Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Featured Repo: SkillTree

SkillTree's homepage

SkillTree is an innovative approach to implementing application training.

VIEW REPO

NSA-Developed Open Source Software

Welcome to the National Security Agency’s Open Source Software Site. The software listed below was developed within the National Security Agency and is available to the public for use. We encourage you to check it out!

accumulo-python3

Build Python 3 applications that integrate with Apache Accumulo

Apache Accumulo

Apache Accumulo

Apache NIFI

Automates the flow of data between systems. NiFi implements concepts of Flow-Based Programming and solves common data flow problems faced by enterprises.

AppLocker-Guidance

Configuration guidance for implementing application whitelisting with AppLocker. #nsacyber

AtomicWatch

Intel Atom C2000 series discovery tool that parses log files and returns results if a positive match is found. #nsacyber

BAM

The Binary Analysis Metadata tool gathers information about Windows binaries to aid in their analysis. #nsacyber

beer-garden

The beer-garden application

BitLocker-Guidance

Configuration guidance for implementing BitLocker. #nsacyber

Blocking-Outdated-Web-Technologies

Guidance for blocking outdated web technologies. #nsacyber

call-stack-profiler

SkillTree

Certificate-Authority-Situational-Awareness

Identifies unexpected and prohibited certificate authority certificates on Windows systems. #nsacyber

Chinese-State-Sponsored-Cyber-Operations-Observed-TTPs

Supporting files for the Chinese State-Sponsored Cyber Operations: Observed TTPs Cybersecurity Advisory. #nsacyber

CodeGov

Creates a code.gov code inventory JSON file based on GitHub repository information. #nsacyber

Control-Flow-Integrity

A proposed hardware-based method for stopping known memory corruption exploitation techniques. #nsacyber

Cyber-Challenge

Supporting files for cyber challenge exercises. #nsacyber

datawave

DataWave is an ingest/query framework that leverages Apache Accumulo to provide fast, secure data access.

datawave-accumulo-service

datawave-accumulo-utils

datawave-audit-service

datawave-authorization-service

datawave-base-rest-responses

datawave-common-utils

datawave-config-service

datawave-dictionary-service

The Dictionary service provides access to the data dictionary and edge dictionary. These services provide metadata about fields that are stored in Accumulo.

datawave-hazelcast-service

datawave-in-memory-accumulo

datawave-metadata-utils

datawave-metrics-reporter

datawave-microservices-root

datawave-muchos

This project leverages Ansible to automate DataWave deployments on your cluster

datawave-parent

datawave-query-metric-service

datawave-service-parent

datawave-spring-boot-starter

datawave-spring-boot-starter-audit

datawave-spring-boot-starter-cache

datawave-type-utils

datawave-utils

DCP

Digest, stat, and copy files from one location to another in the same read pass

Detect-CVE-2017-15361-TPM

Detects Windows and Linux systems with enabled Trusted Platform Modules (TPM) vulnerable to CVE-2017-15361. #nsacyber

dm3k

The Decision Maximizer 3000 optimization project

Driver-Collider

Blocks drivers from loading by using a name collision technique. #nsacyber

emissary

Distributed P2P Data-driven Workflow Framework

enigma-simulator

An educational demonstration of breaking the Enigma machine

Event-Forwarding-Guidance

Configuration guidance for implementing collection of security relevant Windows Event Log events by using Windows Event Forwarding. #nsacyber

femto

Sequence Indexing and Search

fractalrabbit

Simulate realistic trajectory data seen through sporadic reporting

ghidra

Ghidra is a software reverse engineering (SRE) framework

ghidra-data

Supporting Data Archives for Ghidra

goSecure

An easy to use and portable Virtual Private Network (VPN) system built with Linux and a Raspberry Pi. #nsacyber

GRASSMARLIN

Provides situational awareness of Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) networks in support of network security assessments. #nsacyber

Hardware-and-Firmware-Security-Guidance

Guidance for the Spectre, Meltdown, Speculative Store Bypass, Rogue System Register Read, Lazy FP State Restore, Bounds Check Bypass Store, TLBleed, and L1TF/Foreshadow vulnerabilities as well as general hardware and firmware security guidance. #nsacyber

HIRS

Trusted Computing based services supporting TPM provisioning and supply chain validation concepts. #nsacyber

HTTP-Connectivity-Tester

Aids in discovering HTTP and HTTPS connectivity issues. #nsacyber

kmyth

lemongraph

Log-based transactional graph engine

lemongrenade

Data-driven automation platform

LOCKLEVEL

A prototype that demonstrates a method for scoring how well Windows systems have implemented some of the top 10 Information Assurance mitigation strategies. #nsacyber

MADCert

Create root and intermediate Certificate Authorities, issue user and server certificates, etc. for testing purposes.

Maplesyrup

Assesses CPU security of embedded devices. #nsacyber

Mitigating-Obsolete-TLS

Guidance for mitigating obsolete Transport Layer Security configurations. #nsacyber

Mitigating-Web-Shells

Guidance for mitigation web shells. #nsacyber

NB Gallery

nbgallery is a user-friendly Jupyter notebook sharing and collaboration platform.

netfil

A kernel network manager with monitoring and limiting capabilities for macOS. #nsacyber

netman

A userland network manager with monitoring and limiting capabilities for macOS. #nsacyber

Open Network Operations Platform

Radically simplifies the operation of enterprise networks with SDN applications that reside on top of an OpenFlow-capable network controller.

