{"id":51469278,"url":"https://github.com/joemunene-by/ghostsuite","last_synced_at":"2026-07-06T15:00:53.926Z","repository":{"id":366455022,"uuid":"1275895129","full_name":"joemunene-by/ghostsuite","owner":"joemunene-by","description":"Eleven open-source security tools, one ghost. The ghostsuite family: recon, scanning, intrusion detection, malware triage, supply chain, cloud posture, and key management.","archived":false,"fork":false,"pushed_at":"2026-06-21T22:05:49.000Z","size":10,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-06-22T00:04:54.754Z","etag":null,"topics":["cybersecurity","devsecops","ghostsuite","infosec","monorepo","security","security-tools"],"latest_commit_sha":null,"homepage":null,"language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/joemunene-by.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-06-21T09:20:09.000Z","updated_at":"2026-06-21T22:05:53.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/joemunene-by/ghostsuite","commit_stats":null,"previous_names":["joemunene-by/ghostsuite"],"tags_count":null,"template":false,"template_full_name":null,"purl":"pkg:github/joemunene-by/ghostsuite","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/joemunene-by%2Fghostsuite","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/joemunene-by%2Fghostsuite/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/joemunene-by%2Fghostsuite/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/joemunene-by%2Fghostsuite/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/joemunene-by","download_url":"https://codeload.github.com/joemunene-by/ghostsuite/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/joemunene-by%2Fghostsuite/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":35195590,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-07-06T02:00:07.184Z","response_time":106,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cybersecurity","devsecops","ghostsuite","infosec","monorepo","security","security-tools"],"created_at":"2026-07-06T15:00:53.114Z","updated_at":"2026-07-06T15:00:53.908Z","avatar_url":"https://github.com/joemunene-by.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n  \u003cimg src=\"assets/lockup.svg\" alt=\"ghostsuite\" width=\"760\"\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  Eleven open-source security tools, one ghost. Production command-line tools spanning offensive, defensive, supply-chain, cloud, and cryptographic security. Each is installable, test-covered, and green on CI.\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"https://img.shields.io/badge/tools-11-6C9CFF?style=flat-square\"\u003e\n  \u003cimg src=\"https://img.shields.io/badge/tests-489%20passing-14B8A6?style=flat-square\"\u003e\n  \u003cimg src=\"https://img.shields.io/badge/python-3.11%20|%203.12-3776AB?style=flat-square\"\u003e\n  \u003cimg src=\"https://img.shields.io/badge/license-MIT-C4A1FF?style=flat-square\"\u003e\n\u003c/p\u003e\n\n---\n\n## The suite\n\n\u003ctable\u003e\n  \u003ctr\u003e\n    \u003ctd align=\"center\" width=\"33%\" valign=\"top\"\u003e\u003ca href=\"https://github.com/joemunene-by/ghostrecon\"\u003e\u003cimg src=\"assets/ghostrecon.svg\" width=\"76\" height=\"76\" alt=\"ghostrecon\"\u003e\u003cbr\u003e\u003cb\u003eghostrecon\u003c/b\u003e\u003c/a\u003e\u003cbr\u003e\u003csub\u003ePassive OSINT recon framework\u003c/sub\u003e\u003c/td\u003e\n    \u003ctd align=\"center\" width=\"33%\" valign=\"top\"\u003e\u003ca href=\"https://github.com/joemunene-by/ghostmap\"\u003e\u003cimg src=\"assets/ghostmap.svg\" width=\"76\" height=\"76\" alt=\"ghostmap\"\u003e\u003cbr\u003e\u003cb\u003eghostmap\u003c/b\u003e\u003c/a\u003e\u003cbr\u003e\u003csub\u003eWeb vulnerability scanner (XSS, SQLi)\u003c/sub\u003e\u003c/td\u003e\n    \u003ctd align=\"center\" width=\"33%\" valign=\"top\"\u003e\u003ca href=\"https://github.com/joemunene-by/ghostpwn\"\u003e\u003cimg src=\"assets/ghostpwn.svg\" width=\"76\" height=\"76\" alt=\"ghostpwn\"\u003e\u003cbr\u003e\u003cb\u003eghostpwn\u003c/b\u003e\u003c/a\u003e\u003cbr\u003e\u003csub\u003ePentest workflow orchestration\u003c/sub\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd align=\"center\" width=\"33%\" valign=\"top\"\u003e\u003ca href=\"https://github.com/joemunene-by/ghostscope\"\u003e\u003cimg src=\"assets/ghostscope.svg\" width=\"76\" height=\"76\" alt=\"ghostscope\"\u003e\u003cbr\u003e\u003cb\u003eghostscope\u003c/b\u003e\u003c/a\u003e\u003cbr\u003e\u003csub\u003eAI-based intrusion detection\u003c/sub\u003e\u003c/td\u003e\n    \u003ctd align=\"center\" width=\"33%\" valign=\"top\"\u003e\u003ca href=\"https://github.com/joemunene-by/ghostbox\"\u003e\u003cimg