Skip to content

@CiscoCXSecurity CiscoCXSecurityLabs

Change the repository type filter

All

    Repositories list

    133 repositories

    • Detection-Engineering-Framework

      Public
      Creative Commons Attribution 4.0 International
      103800Updated Aug 9, 2025Aug 9, 2025

    • presentations

      Public
      Presentations from the CX Security Labs team
      103300Updated Jul 24, 2025Jul 24, 2025

    • AI4SecOps

      Public
      2100Updated Jul 24, 2025Jul 24, 2025

    • signaturemap

      Public
      0000Updated Jul 11, 2025Jul 11, 2025

    • vibecoding-cdc-strategy

      Public
      HTML
      1000Updated Jul 1, 2025Jul 1, 2025

    • security-research-governance-toolkit

      Public
      Cisco CX Security Labs Security Research Governance Toolkit
      Creative Commons Attribution 4.0 International
      2000Updated Jun 21, 2025Jun 21, 2025

    • log4j

      Public archive
      Detection rules to look for Log4J usage and exploitation
      YARA
      The Unlicense
      21890Updated Jun 21, 2025Jun 21, 2025

    • DCOM-Audit

      Public
      DCOM-Audit: Enumerate, Audit, and Secure DCOM objects
      PowerShell
      3000Updated Jun 11, 2025Jun 11, 2025

    • osboxdeploy

      Public
      OSBoxDeploy is a set of Ansible playbooks and associated artefacts to deploy OpenStack compute hosted Docker containers. It is work in progress, so do not expect too much, too soon
      Python
      The Unlicense
      2100Updated May 10, 2025May 10, 2025

    • IOCs

      Public
      Indicators of Compromise
      Python
      38000Updated May 7, 2025May 7, 2025

    • enum4linux

      Public
      enum4Linux is a Linux alternative to enum.exe for enumerating data from Windows and Samba hosts
      Perl
      Other
      2441.3k40Updated Apr 23, 2025Apr 23, 2025

    • nac-collector

      Public
      Python
      Mozilla Public License 2.0
      9000Updated Apr 10, 2025Apr 10, 2025

    • unix-privesc-check

      Public
      Automatically exported from code.google.com/p/unix-privesc-check
      Shell
      224000Updated Mar 29, 2025Mar 29, 2025

    • security_content

      Public
      Splunk Security Content
      Python
      Apache License 2.0
      415100Updated Dec 17, 2024Dec 17, 2024

    • attack-ti

      Public
      Vertical and geographic extracts from MITRE ATT&CK
      Shell
      The Unlicense
      2000Updated Oct 27, 2024Oct 27, 2024

    • AdversaryShield

      Public
      Mitigate adversial attacks on LLMs via automatic deployment of predefined plugins.
      Python
      2000Updated Oct 10, 2024Oct 10, 2024

    • udp-proto-scanner

      Public
      udp-proto-scanner is a Perl script which discovers UDP services by sending triggers to a list of hosts
      Perl
      GNU General Public License v2.0
      239901Updated Jun 6, 2024Jun 6, 2024

    • meraki-hunting

      Public
      Threat hunting scripts for Cisco Meraki installations
      Python
      Other
      2000Updated May 10, 2024May 10, 2024

    • rdp-sec-check

      Public
      rdp-sec-check is a Perl script to enumerate security settings of an RDP Service (AKA Terminal Services)
      Perl
      GNU General Public License v2.0
      4722451Updated Mar 29, 2024Mar 29, 2024

    • Talon

      Public
      A password guessing tool that targets the Kerberos and LDAP services within the Windows Active Directory environment.
      Go
      MIT License
      81000Updated Feb 27, 2024Feb 27, 2024

    • XDR_demo_-_create_incident_from_apache_log_threat_analysis

      Public
      create an XDR incident from Attack Detection into apache log
      Python
      0000Updated Jan 6, 2024Jan 6, 2024

    • linikatz

      Public
      linikatz is a tool to attack AD on UNIX
      C
      BSD 3-Clause "New" or "Revised" License
      82571170Updated Oct 19, 2023Oct 19, 2023

    • Cisco-Security-Postman

      Public
      MIT License
      2000Updated Oct 9, 2023Oct 9, 2023

    • tcpy_scanner

      Public
      Fast cross-platform TCP Connect Scanner written in Python
      Python
      GNU General Public License v2.0
      0500Updated Sep 25, 2023Sep 25, 2023

    • linux-malware

      Public
      Tracking interesting Linux (and UNIX) malware. Send PRs
      HTML
      The Unlicense
      96200Updated Aug 18, 2023Aug 18, 2023

    • ssh-farm

      Public
      A simple tool to spawn multiple SSH services via docker.
      Python
      Apache License 2.0
      0000Updated Aug 2, 2023Aug 2, 2023

    • udpy_proto_scanner

      Public
      udpy_proto_scanner is a Python script which discovers UDP services by sending triggers to a list of hosts
      Python
      GNU General Public License v2.0
      04810Updated Aug 1, 2023Aug 1, 2023

    • unix-audit

      Public
      Framework for generating audit commands for Unix security audits
      Shell
      BSD 3-Clause "New" or "Revised" License
      136630Updated Aug 1, 2023Aug 1, 2023

    • unix_collector

      Public
      A live forensic collection script for various artefacts from UNIX-like systems.
      Shell
      GNU General Public License v3.0
      7600Updated Jul 10, 2023Jul 10, 2023

    • cloudmapper

      Public
      CloudMapper helps you analyze your Amazon Web Services (AWS) environments.
      JavaScript
      BSD 3-Clause "New" or "Revised" License
      831100Updated Feb 27, 2023Feb 27, 2023