A gamified self-discovering documentation system that transforms traditional network documentation into an immersive mystery adventure.
Network Chronicles revolutionizes technical documentation by transforming it from a passive reading experience into an interactive adventure. By embedding critical infrastructure knowledge within an engaging narrative framework, it addresses the fundamental challenge of IT documentation: making it compelling enough that people actually want to engage with it.
Players assume the role of a new system administrator tasked with maintaining a network after the mysterious disappearance of their predecessor, known only as "The Architect." Through exploration, puzzle-solving, and documentation, players uncover both the network's secrets and the truth behind The Architect's vanishing.
Run on Linux or OSX. Written for bash and zsh. Requires jq; node.js is optional but provides advanced features.
Can be installed system-wide (as root) or isolated to a user (without additional privileges).
Wonk is a tool for combining a set of AWS policy files into smaller compiled policy sets.
Basically it helps you figure out IAM policies that'll fit AWS' limits (not more than 6k characters long, users can't be in more than 10 groups, objects can't have more than 10 roles applied to them, no object can have more than 10 policies, SSO authentication limits each account to only one role).
Welcome to the incident response release pack, the goal of this release is to provide you with everything you'd need to establish a functioning security incident response program at your company.
Basically, this is a skeleton for setting up an incident response program where you work. Especially if you don't have any managerial experience.
Secure Cartography is a secure, Python-based network discovery and mapping tool designed for network engineers and IT professionals. It leverages SSH-based device interrogation to automate network discovery, visualize network topologies, and merge network maps across multi-vendor environments.
The CVEDB API offers a quick way to check information about vulnerabilities in a service. You can search using either the CVE-ID or CPE23.
A vulnerability lookup service by SHODAN.
Free for non-commercial use (i.e., selling the data). You don't need a SHODAN API key.
A list of all of AWS' regions around the world. Mirrored from here: https://aws.amazon.com/about-aws/global-infrastructure/
A large number of threat intel RSS feeds for the security community. Includes service detects and updates, new vulnerabilities, updates, and bad actor IP address updates.
nwipe is a fork of the dwipe command originally used by Darik's Boot and Nuke (DBAN). nwipe was created out of a need to run the DBAN dwipe command outside of DBAN, in order to allow its use with any host distribution, thus giving better hardware support.
nwipe is a program that will securely erase the entire contents of disks. It can wipe a single drive or multiple disks simultaneously. It can operate as both a command line tool without a GUI or with a ncurses GUI as shown in the example below:
Warning For some of nwipes features such as smart data in the PDF certificate, HPA/DCO detection and other uses, nwipe utilises smartmontools and hdparm. Therefore both hdparm & smartmontools are a mandatory requirement if you want all of nwipes features to be fully available. If you do not install smartmontools and hdparm, nwipe will provide a warning in the log that these programs cannot be found but will still run but many important features may not work as they should do.
Detects drives that fail during the clearing process and tells you which ones they are so you can physically destroy them. Supports all of the common techniques, from filling the drive with zeroes to DoD 5220.22M seven pass song and dance. Packaged by multiple distros.
An open source threat intel and sharing platform. Lots of ad-hoc visualization methods are available to make sense of data. Includes lots of taxonomies to organize data and do some of the work for you.
You can store your IOCs in a structured manner, and thus enjoy the correlation, automated exports for IDS, or SIEM, in STIX or OpenIOC and synchronize to other MISPs. You can now leverage the value of your data without effort and in an automated manner. The primary goal of MISP is to be used. This is why simplicity is the driving force behind the project. Storing and especially using information about threats and malware should not be difficult. MISP is there to help you get the maximum out of your data without unmanageable complexity. MISP will make it easier for you to share with, but also to receive from trusted partners and trust-groups. Sharing also enabled collaborative analysis and prevents you from doing the work someone else already did before.
Threat Intelligence is much more than Indicators of Compromise. This is why MISP provides metadata tagging, feeds, visualization and even allows you to integrate with other tools for further analysis thanks to its open protocols and data formats. Having access to a large amount of Threat information through MISP Threat Sharing communities gives you outstanding opportunities to aggregate this information and take the process of trying to understand how all this data fits together telling a broader story to the next level. We are transforming technical data or indicators of compromise (IOCs) into cyber threat intelligence. MISP comes with many visualization options helping analysts find the answers they are looking for.
Github: https://github.com/MISP/
Of interest:
- MISP/MISP is the core platform (the analytics and dashboard part)
- MISP/misp-galaxy looks like the correlation engine
- MISP/PyMISP is the supported Python module for interacting with the API
- MISP/misp-taxonomies are used for organizing information
- MISP/misp-galaxy does the work of clustering data points to find patterns
- MISP/misp-modules are additional functional units (because of course there are)
- MISP/misp-warninglists looks like sets of known false positives for cutting things down a bit.
There are more repos but I haven't gone through them yet.
This is a community-run resource to help you fix access to the internet and the Windows Update service on earlier versions of Windows. Since Windows XP was discontinued in 2014, followed by Windows 7 in 2020, Microsoft has closed services they depend on, such as Windows Update. There are also design flaws with these earlier versions of Windows Update, which make them difficult to get working on new installations.
