Tomas Kracmar
97222b0498
Added to sovereign-tool-stack.md: Red Team & Adversary Simulation: - Sliver: open-source C2 replacing Cobalt Strike for adversary simulation - Stratus Red Team: executes real cloud attack techniques (AWS/Azure/GCP) - CloudFox: attacker-view cloud privilege mapping and exploitation Container & Runtime Security: - Falco: runtime threat detection for Kubernetes and Linux - Tetragon: eBPF-based security observability (noted as alternative) Endpoint Forensics & IR: - Velociraptor: remote forensic artefact collection and hunting across thousands of endpoints via VQL Threat Intelligence: - OpenCTI: structured threat actor/TTP/IOC correlation from Filigran Deception: - OpenCanary: lightweight honeypot for early network reconnaissance warning Code & Secrets Security: - GitLeaks: scans repositories for hardcoded secrets - Semgrep: lightweight static analysis with full data sovereignty Email Security Testing: - GoPhish: open-source phishing simulation and user training Certificate Monitoring: - CertStream + crt.sh: real-time and historical certificate transparency monitoring for subdomain discovery Updated: Complete Capability Matrix, Per-Module Tool Pairing (Module 9 and 10 now include extended tools), Deployment Complexity table, and Integration With Existing Frameworks cross-references.