libzt
-
Zero-trust networking for bare-metal systems, using Rust.
The effort to get this going seems the same or more than to get something like this rolling out. spire what do you see as the benefit of your approach.
caldera
-
SOC Malware/Detection lab
Also, for the attack emulation part you might be interested in CALDERA.
- Automated penetration testing software?
-
Endpoint Attack Simulation
Mitre made Caldera to drive this. https://github.com/mitre/caldera
- Testing an XDR solution
-
Do you know the Mitre tool "Caldera"? How can I build a plugin for it?
Did you join the Slack and ask your question there, or on the discussion forum? The CALDERA team will answer... (both links are at https://caldera.mitre.org/)
- New blue team
- Attack simulation tool based on CVE
-
Attack Chain/Exploitation Path Diagram Generation Tools?
There's also a plugin for Caldera (https://github.com/mitre/caldera) called Pathfinder (https://github.com/center-for-threat-informed-defense/caldera_pathfinder and https://www.youtube.com/watch?v=gQRWkHFRG-s) that can help.
- Malware testing service/site for our EDR Testing of SentinelOne
- Worm/ Replicating virus for demonstrating spread/lateral movement through a network.
What are some alternatives?
spiffe-vault - Integrates Spiffe and Vault to have secretless authentication
Covenant - Covenant is a collaborative .NET C2 framework for red teamers.
cosign - Code signing and transparency for containers and binaries
Empire - Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.
in-toto-golang - A Go implementation of in-toto. in-toto is a framework to protect software supply chain integrity.
CTF-Difficulty - This cheasheet is aimed at the CTF Players and Beginners to help them sort the CTF Challenges on the basis of Difficulties.
libzt - Encrypted P2P sockets over ZeroTier
Incident-Playbook - GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]
Vault - A tool for secrets management, encryption as a service, and privileged access management
Ghostwriter - The SpecterOps project management and reporting engine
ZeroTier - A Smart Ethernet Switch for Earth
WSLab - Azure Stack HCI, Windows 10 and Windows Server rapid lab deployment scripts