andypitcher's Stars
liamg/traitor
:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
liamg/dismember
:knife: Scan memory for secrets and more. Maybe eventually a full /proc toolkit.
liamg/siphon
:alembic: Intercept stdin/stdout/stderr for any process
aquasecurity/tracee
Linux Runtime Security and Forensics using eBPF
mozillazg/ptcpdump
Process-aware, eBPF-based tcpdump
rancher/security-scan
Tests Kubernetes clusters for adherence to security best practices outlined in the CIS Kubernetes Benchmark using kube-bench.
rancher/rancher-selinux
SELinux policy files for Rancher
containers/selinuxd
A daemon that manages SELinux policies on a filesystem
kubernetes-sigs/security-profiles-operator
The Kubernetes Security Profiles Operator
anthraxx/linux-hardened
Minimal supplement to upstream Kernel Self Protection Project changes. Features already provided by SELinux + Yama and archs other than multiarch arm64 / x86_64 aren't in scope. Only tags have stable history. Shared IRC channel with KSPP: irc.libera.chat #linux-hardening
google/capslock
HarryHarcourt/Ansible-RHEL7-CIS-Benchmarks
This repository contains an Ansible Role for RHEL7 / CentOS based on the Center for Internet Security Benchmarks
HarryHarcourt/Ansible-Ubuntu18-CIS-Benchmarks
Ansible Ubuntu 18 Center for Internet Security Benchmarks
HarryHarcourt/Ansible-RHEL8-CIS-Benchmarks
Ansible role for RedHat Enterprise Linux release 8 following the CIS Benchmarks
alexandreborges/malwoverview
Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, ThreatFox, Triage, InQuest and it is able to scan Android devices against VT.
mathewmarcus/StopTLS
MitM proxy which performs opportunistic SSL/TLS stripping
frostbits-security/MITM-cheatsheet
All MITM attacks in one place.