Automation to assess the state of your M365 tenant against CISA's baselines

A DFIR tool written in Python.

Ostorlab KEV: One-command to detect most remotely known exploitable vulnerabilities. Sourced from CISA KEV, Google's Tsunami, Ostorlab's Asteroid and Bug Bounty programs.

SCuBA Secure Configuration Baselines and assessment tool for Google Workspace

A daily updated summary of the most frequent types of security advisories currently being reported from different sources.

A Trivy plugin that scans and outputs the results (vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more) to an interactive html file.

This repository contains curated ISACA CISA (Certified Information Systems Auditor) exam dump questions and study material. It is designed to help candidates prepare for the CISA certification exam by providing access to a wide range of practice questions and learning resources.

Daily archiver & triage issue creator for new releases of CISA's Known Exploited Vulnerabilities list

Native cloud infrastructure for automatically running ScubaGear/ScubaGoggles

KEV EPSS Data

Build a CVE library with aggregated CISA, EPSS and CVSS data

Detection for CVE-2025-8875 & CVE-2025-8876

CISA Known Exploited Vulnerabilities Catalog Enrichment

Crosswalk Nessus findings with the CISA Known and Exploited Vulnerabilities (KEV) catalog.

CISA Study Material

Terminal UI for searching CISA Known Exploited Vulnerabilities (KEV) catalog with EPSS exploit probability scores.

𝟰𝟱 𝗽𝗿𝗼𝗱𝘂𝗰𝘁𝗶𝗼𝗻-𝗴𝗿𝗮𝗱𝗲 𝗚𝗥𝗖 𝗽𝗿𝗼𝗺𝗽𝘁𝘀 𝗮𝗰𝗿𝗼𝘀𝘀 𝟭𝟯 𝗱𝗼𝗺𝗮𝗶𝗻𝘀. ISO 42001, ISO 27001, EU AI Act, NIST AI RMF, GDPR, DORA and more. Career and startup prompts no other GRC library has. Works with Claude, GPT-4o and Gemini. 𝗥𝗮𝘁𝗲𝗱 𝟵.𝟱/𝟭𝟬 𝗢𝗻 𝗨𝘀𝗮𝗯𝗶𝗹𝗶𝘁𝘆 𝗮𝗻𝗱 𝗣𝗿𝗮𝗰𝘁𝗶𝗰𝗮𝗹 𝗔𝗽𝗽𝗹𝗶𝗰𝗮𝘁𝗶𝗼𝗻

Scraper for daily renewal of the Known Exploited Vulnerabilities Catalog by CISA

An Ansible role for installing and configuring the Nessus Agent for the CISA CDM environment.

Detection for CVE-2025-53690