NSA Cybersecurity Directorate

Repositories

• Hardware-and-Firmware-Security-Guidance

  Guidance for the Spectre, Meltdown, Speculative Store Bypass, Rogue System Register Read, Lazy FP State Restore, Bounds Check Bypass Store, TLBleed, and L1TF/Foreshadow vulnerabilities as well as general hardware and firmware security guidance. #nsacyber

  audit vulnerability cve nessus spectre guidance meltdown
  90 357 2 0 Updated Oct 30, 2020

• HIRS

  Trusted Computing based services supporting TPM provisioning and supply chain validation concepts. #nsacyber

  validation supply-chain provisioning integrity trusted-platform-module trusted-computing
  Java 32 82 8 4 Updated Oct 30, 2020

• Event-Forwarding-Guidance

  Configuration guidance for implementing collection of security relevant Windows Event Log events by using Windows Event Forwarding. #nsacyber

  windows event-log siem
  PowerShell 136 555 5 5 Updated Oct 2, 2020

• WALKOFF

  A flexible, easy to use, automation framework allowing users to integrate their capabilities and devices to cut through the repetitive, tedious tasks slowing them down. #nsacyber

  python security workflow devops automation framework administration
  Python 190 774 32 (5 issues need help) 6 Updated Sep 22, 2020

• paccor

  The Platform Attribute Certificate Creator can gather component details, create, sign, and validate the TCG-defined Platform Credential. #nsacyber

  certificate certificates credential trusted-computing
  Java Apache-2.0 12 30 1 0 Updated Aug 25, 2020

• Mitigating-Web-Shells

  Guidance for mitigation web shells. #nsacyber

  guidance webshell mitigation webshells
  YARA 139 611 1 2 Updated Jul 21, 2020

• BAM

  The Binary Analysis Metadata tool gathers information about Windows binaries to aid in their analysis. #nsacyber

  metadata binary binary-analysis
  Python 16 81 8 0 Updated Jul 13, 2020

• unfetter

  Identifies defensive gaps in security posture by leveraging Mitre's ATT&CK framework. #nsacyber

  unfetter
  44 149 10 2 Updated May 11, 2020

• GRASSMARLIN

  Provides situational awareness of Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) networks in support of network security assessments. #nsacyber

  visualization monitor networking monitoring analysis network ics
  Java 229 599 23 0 Updated Feb 24, 2020

• AppLocker-Guidance

  Configuration guidance for implementing application whitelisting with AppLocker. #nsacyber

  windows applocker whitelisting application-whitelisting microsoft-applocker
  PowerShell 59 166 2 0 Updated Dec 17, 2019

• simon-speck

  The SIMON and SPECK families of lightweight block ciphers. #nsacyber

  cryptography crypto cipher ciphers cryptography-library crypto-library simon
  38 141 0 0 Updated Nov 12, 2019

• Blocking-Outdated-Web-Technologies

  Guidance for blocking outdated web technologies. #nsacyber

  web guidance
  PowerShell 8 27 0 0 Updated Oct 30, 2019

• PRUNE

  Logs key Windows process performance metrics. #nsacyber

  windows performance process performance-metrics etw
  C# 11 31 4 0 Updated Sep 30, 2019

• BitLocker-Guidance

  Configuration guidance for implementing BitLocker. #nsacyber

  microsoft windows encryption audit nessus guidance bitlocker
  HTML 30 62 0 0 Updated Jul 24, 2019

• nsacyber.github.io

  NSA Cybersecurity. Formerly known as NSA Information Assurance and the Information Assurance Directorate

  github-pages
  PowerShell 46 172 0 0 Updated Jun 14, 2019

• RandPassGenerator

  A command-line utility for generating random passwords, passphrases, and raw keys. #nsacyber

  password-generator password
  Java 10 19 0 0 Updated Jun 5, 2019

• HTTP-Connectivity-Tester

  Aids in discovering HTTP and HTTPS connectivity issues. #nsacyber

  testing http test https connection connectivity diagnostics
  PowerShell 27 56 6 0 Updated Mar 21, 2019

• WALKOFF-Apps

  WALKOFF-enabled applications. #nsacyber

  python iot security automation administration integration analytics
  YARA 41 118 4 1 Updated Mar 14, 2019

• Windows-Event-Log-Messages

  Retrieves the definitions of Windows Event Log messages embedded in Windows binaries and provides them in discoverable formats. #nsacyber

  windows event-log
  C# 91 332 17 0 Updated Mar 7, 2019

• CodeGov

  Creates a code.gov code inventory JSON file based on GitHub repository information. #nsacyber

  government json gov powershell-module
  PowerShell 14 15 0 0 Updated Jan 16, 2019

• Cyber-Challenge

  Supporting files for cyber challenge exercises. #nsacyber

  challenge cybersecurity cyber
  Jupyter Notebook 14 27 0 0 Updated Oct 5, 2018

• Windows-Secure-Host-Baseline Archived

  Configuration guidance for implementing the Windows 10 and Windows Server 2016 DoD Secure Host Baseline settings. #nsacyber

  windows auditing certificates chrome-browser audit windows-10 windows-server
  HTML 256 1,266 13 0 Updated Sep 12, 2018

• Detect-CVE-2017-15361-TPM Archived

  Detects Windows and Linux systems with enabled Trusted Platform Modules (TPM) vulnerable to CVE-2017-15361. #nsacyber

  rsa audit vulnerability cve nessus tpm trusted-platform-module
  PowerShell 23 32 1 0 Updated Sep 4, 2018

• simon-speck-supercop

  Fast implementations of the SIMON and SPECK lightweight block ciphers for the SUPERCOP benchmark toolkit. #nsacyber

  cryptography crypto cipher ciphers cryptography-library crypto-library simon
  C 16 34 0 0 Updated Jun 13, 2018

• Driver-Collider Archived

  Blocks drivers from loading by using a name collision technique. #nsacyber

  windows driver
  C 17 26 0 0 Updated Dec 18, 2017

• serial2pcap Archived

  Converts serial IP data, typically collected from Industrial Control System devices, to the more commonly used Packet Capture (PCAP) format. #nsacyber

  converter pcap convert conversion control-systems scada ics-scada
  Python 26 34 0 0 Updated Oct 25, 2017

• goSecure Archived

  An easy to use and portable Virtual Private Network (VPN) system built with Linux and a Raspberry Pi. #nsacyber

  linux raspberry-pi vpn strongswan
  Python 180 911 3 (1 issue needs help) 3 Updated Jun 27, 2017

• AtomicWatch Archived

  Intel Atom C2000 series discovery tool that parses log files and returns results if a positive match is found. #nsacyber

  atom cpu processor intel
  Python 19 23 0 0 Updated Jun 10, 2017

• Control-Flow-Integrity Archived

  A proposed hardware-based method for stopping known memory corruption exploitation techniques. #nsacyber

  control-flow control-flow-analysis control-flow-integrity
  C 51 128 0 0 Updated May 10, 2017

• netfil Archived

  A kernel network manager with monitoring and limiting capabilities for macOS. #nsacyber

  macos monitor networking monitoring network macosx
  C 32 92 0 0 Updated Mar 16, 2017