As an independent security consulting firm, we develop many custom capabilities over time. What happens when we decide that a capability no longer suits our needs to successfully execute tests for our customers? Previously, it sat in our internal Git repository gathering dust. We are going to change that moving forward by releasing unused capabilities publicly on what we are going to call “The Shelf.”

What is the Point?

We at TrustedSec believe that releasing these capabilities will serve a few purposes.

• Not every security consulting firm can afford a development team. This allows us to give back by putting out example code, like how we consume it from several locations, further advancing the sharing of ideas.
• It could help defenders see previously used tools to develop detection methodologies around.
• It shows our customers that we develop capabilities and shows a small sliver of what has existed to date.

What is on The Shelf?

Things we upload to The Shelf will fall into one of three (3) initial categories.

• Retired - capabilities we used in actual operations that are no longer utilized
• POC (proof of concept) - one-off capabilities used in actual operations that were used and then discarded
• Unfinished - capabilities that we put time into developing but that were never deployed due to any number of reasons

Anything placed in The Shelf will not be supported. The repository will not be accepting pull requests, nor will it allow issues.

Layout of The Shelf

The Shelf will be broken down into a number of folders. The three (3) categories above are top-level folders. Inside each of these folders will be subfolders for each project we have shelved. Those subfolders will contain a README that will start with what the project is. It will then give short story summarizing how the capability came to be and why it is being shelved.

Release Schedule for The Shelf

Initially, we intend to add items to The Shelf regularly as we go through our backlog of capabilities. Once that is done, items will be added as we finish with them, which will not occur regularly.

If you have found this interesting, check out what we have released here: https://github.com/trustedsec/The_Shelf