Tomas Kracmar
97222b0498
feat: Extended arsenal — 13 additional tools for red team, forensics, cloud offensive, and DevSecOps
Added to sovereign-tool-stack.md:
Red Team & Adversary Simulation:
- Sliver: open-source C2 replacing Cobalt Strike for adversary simulation
- Stratus Red Team: executes real cloud attack techniques (AWS/Azure/GCP)
- CloudFox: attacker-view cloud privilege mapping and exploitation
Container & Runtime Security:
- Falco: runtime threat detection for Kubernetes and Linux
- Tetragon: eBPF-based security observability (noted as alternative)
Endpoint Forensics & IR:
- Velociraptor: remote forensic artefact collection and hunting across
thousands of endpoints via VQL
Threat Intelligence:
- OpenCTI: structured threat actor/TTP/IOC correlation from Filigran
Deception:
- OpenCanary: lightweight honeypot for early network reconnaissance warning
Code & Secrets Security:
- GitLeaks: scans repositories for hardcoded secrets
- Semgrep: lightweight static analysis with full data sovereignty
Email Security Testing:
- GoPhish: open-source phishing simulation and user training
Certificate Monitoring:
- CertStream + crt.sh: real-time and historical certificate transparency
monitoring for subdomain discovery
Updated: Complete Capability Matrix, Per-Module Tool Pairing (Module 9
and 10 now include extended tools), Deployment Complexity table, and
Integration With Existing Frameworks cross-references.
2026-05-09 17:13:41 +02:00
..
2026-05-09 16:53:22 +02:00
2026-05-09 17:05:18 +02:00
2026-05-09 16:53:22 +02:00
2026-05-09 17:05:18 +02:00
2026-05-09 16:53:22 +02:00
2026-05-09 16:58:36 +02:00
2026-05-09 17:05:18 +02:00
2026-05-09 16:53:22 +02:00
2026-05-09 16:53:22 +02:00
2026-05-09 16:53:22 +02:00
2026-05-09 17:13:41 +02:00
2026-05-09 17:05:18 +02:00
2026-05-09 16:53:22 +02:00