Demisto Platform - Content Repository

  •        112

This repo contains content provided by Demisto to automate and orchestrate your Security Operations. Here we will share our ever-growing list of playbooks, automation scripts, report templates and other useful content. We security folks love to tinker, keep enhancing and sharpening our toolset and we decided to open up everything and make it a collaborative process for the entire security community. We want to create useful knowledge and build flexible, customizable tools, sharing them with each other as we go along.

https://github.com/demisto/content
https://xsoar.pan.dev/

Tags
Implementation
License
Platform

   




Related Projects

Distribution - The Docker toolset to pack, ship, store, and deliver content

  •    Go

The Docker toolset to pack, ship, store, and deliver content. This repository's main product is the Docker Registry 2.0 implementation for storing and distributing Docker images. It supersedes the docker/docker-registry project with a new API design, focused around security and performance.

scap-security-guide - Baseline compliance content in SCAP formats

  •    Python

The purpose of this project is to create security policy content for various platforms -- Red Hat Enterprise Linux, Fedora, Ubuntu, Debian, and others. Our aim is to make it as easy as possible to write new and maintain existing security content in all the commonly used formats. "SCAP content" refers to documents in the XCCDF, OVAL and Source DataStream formats. These documents can be presented in different forms and by different organizations to meet their security automation and technical implementation needs. For general use we recommend Source DataStreams because they contain all the data you need to evaluate and put machines into compliance. The datastreams are part of our release ZIP archives.

ManifoldCF - Framework for connecting Source Content Repositories

  •    Java

ManifoldCF is an effort to provide an open source framework for connecting source content repositories like Microsoft Sharepoint, EMC Documentum FileNet, LiveLink (OpenText), Patriarch, Meridio (Autonomy), Windows shares to target repositories or indexes such as Apache Solr, QBase (formerly MetaCarta). It could also retrieve content from file system, JDBC connector, RSS crawler, and web crawler.

csp-builder - Build Content-Security-Policy headers from a JSON file (or build them programmatically)

  •    PHP

Easily integrate Content-Security-Policy headers into your web application, either from a JSON configuration file, or programatically. CSP Builder was created by Paragon Initiative Enterprises as part of our effort to encourage better application security practices.

Weceem - simple CMS built with Grails

  •    Java

Weceem is a CMS written with the Grails application framework (and associated plugins) that can be easily extended or embedded in your own Grails applications. There are numerous customisation points that allow you to tailor the security mechanisms, administration skin, url paths, scope for custom data types and server-side scripting using Groovy. It is built from the ground up to be embeddable as well as a standalone application.


Plone

  •    Python

Plone lets non-technical people create and maintain information using only a web browser. Perfect for web sites or intranets, Plone offers superior security without sacrificing extensibility or ease of use.

airship - Secure Content Management for the Modern Web - "The sky is only the beginning"

  •    PHP

The sky is only the beginning. CMS Airship is a secure-by-default content management system, blog engine, and application development framework written for PHP 7.2 and above.

DotNetNuke

  •    ASPNET

DotNetNuke is the most widely adopted web content management system (WCM or CMS) and application development platform for building web sites and web applications on Microsoft .NET.

edgedns - A high performance DNS cache designed for Content Delivery Networks

  •    Rust

A high performance DNS cache designed for Content Delivery Networks, with built-in security mechanisms to protect origins, clients and itself. On Linux, you may use that sample systemd service to start it.

harbor - An open source trusted cloud native registry project that stores, signs, and scans content.

  •    Go

Note: The master branch may be in an unstable or even broken state during development. Please use releases instead of the master branch in order to get stable binaries. Harbor is an an open source trusted cloud native registry project that stores, signs, and scans content. Harbor extends the open source Docker Distribution by adding the functionalities usually required by users such as security, identity and management. Having a registry closer to the build and run environment can improve the image transfer efficiency. Harbor supports replication of images between registries, and also offers advanced security features such as user management, access control and activity auditing.

awesome-iot-hacks - A Collection of Hacks in IoT Space so that we can address them (hopefully).

  •    

A curated list of hacks in IoT space so that researchers and industrial products can address the security vulnerabilities (hopefully). The table of content is generated with doctoc. Make sure you run it and update the table of content before making pull requests.

hacker101 - Hacker101

  •    Ruby

Hacker101 is a free class for web security. Whether you're a programmer with an interest in bug bounties or a seasoned security professional, Hacker101 has something to teach you. Hacker101 is structured as a set of video lessons -- some covering multiple topics, some covering a single one -- and can be consumed in two different ways. You can either watch them in the order produced as in a normal class (§ Sessions), or you can watch individual videos (§ Vulnerabilities). If you're new to security, we recommend the former; this provides a guided path through the content and covers more than just individual bugs.

Jackrabbit - Content Repository in Java

  •    Java

Apache Jackrabbit is a Content Repository fully conforming to JCR specification. Jackrabbit content repository is a hierarchical content store with support for structured and unstructured content, full text search, versioning, transactions, observation, and more.

DumpsterFire - "Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events

  •    Python

The DumpsterFire Toolset is a modular, menu-driven, cross-platform tool for building repeatable, time-delayed, distributed security events. Easily create custom event chains for Blue Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Turn paper tabletop exercises into controlled "live fire" range events. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts. The toolset is designed to be dynamically extensible, allowing you to create your own Fires (event modules) to add to the included collection of toolset Fires. Just write your own Fire module and drop it into the FireModules directory. The DumpsterFire toolset will auto-detect your custom Fires at startup and make them available for use.

Hippo CMS - Enterprise Java Content Management system

  •    Java

Hippo CMS (Hippo Content Management System) is the web-based graphical user interface that provides access to the content in the repository. It provides an easy way to create and manage your content, i.e. to write or upload, share, print, search, refer to, edit and structure content, assign rights to do so, have content automatically validated against your business rules and restore previous versions of the content.

ArpSite Content Management System

  •    Java

WWW XML+XSLT Content management system on J2SE with Tomcat and SQL-92 compatiblity database (like free MySQL or Oracle). Supports many sites, many groups, many users. XML-definition of content types, security system. Created with Apache Avalon.

JMDCMS Content Management System

  •    DotNet

JMDCMS is a powerfull module based Content Management System. Written in ASP.net and C# with SQL Server as database. Flexible automatic 3Col, 2Col, 1Col layout. Page Level / Module Level security and publishing control. Search engine friendly URL with ability to Set Page Title...

Nuxeo Document Management

  •    Java

Nuxeo DM manages and tracks the flow of content through the business cycle, addressing the common pitfalls of document duplication, lack of version tracking, time-consuming search and retrieval, and security and access issues. It captures content with different formats like scanned images, email, office documents, CAD files etc. Audit logging and configurable versioning policies helps to to track the content lifecycle.

VosaoCMS - simple CMS for Google App Engine

  •    Java

Vosao (vo-za) is a content management system (CMS) that enables you to build web sites and online applications on the Google App Engine platform for Java.

Bluemonday - A fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS

  •    Go

bluemonday is a HTML sanitizer implemented in Go. It is fast and highly configurable.bluemonday takes untrusted user generated content as an input, and will return HTML that has been sanitised against a whitelist of approved HTML elements and attributes so that you can safely include the content in your web page.