Penetrum LLC opensource security tool list.

Rapid Large-Scale Hunting and Collection for Enterprise AD Networks

反警方非法暴力取证的Win11安全加固策略 （Win11 Security Hardening Strategy Against Illegal Police Coercive Interrogation）

NovaTrace IR Kit is a lightweight, single-file PowerShell forensic evidence collection tool purpose-built for Windows incident response.

Prove your compliance posture with automated evidence and clear visualization. Open-source, OSCAL-native evidence collection from 30+ platforms with self-hosted/air-gapped deployment support.

EU AI Act compliance: scan, attest, document — from your IDE. Scanner catches code-verifiable violations, AI collects evidence for hybrid obligations, Human Gates capture pure attestations. Source-available (BSL 1.1), MCP-native, audit trail included.

Read-only, evidence-grade automation for FedRAMP 20x & Rev5: a TypeScript collector that captures AWS/GCP/Kubernetes config evidence for all 63 KSIs (223 requirements), benchmarks against NIST 800-53 at Low/Moderate/High, and signs it (Ed25519 + OSCAL) — plus a local multi-user tracker over the FRMR catalog.

ExamGurad is a portable Windows cyber-forensic tool that collects USB device history, event logs, and system activity evidence for academic integrity investigations.

Cross-platform scammer investigation toolkit. Collect evidence from scam websites and gaming platforms (Steam, PSN, Xbox, Discord), generate court-ready PDF reports, and file with FTC/FBI IC3/platform authorities.

This repository automates the collection and management of evidence from various tools and sources, committing the data for transparency and traceability. It's designed to gather evidence that tools like Vanta and others aren't built to collect.

SOC 2 · ISO 27001 · HIPAA compliance at $49/month — evidence stays on your machine. Electron desktop app or self-hosted Docker. Scheduled auto-scanning. Free tier available.

A stealth-mode survival and evidence-gathering toolkit designed for LGBTQ+ asylum seekers and marginalized communities. Painkillers by the marginalized, for the marginalized.

Tamper-evident evidence collection pipeline with append-only SQLite storage, hash-chain integrity, and one-shot audit CLI execution.

A high-performance engine that programmatically extracts infrastructure state into cryptographically signed evidence payloads.

Structured evidence ledger that turns pentest and DFIR artifacts into organized, timestamped case files.

Deterministic evidence collection pipeline for IncidentOps that discovers, filters, redacts, normalizes, and syncs source evidence into Core.

Practical labs, case studies, and investigation notes for CHFI v11 — covering digital forensics, malware forensics, incident response, evidence collection, and analysis tools.

Python SDK for collecting raw system signals into Decision Event Schema evidence units with provenance, attribution, temporal metadata, and validation.

Linux Threat Hunting and Incident Response Toolkit with 8 forensic modules covering evidence collection, malware detection, persistence hunting, IOC extraction, webshell scanning, rootkit checks, and timeline reconstruction, supports chain of custody, implemented in pure Bash

Automated XSS vulnerability discovery tool for learning security testing.