Skip to content

Information for the CyberArk contributor community

License

Notifications You must be signed in to change notification settings

cyberark/community

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

73 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

CyberArk Commons

Welcome to the CyberArk Community!

Consider this your starting point for contributing to CyberArk code, documents, and getting involved in discussion.

Here, you'll find both general and team-specific resources that will guide you through the process of becoming a contributor to one of our open-source projects.

Table of Contents

Table of contents generated with markdown-toc

General Guidelines

Communicating

Start a conversation with us on Discourse!

Our CyberArk Commons Discourse is where we share tips and tricks for using our products and tools, updates on product changes and design conversations, discuss relevant blog posts and articles, and answer your questions. Join us there to find out what we're thinking about - we'd be glad to have you as part of our conversation!

Contributing

Many projects in our Github repositories encourage contribution, even this one! Our contributor's guide contains information on:

  1. Reporting an Issue
  2. Finding Issues to Work On
  3. Working on Issues
  4. Submitting a Pull Request

If you already know which project you'd like to work on, check out the Group-Specific Guidelines to learn more about additional tips and tricks as you get started.

Questions? Let's talk!

Group-Specific Guidelines

CyberArk publishes many open source projects in https://github.com/cyberark - and there are a few primary groups publishing this content who each may have slightly different guidelines for contributing. In this section, you can learn more about the projects each group is working on and read up on the contribution guidelines that are specific to each group.

What we do

At Conjur Open Source, we’re creating the tools to help you build applications safely and securely - without having to be a security expert. From our flagship Conjur server (a secret store and RBAC engine), to custom authenticators that make the secret zero problem a thing of the past, to Secretless Broker, which aims to make sure your apps never have to worry about secrets again.

Projects we work on

Visit our Conjur OSS Suite Landing Page to view a full list of our projects and find helpful resources for learning more about our approach to security!

What we do

The security research groups at CyberArk Labs are busy with studying the attack surface of common and emerging technologies. We fuzz, poke, bypass, maneuver, misuse, escalate, hijack, deny service, degrade, escape and exploit the technologies, and from time to time we share here new tools you can use to detect vulnerabilities and identify threats; based on our research of course.

You can have a look at what we are currently working on right here - https://www.cyberark.com/threat-research-blog/.

Projects we work on

We have a variety of projects for analyzing threats and detecting vulnerabilities. Click the dropdown below to view and browse them!

View Projects
Name Description
ACLight A script for advanced discovery of Privileged Accounts - includes Shadow Admins.
BlobHunter A tool for finding exposed data in Azure Blob Storage.
DLLSpy DLL Hijacking Detection Tool
EasyPeasy Find accounts using common and default passwords in Active Directory.
KDSnap KDSnap is a DLL extension for WinDbg that integrates your debugger with your virtualization platform of choice.
ketshash A little tool for detecting suspicious privileged NTLM connections, in particular Pass-The-Hash attack, based on event viewer logs.
Kubeletctl A command line tool that implement kubelet's API.
KubiScan A tool to scan Kubernetes cluster for risky permissions.
Mystique PowerShell module to play with Kerberos S4U extensions.
NetRay A modular, python tool that detects attacks against the Kerberos protocol.
PreCog Discover "HotSpots" - potential spots for credentials theft.
RiskySPN Detect and abuse risky SPNs
shimit A tool that implements the Golden SAML attack
SkyArk SkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS.
SkyWrapper A tool for discovering suspicious creation forms and uses of temporary tokens in AWS.
zBang zBang is a risk assessment tool that detects potential privileged account threats.