OpenAttestation

Software Development Kit to enable remotely retrieval and verify target platforms integrity

owf-framework

OZONE Widget Framework

paccor

The Platform Attribute Certificate Creator can gather component details, create, sign, and validate the TCG-defined Platform Credential. #nsacyber

PACE

Proactively-secure Accumulo with Cryptographic Enforcement (PACE) adds client-side encryption and signatures to Accumulo.

PACE-python

Pass-the-Hash-Guidance

Configuration guidance for implementing Pass-the-Hash mitigations. #nsacyber

pelz

PRUNE

Logs key Windows process performance metrics. #nsacyber

qgis-bulk-nominatim

Provides bulk nominatim geocoding for QGIS

qgis-d3datavis-plugin

QGIS D3 Date and Time Heatmap

qgis-datetimetools-plugin

QGIS conversion tools to display the local date, time, time zone, convert between UNIX time (Epoch), Julian dates, ISO8601, calculate the difference between two dates, select a location and time zone by clicking on the map and display the closet location and sun statistics.

qgis-earthsunmoon-plugin

qgis-kmltools-plugin

Fast KML Import and Export Plugin for QGIS

qgis-latlontools-plugin

QGIS tools to capture and zoom to coordinates using decimal, DMS, WKT, GeoJSON, MGRS, UTM, UPS, GEOREF, and Plus Codes notation. Provides external map support, MGRS & Plus Codes conversion and point digitizing tools.

qgis-lockzoom-plugin

QGIS Lock Zoom to Tile Scale

qgis-mgrs-plugin

QGIS Tools to capture and zoom to MGRS coordinates.

qgis-searchlayers-plugin

Enhanced textual vector layer searching in QGIS.

qgis-shapetools-plugin

Shape Tools creates geodesic shapes and includes a number of geodesic tools for QGIS including the XY to Line tool, geodesic densify tool, geodesic line break, geodesic measure tool, geodesic measurement layer, geodesic scale, rotate and translate tool, and digitize points at an azimuth & distance tools.

qonduit

A WebSocket library for use with Apache Accumulo

RandPassGenerator

A command-line utility for generating random passwords, passphrases, and raw keys. #nsacyber

RedhawkSDR

A software-defined radio (SDR) framework designed to support the development, deployment, and management of real-time software radio applications.

Scap Security Guide (SSG)

Security automation content in SCAP, OSCAL, Bash, Ansible, and other formats

SECURITY ENHANCEMENTS FOR ANDROID (SEANDROID)

Confines privileged processes based on security policies by enforcing mandatory access control over all Android processes. SE for Android has been part of Android since Android 4.3.

SECURITY-ENHANCED LINUX (SELINUX)

A mandatory access control mechanism in the Linux kernel that checks for allowed operations after standard discretionary access controls are checked. It can enforce rules on files and processes in a Linux system, and on the actions they perform, based on defined policies. SELinux has been part of the Linux kernel since version 2.6.0.

serial2pcap

Converts serial IP data, typically collected from Industrial Control System devices, to the more commonly used Packet Capture (PCAP) format. #nsacyber

simon-speck

The SIMON and SPECK families of lightweight block ciphers. #nsacyber

simon-speck-supercop

Fast implementations of the SIMON and SPECK lightweight block ciphers for the SUPERCOP benchmark toolkit. #nsacyber

SIMP

A system automation and configuration management stack targeted toward operational flexibility and policy compliance.

skills-client

SkillTree client libraries facilitating the rapid integration of a gamified tool training approach in conjunction with skills-service. Provides out of the box support for Angular, React, Vue.js, and native Javascript.

skills-client-examples

SkillTree skills-client-examples

skills-docs

SkillTree documentation, covering client integration, dashboard administration and deployment, and contribution guidelines.

skills-service

SkillTree is a micro-learning gamification platform supporting the rapid integration of a gamified tool training approach into new and existing applications.

skills-stress-test

SkillTree

Splunk-Assessment-of-Mitigation-Implementations

Automatically scores how well Windows systems have implemented some of the top 10 Information Assurance mitigation strategies. #nsacyber

timely

Accumulo backed time series database

unfetter

The main project for the Unfetter-Discover application. This is the project that will hold the configuration files, the docker-compose files, issue tracking, and documentation

WALKOFF

A flexible, easy to use, automation framework allowing users to integrate their capabilities and devices to cut through the repetitive, tedious tasks slowing them down. #nsacyber

WALKOFF-Apps

WALKOFF-enabled applications. #nsacyber

waterslide

WaterSlide is a streaming event-at-a-time architecture for processing metadata. It is designed to take in a set of streaming events from multiple sources, process them through a set of modules ("kids"), and return meaningful outputs.

Windows-Event-Log-Messages

Retrieves the definitions of Windows Event Log messages embedded in Windows binaries and provides them in discoverable formats. #nsacyber

Windows-Secure-Host-Baseline

Configuration guidance for implementing the Windows 10 and Windows Server 2016 DoD Secure Host Baseline settings. #nsacyber

XORSATFilter

A library for building efficient set-membership filters and dictionaries based on the Satisfiability problem.