Skip to content

@CiscoCXSecurity CiscoCXSecurityLabs

Change the repository type filter

All

    Repositories list

    138 repositories

    • Detection-Engineering-Framework

      Public
      Creative Commons Attribution 4.0 International
      219600Updated Jan 7, 2026Jan 7, 2026

    • NeoPI

      Public
      Python
      Other
      12447932Updated Nov 28, 2025Nov 28, 2025

    • GCF-Practical-Threat-Detections-for-Telecommunications

      Public
      1000Updated Nov 26, 2025Nov 26, 2025

    • attack_data

      Public
      A repository of curated datasets from various attacks
      Python
      Apache License 2.0
      131000Updated Nov 5, 2025Nov 5, 2025

    • attack-ti

      Public
      Vertical and geographic extracts from MITRE ATT&CK
      Shell
      The Unlicense
      2000Updated Nov 1, 2025Nov 1, 2025

    • ai-bug-hunter

      Public
      AI bug hunter prompt
      3200Updated Sep 23, 2025Sep 23, 2025

    • Aegis

      Public
      National Cyber Defense Investment Planning and Modeling Tool
      JavaScript
      Creative Commons Attribution 4.0 International
      2000Updated Sep 13, 2025Sep 13, 2025

    • SOCStrategy

      Public
      HTML
      2000Updated Sep 2, 2025Sep 2, 2025

    • presentations

      Public
      Presentations from the CX Security Labs team
      103500Updated Jul 24, 2025Jul 24, 2025

    • AI4SecOps

      Public
      2100Updated Jul 24, 2025Jul 24, 2025

    • signaturemap

      Public
      0000Updated Jul 11, 2025Jul 11, 2025

    • security-research-governance-toolkit

      Public
      Cisco CX Security Labs Security Research Governance Toolkit
      Creative Commons Attribution 4.0 International
      2000Updated Jun 21, 2025Jun 21, 2025

    • log4j

      Public archive
      Detection rules to look for Log4J usage and exploitation
      YARA
      The Unlicense
      21890Updated Jun 21, 2025Jun 21, 2025

    • DCOM-Audit

      Public
      DCOM-Audit: Enumerate, Audit, and Secure DCOM objects
      PowerShell
      3000Updated Jun 11, 2025Jun 11, 2025

    • evtxpickup

      Public
      Windows Active Directory event (Evtx) collection script for scaled up forensic investigations.
      PowerShell
      GNU General Public License v3.0
      3000Updated Jun 5, 2025Jun 5, 2025

    • osboxdeploy

      Public
      OSBoxDeploy is a set of Ansible playbooks and associated artefacts to deploy OpenStack compute hosted Docker containers. It is work in progress, so do not expec…
      Python
      The Unlicense
      2100Updated May 10, 2025May 10, 2025

    • IOCs

      Public
      Indicators of Compromise
      Python
      40000Updated May 7, 2025May 7, 2025

    • enum4linux

      Public
      enum4Linux is a Linux alternative to enum.exe for enumerating data from Windows and Samba hosts
      Perl
      Other
      2471.4k41Updated Apr 23, 2025Apr 23, 2025

    • nac-collector

      Public
      Python
      Mozilla Public License 2.0
      19000Updated Apr 10, 2025Apr 10, 2025

    • unix-privesc-check

      Public
      Automatically exported from code.google.com/p/unix-privesc-check
      Shell
      225000Updated Mar 29, 2025Mar 29, 2025

    • security_content

      Public
      Splunk Security Content
      Python
      Apache License 2.0
      444100Updated Dec 17, 2024Dec 17, 2024

    • AdversaryShield

      Public
      Mitigate adversial attacks on LLMs via automatic deployment of predefined plugins.
      Python
      2000Updated Oct 10, 2024Oct 10, 2024

    • udp-proto-scanner

      Public
      udp-proto-scanner is a Perl script which discovers UDP services by sending triggers to a list of hosts
      Perl
      GNU General Public License v2.0
      2310101Updated Jun 6, 2024Jun 6, 2024

    • meraki-hunting

      Public
      Threat hunting scripts for Cisco Meraki installations
      Python
      Other
      3000Updated May 10, 2024May 10, 2024

    • rdp-sec-check

      Public
      rdp-sec-check is a Perl script to enumerate security settings of an RDP Service (AKA Terminal Services)
      Perl
      GNU General Public License v2.0
      4824151Updated Mar 29, 2024Mar 29, 2024

    • Talon

      Public
      A password guessing tool that targets the Kerberos and LDAP services within the Windows Active Directory environment.
      Go
      MIT License
      82100Updated Feb 27, 2024Feb 27, 2024

    • XDR_demo_-_create_incident_from_apache_log_threat_analysis

      Public
      create an XDR incident from Attack Detection into apache log
      Python
      0000Updated Jan 6, 2024Jan 6, 2024

    • linikatz

      Public
      linikatz is a tool to attack AD on UNIX
      C
      BSD 3-Clause "New" or "Revised" License
      82595170Updated Oct 19, 2023Oct 19, 2023

    • Cisco-Security-Postman

      Public
      MIT License
      1000Updated Oct 9, 2023Oct 9, 2023

    • tcpy_scanner

      Public
      Fast cross-platform TCP Connect Scanner written in Python
      Python
      GNU General Public License v2.0
      1500Updated Sep 25, 2023Sep 25, 2023