Legacy Update can install all relevant updates necessary to fix access to the Windows Update service on unsupported versions of Windows. These versions of Windows may display the error “Windows could not search for new updates: Windows Update encountered an unknown error” with error code 80072EFE, or may simply never finish checking for updates. Legacy Update identifies the updates your system lacks, and installs them automatically, restoring the Windows Update service to full functionality.
Windows Update provides many optional and recommended updates, in addition to drivers for your system, but Windows XP and 2000 can only install critical security updates through the built-in Automatic Updates feature. Legacy Update revives the original Windows Update website - the only way to see and install every update available for your system. Legacy Update also restores access to Windows Ultimate Extras on Windows Vista Ultimate.
Legacy Update also restores connectivity to some websites in Internet Explorer, and other programs that use the Windows built-in networking functionality. This includes Windows Product Activation on Windows XP and Windows Server 2003, allowing you to activate these versions of Windows online in seconds (a legitimate product key is still required).
Just want to appreciate the nostalgia of the classic Windows Update website? Legacy Update can also be installed on Windows 10 and 11. This works even on versions of these OSes that have removed Internet Explorer. Legacy Update won’t modify your Windows 10 or 11 installation.
Uppi is a robust uptime monitoring solution built with Laravel, designed to track the availability of your web services and notify you when issues arise. Continuously monitors the status of your web services in realtime. Get notified when services go down and when they recover. Visual representation of your monitors' status. Track and manage service disruptions. Multiple notification channels for alerts. Share your service status with your users, or embed it in your website.
Specifically gives you an installation process for building and deploying it, no Docker webshit. Has a mobile app. Looks like it can use both SQLite and MySQL as its datastore.
Vuls is an open-source, agentless vulnerability scanner based on information from uses multiple vulnerability databases NVD, JVN, OVAL, RHSA/ALAS/ELSA/FreeBSD-SA and Changelogs. The latest versions detect vulnerabilities that patches have not been published from distributors. Runs on a single machine, does its job over SSH, no need for installing and managing agent software. Runs anywhere you set it up. Remote scan mode is required to only setup one machine that is connected to other scan target servers via SSH. If you don't want the central Vuls server to connect to each server by SSH, you can use Vuls in the Local Scan mode. Fast scan mode scans without root privilege, no internet access, almost no load on the scan target server. Deep scan mode scans in more detail. It is possible to detect vulnerabilities in non-OS packages, such as something you compiled by yourself, language libraries and frameworks, that have been registered in the CPE.
O&O ShutUp10++ means you have full control over which comfort functions under Windows 10 and Windows 11 you wish to use, and you decide when the passing on of your data goes too far. Using a very simple interface, you decide how Windows 10 and Windows 11 should respect your privacy by deciding which unwanted functions should be deactivated. This software is entirely free and does not have to be installed – it can be simply run directly and immediately on your PC. And it will not install or download retrospectively unwanted or unnecessary software, like so many other programs do these days!
Disable Windows Copilot+ Recall, alter your security settings, control location services, disable telemetry for Microsoft Office, deny transmission of user data and diagnostics. Free of charge for private users, companies and educational institutions. Supports all Microsoft Windows 11 and Windows 10 builds. Available in multiple languages.
AWS publishes security bulletins for its various components. I didn't know they did that; nice surprise.
RSS: https://aws.amazon.com/security/security-bulletins/rss/feed/
The playground allows you to learn about systemd interactively, right from your browser! Create examples without the danger of breaking your system, and without being distracted by hundreds of unrelated unit files.
This service lets you create answer files (typically named unattend.xml or autounattend.xml) to perform unattended installations of both Windows 10 and Windows 11, including 24H2. Pick the settings you want (language, geographic region, platform and architecture, setup settings, disk partition, etc) and it'll generate an automatic installation file for you.
Microsoft's own de-bloating script for Windows.
Reads the list of installed Debian or Ubuntu packages on a system and outputs them as a JSON document on stdout.
pyinfra turns Python code into shell commands and runs them on your servers. Execute ad-hoc commands and write declarative operations. Target SSH servers, local machine and Docker containers. Fast and scales from one server to thousands. Think ansible but Python instead of YAML, and a lot faster.
Super fast execution over thousands of hosts with predictable performance. Instant debugging with realtime stdin/stdout/stderr output. Idempotent operations that enable diffs and dry runs before making changes. Extendable with the entire Python package ecosystem. Agentless execution against anything with shell access (not just Linux boxen with Python installed, I'm guessing). Integrated with connectors for Docker, Terraform, Vagrant and more.
List all IP ranges from: Google (Cloud & GoogleBot), Bing (Bingbot), Amazon (AWS), Microsoft, Oracle (Cloud), DigitalOcean, GitHub, Facebook (Meta), Twitter, Linode, Telegram, OpenAI (GPTBot) and CloudFlare with daily updates. All lists are obtained from public sources.
Includes IPv4 and IPv6.