There are no reviews yet. Be the first to send feedback to the community and the maintainers!
RedEye
RedEye is a visual analytic tool supporting Red & Blue Team operationsScubaGear
Automation to assess the state of your M365 tenant against CISA's baselinesMalcolm
Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.cset
Cybersecurity Evaluation ToolSparrow
Sparrow.ps1 was created by CISA's Cloud Forensics team to help detect possible compromised accounts and applications in the Azure/m365 environment.log4j-scanner
log4j-scanner is a project derived from other members of the open-source community by CISA to help organizations identify potentially vulnerable web services affected by the log4j vulnerabilities.log4j-affected-db
A community sourced list of log4j-affected softwareCHIRP
A DFIR tool written in Python.decider
A web application that assists network defenders, analysts, and researchers in the process of mapping adversary behaviors to the MITRE ATT&CKยฎ framework.LME
Logging Made Easy (LME) is a no-cost and open logging and protective monitoring solution serving all organizations.untitledgoosetool
Untitled Goose Tool is a robust and flexible hunt and incident response tool that adds novel authentication and data gathering methods in order to run a full investigation against a customerโs Azure Active Directory (AzureAD), Azure, and M365 environments.pshtt
Scan domains and return data based on HTTPS best practicescrossfeed
External monitoring for organization assetsESXiArgs-Recover
A tool to recover from ESXiArgs ransomwaretrustymail
Scan domains and return data based on trustworthy email best practicesbad-practices
CISA's catalog of bad practices that are exceptionally risky.development-guide
A set of guidelines and best practices for an awesome engineering teamScubaGoggles
SCuBA Secure Configuration Baselines and assessment tool for Google Workspacecyber.dhs.gov
A site for CISA directivesdotgov-data
Official list of .gov domainscheck-cve-2019-19781
Test a host for susceptibility to CVE-2019-19781ICSNPP
Industrial Control Systems Network Protocol Parsersfindcdn
findCDN is a tool created to help accurately identify what CDN a domain is using.prescup-challenges
President's Cup Cybersecurity Competition Challengesshareable-soar-workflows
This is a repository of vendor-agnostic workflows provided for those interested in deploying Security Orchestration, Automation, and Response capabilities within their organizations.parsnip
ansible-role-cobalt-strike
An Ansible role for installing Cobalt Strike.cybersecurity-performance-goals
CISA's space for collaboration on the Cybersecurity Performance Goals.PNT-Integrity
The PNT Integrity Library provides users a method to verify the integrity of the received GPS data and ranging signals, thereby improving resiliency against potential GPS signal loss.join-cisagov
CISA is hiring! Weโre looking for candidates passionate about our mission to lead the national effort to understand and manage cyber and physical risk to our critical infrastructure.gophish-tools
Helpful tools for interacting with a GoPhish phishing instancegophish-docker
Docker container for the gophish phishing framework.ioc-scanner
Search a filesystem for indicators of compromise (IoC).pca-gophish-composition
Phishing campaign docker composition for Gophishvdp-in-fceb
Vulnerability disclosure policies in the US Government's executive branchEpsilon
The Epsilon Algorithm Suite provides users a method to verify the integrity of the received GPS data and ranging signals, thereby improving resiliency against potential GPS signal loss.check-your-pulse
This utility can help determine if indicators of compromise (IOCs) exist in the log files of a Pulse Secure VPN Appliance for CVE-2019-11510.getgov
Building a new .gov registrar for a bright .gov futurepostfix-docker
Docker container with a postfix server designed for use during phishing campaignsdotgov-home
Homepage for the .gov registryassessment-reporting-engine
skeleton-python-library
A skeleton project for quickly getting a new cisagov Python library started.scanner
Automated pshtt, trustymail, and sslyze scanningcyhy_amis
AWS infrastructure for Cyber Hygiene and BOD 18-01 scanningskeleton-docker
A skeleton project for quickly getting a new cisagov Docker container started.admiral
Distributed certificate transparency log harvestericsnpp-opcua-binary
Zeek OPCUA Binary Parser - CISA ICSNPPpe-reports
Automated process to build and distribute Posture & Exposure Reports' bi-weekly to customers.icsnpp-enip