src=\"assets/ghostbox.svg\" width=\"76\" height=\"76\" alt=\"ghostbox\"\u003e\u003cbr\u003e\u003cb\u003eghostbox\u003c/b\u003e\u003c/a\u003e\u003cbr\u003e\u003csub\u003eStatic malware analysis sandbox\u003c/sub\u003e\u003c/td\u003e\n    \u003ctd align=\"center\" width=\"33%\" valign=\"top\"\u003e\u003ca href=\"https://github.com/joemunene-by/ghostdlp\"\u003e\u003cimg src=\"assets/ghostdlp.svg\" width=\"76\" height=\"76\" alt=\"ghostdlp\"\u003e\u003cbr\u003e\u003cb\u003eghostdlp\u003c/b\u003e\u003c/a\u003e\u003cbr\u003e\u003csub\u003eData-leak prevention and PII classifier\u003c/sub\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd align=\"center\" width=\"33%\" valign=\"top\"\u003e\u003ca href=\"https://github.com/joemunene-by/ghostsbom\"\u003e\u003cimg src=\"assets/ghostsbom.svg\" width=\"76\" height=\"76\" alt=\"ghostsbom\"\u003e\u003cbr\u003e\u003cb\u003eghostsbom\u003c/b\u003e\u003c/a\u003e\u003cbr\u003e\u003csub\u003eSoftware supply-chain analyzer\u003c/sub\u003e\u003c/td\u003e\n    \u003ctd align=\"center\" width=\"33%\" valign=\"top\"\u003e\u003ca href=\"https://github.com/joemunene-by/ghostchain\"\u003e\u003cimg src=\"assets/ghostchain.svg\" width=\"76\" height=\"76\" alt=\"ghostchain\"\u003e\u003cbr\u003e\u003cb\u003eghostchain\u003c/b\u003e\u003c/a\u003e\u003cbr\u003e\u003csub\u003eSolidity smart-contract auditor\u003c/sub\u003e\u003c/td\u003e\n    \u003ctd align=\"center\" width=\"33%\" valign=\"top\"\u003e\u003ca href=\"https://github.com/joemunene-by/ghostmobile\"\u003e\u003cimg src=\"assets/ghostmobile.svg\" width=\"76\" height=\"76\" alt=\"ghostmobile\"\u003e\u003cbr\u003e\u003cb\u003eghostmobile\u003c/b\u003e\u003c/a\u003e\u003cbr\u003e\u003csub\u003eAPK and IPA static analyzer\u003c/sub\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd align=\"center\" width=\"33%\" valign=\"top\"\u003e\u003ca href=\"https://github.com/joemunene-by/ghostcloud\"\u003e\u003cimg src=\"assets/ghostcloud.svg\" width=\"76\" height=\"76\" alt=\"ghostcloud\"\u003e\u003cbr\u003e\u003cb\u003eghostcloud\u003c/b\u003e\u003c/a\u003e\u003cbr\u003e\u003csub\u003eMulti-cloud posture (CSPM) scanner\u003c/sub\u003e\u003c/td\u003e\n    \u003ctd align=\"center\" width=\"33%\" valign=\"top\"\u003e\u003ca href=\"https://github.com/joemunene-by/ghostvault\"\u003e\u003cimg src=\"assets/ghostvault.svg\" width=\"76\" height=\"76\" alt=\"ghostvault\"\u003e\u003cbr\u003e\u003cb\u003eghostvault\u003c/b\u003e\u003c/a\u003e\u003cbr\u003e\u003csub\u003eKey management system (KMS)\u003c/sub\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n\u003c/table\u003e\n\n## One system, eleven tools\n\nThe suite shares more than a prefix. Every tool is built to the same standard: a Typer command-line interface, structured output to console, JSON, and SARIF for CI gating, real test coverage, GitHub Actions CI across Python 3.11 and 3.12, and an authorized-use posture by default. The visual identity is generated from a single design system, one ghost mark, one accent and one glyph per tool, so the family reads as one product line.\n\nThe throughline is the theme: security and safety are about what you cannot see directly, the adversary already inside the system, the failure that has not surfaced yet. These tools exist to make the invisible auditable.\n\n## The broader ghost ecosystem\n\nThe suite sits alongside the rest of the work under the same name:\n\n- **[GhostLM](https://github.com/joemunene-by/GhostLM)** is an 81M-parameter cybersecurity language model trained from scratch in PyTorch.\n- **[ghostloop](https://github.com/joemunene-by/ghostloop)** is a fail-closed safety runtime for embodied agents, published on PyPI.\n- **[ghostforensics](https://github.com/joemunene-by/ghostforensics)**, **[ghostsiem](https://github.com/joemunene-by/ghostsiem)**, **[ghostaudit](https://github.com/joemunene-by/ghostaudit)**, and **[ghostguard](https://github.com/joemunene-by/ghostguard)** round out the defensive and agent-safety tooling.\n\n## Authorized use\n\nThese are tools for authorized security work: assessments you are permitted to run, systems you own or have written permission to test, and defensive monitoring of your own infrastructure. Use them lawfully and with consent.\n\n## License\n\nMIT. Each tool is independently licensed in its own repository.\n\n---\n\n\u003cp align=\"center\"\u003e\n  Built by \u003ca href=\"https://github.com/joemunene-by\"\u003eJoe Munene\u003c/a\u003e, founder of \u003ca href=\"https://github.com/complexdevelopers\"\u003eComplex Developers\u003c/a\u003e.\n\u003c/p\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjoemunene-by%2Fghostsuite","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjoemunene-by%2Fghostsuite","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjoemunene-by%2Fghostsuite/lists"}