andifalk
I've been working in enterprise application development projects > 20 years. My focus is on agile development of cloud native applications on spring platform.
@NovatecConsulting Stuttgart
Pinned Repositories
api-security
All your APIs belong to me - API Security Demos
authorizationserver
Spring Boot OAuth 2.0 & OpenID Connect Identity Provider / Authorization Server
bookmark-service
A secure spring boot based java service providing an API to store and retrieve browser bookmarks
cloud-security-workshop
OAuth 2.1 and OpenID Connect for Java Developers
custom-spring-authorization-server
Customized version of the spring authorization server
oidc-workshop-spring-io-2019
Workshop at Spring I/O 2019 on "Securing Microservices with OpenID Connect and Spring Security 5.1"
reactive-spring-security-5-workshop
Hands-On workshop for securing a reactive spring boot 2 application in multiple steps
secure-oauth2-oidc-workshop
Hands-On Workshop for OAuth 2.0 and OpenID Connect 1.0
spring-cloud-gateway-workshop
Microservices on the Edge with Spring Cloud Gateway (Hands-On Workshop)
supply-chain-security
Demos for software supply chain security
andifalk's Repositories
andifalk/authorizationserver
Spring Boot OAuth 2.0 & OpenID Connect Identity Provider / Authorization Server
andifalk/cloud-native-microservices-security
Cloud-Native Microservice Security Bootcamp
andifalk/microservices-auth-authz-spring-security
Microservices Authentication & Authorization with Spring Security
andifalk/intro-to-semgrep
andifalk/keeping-secrets
Tutorials and demos about keeping secrets in software and platforms
andifalk/kubernetes-ckad
Helpful resources and hints for the Certified Kubernetes Application Developer Certification
andifalk/security-resources
Collection of security related resources like tools, docs, hints etc.
andifalk/spring-security-ldap-demo
Demo for authenticating users with Spring Security and LDAP
andifalk/dotnetcore-webapp
dotnet new webapp
andifalk/multitenant-jwt-security
Demo for JWT multitenancy
andifalk/security-testing-demo
Demo for automated security testing
andifalk/actions-workflow-samples
Help developers to easily get started with GitHub Action workflows to deploy to Azure
andifalk/angular-bff
andifalk/ASVS
Application Security Verification Standard (German Translation)
andifalk/camunda-bpm-junit5
Camunda Community Extension to write process tests with JUnit5
andifalk/custom-spring-boot-launch-script
Demo for packaging a spring boot executable using a custom embedded launch script
andifalk/cyclonedx-cli
Preview version of the CycloneDX CLI tool
andifalk/incident-demo
andifalk/katacoda-scenarios
Katacoda Scenarios
andifalk/keycloak-identity-broker
Keycloak as Identity Broker for different providers
andifalk/rails-boomark-api
Bookmarks service with ruby on rails
andifalk/siem-demo
Sample applications to demonstrate a SIEM (Security Information and Event Management) and Incident-Management
andifalk/spring-authorization-server-1
The Spring Authorization Server project is focused on delivering OAuth 2.1 Authorization Server support to the Spring community.
andifalk/spring-security-for-newbies
Spring Security Introduction Demos
andifalk/spring4shell-demo
andifalk/struts-rest-showcase-1
andifalk/terragoat
TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
andifalk/wstg
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
andifalk/www-project-top-ten
OWASP Foundation Web Respository
andifalk/yesses
yesses Security Configuration Scanner: Tool to enumerate domains and IPs and test those domains and IPs for basic network and web security properties.