Awesome! That's great! I knew it had been mentioned... and the
documentation on
NIST explains the
Social Engineering and
Endpoint Compromise SMS vulnerabilities, too! That document contains updates as of 03/02/2020. It says "[t]his publication is available free of charge from <
DOI.org link>."
(included in case the doi.org link is not updated to 02 March 2020, or is newer)
AHA! It's on Github. The comments and additions are handled via the
Issues section there.
__________________________________________________________________________________
unrelated amazement, while listing multitudes of related and other code and data:
Oh, wow! The
National Institute of Standards and Technology (Department of Commerce) section on Github has
780 repositories. Wow. That's quite a group of wrappers, code, frameworks, implementations, repositories (i.e. the entire
Lawrence LIvermore National Laboratory software catalog), modeling languages schemas, data sets (e.g. "
Data Set: Assessment of Bias Errors Caused by Texture and Sampling Methods in Diffraction-Based Steel Phase Measurements"), ASM pipelines for benchmarking genome assemblies, tools for
Automated Cryptographic Algorithm Validation (How could this help, as opposed to hinder, someone who is assessing cryptographic validity?
Would it be worthwhile?), biometrics assessment tools, data set generators for use by other tools, this
tool for characterizing the network behavior of IoT Devices (intriguing!), a
TrojAI literature review which contains 124 or more links to "curated papers and arXiv articles that are related to Trojan attacks, backdoor attacks, and data poisoning on neural networks and machine learning systems...", an
extensible JavaScript framework for analysis of deep zoom images on the web, text document collators and formatters for legal documents, a
software scraper, an
uncertainty machine, among many other things.
Most of the code is in Python, Java, C++, HTML, and JavaScript, but there's plenty of other code and other things, the broad categories of many of which I referred to above.
This is like a goldmine! I had no idea it existed, and I follow a huge list of repositories on github! I'll be lost until the pandemic is in the past! well,
maybe.
...and https://code.gov/ might contain even more (6388 repositories, to be precise), containing data scraped from various open-source repositories (such as github,
where code.gov is hosted, if I read the homepage correctly) to glean details about everything relating to Americans and offices and calendars and complaints about education resources and amputee databases, NASA software, a "Docker container for the gophish phishing framework"
and a "Cyber Hygiene system and overall documentation/issue tracking"
and "a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files) and Zeek logs."
and methods for creating and finding all manner of malware online and related things, and something described thusly: "This repository analyzes viral genomes using Nextstrain to understand how SARS-CoV-2, the virus that is responsible for the COVID-19 pandemic, evolves and spreads. This[...]will (by default) build augur all 50 states + DC + PR using the same parameters and subsampling strategy."
and a lot of other SARS-CoV-2 on-web-data-finding tools, an extensible network forensic analysis framework (Enables rapid development of plugins to support the dissection of network packet captures), a tool to track relationships between advisors and advisees used to train, advise, and assist the Afghan government, "a set of project setup and development tools for an awesome engineering team," Guacamole clientless remote desktop gateway, and, well, no matter your profession, hobbies, or interests, I'll bet you can find something relevant in one of these collections of repositories.
You can ALSO find things like what generated this navigable 3D map of mars, from the perspective of the Curiosity rover, using data taken from orbiters and Curiosity: https://accessmars.withgoogle.com/ <--This is pretty nifty!