Zeek Ethernet/IP and CIP Parser - CISA ICSNPPicsnpp-bacnet
Zeek BACnet Parser - CISA ICSNPPansible-role-clamav
Ansible role to install and enable the ClamAV virus scannerlambda_functions
Generate AWS Lambda environment zip files for use by cisagov/domain-scanicsnpp-s7comm
Zeek S7comm, S7comm-plus, and COTP Parser - CISA ICSNPPnetwork-architecture-verification-and-validation
The NAVV (Network Architecture Verification and Validation) tool creates a spreadsheet for network traffic analysis from PCAP data and Zeek logs, automating Zeek analysis of PCAP files, the collation of Zeek logs and the dissection of conn.log and dns.log to create a summary or network traffic in an XLSX-formatted spreadsheet.docker-kali-ansible
A systemd-enabled Kali Linux Docker image, in the spirit of geerlingguy/docker-debian11-ansible.tic3.0
Collaborating on Trusted Internet Connection 3.0 use casesicsnpp-genisys
Industrial Control Systems Network Protocol Parsers (ICSNPP) - Genisys over TCP/IPgh-skeleton
This extension for the gh CLI provides the ability to easily start new projects from our existing library of skeleton repositories.scoping-validation-tool
SVT is a tool that can be used to verify ownership and location of assets during the scoping process of a penetration test.orchestrator
Orchestrate gatherer, scanner, saver, and trustymail_reporterpshtt_reporter
Generate HTTPS reports based on scan datacyhy-mailer
Email Cyber Hygiene, Trustworthy Email, and HTTPS reports to the appropriate technical or distribution addressestrustymail_reporter
Generate Trustworthy Email reports based on scan datapre-commit-packer
Provides pre-commit hooks for Packer projects.nessus-packer
Create machine images containing the Nessus vulnerability scannerdomain-manager-api
Flask API for Domain Managergatherer
Gather domains as a precursor to scanningcertboto-docker
Certbot container that stores its configuration in an AWS S3 bucketicsnpp-modbus
Zeek Modbus Extension Scripts - CISA ICSNPPansible-role-kali
An Ansible role for provisioning kaliaws-profile-sync
Synchronize AWS credential profiles from remote sourcesicsnpp-dnp3
Zeek DNP3 Extension Scripts - CISA ICSNPPdmarc-import
A tool for parsing DMARC aggregate reports.icsnpp-bsap-ip
Zeek BSAP over IP Parser - CISA ICSNPPCISASuite
The CSET, Malcom, Con-PCA suite of toolsskeleton-generic
A generic skeleton project for quickly getting a new cisagov project started.Sogu
This script generates a list of possible SOGU filenames based on serial numbers of active drives. It has the added functionality of searching each drive from the generated file list.PNT-Integrity-Toolkit
The PNT Integrity DIY Toolkit describes how a perspective end-user of the PNT Integrity Library can assemble a demonstrational toolkit with commercial-off-the-shelf (COTS) hardware.travis-wait-improved
A tool to help long-running, yet reticent, processes avoid death at the hands of Traivs-CI.con-pca-api
API Docker Container for Con-PCA.dotfiles
Generic set of dotfiles to get you started with a cisagov development environmentdomain-manager-ui
UI for the Domain Managerpen-testing-findings
A collection of Active Directory, phishing, mobile technology, system, service, web application, and wireless technology weaknesses that may be discovered during a penetration test.vulnerable-instances
Virtual machines that are set up with a variety of known vulnerabilities.scan-target-data
Contains data used to identify targets for scanningopenvpn-server-tf-module
Terraform module to create an OpenVPN server instanceansible-role-burp-suite-pro
An Ansible role for installing Burp Suite Professionalcon-pca-web
The website source and terraform code for continuous phishing assessment.security-contact-finder
Making government security contacts accessiblecon-pca-cicd
continuous phishing main repositoryflare-misp-service
Automate the regular transfer of AIS data into a MISP Serversaver
Save scan results to a databasemegazord-composition
ansible-role-openvpn
Ansible role to install an OpenVPN server and configure it to authenticate users certificates against FreeIPA.ansible-role-amazon-efs-utils
An Ansible role for installing aws/efs-utilsawssh
Tool to simplify secure shell connections over AWS simple systems manager.sslyze-lambda
AWS Lambda function for sslyzecyhy-core
ncats-data-dictionary
cool-assessment-terraform
Terraform to deploy an assessment environment to the COOLLove Open Source and this site? Check out how you can help us