Appsecco
VA/PT | DevSecOps | Cloud Native Security | Kubernetes | Docker | AWS
London, Bangalore, Boston
Pinned Repositories
attacking-cloudgoat2
A step-by-step walkthrough of CloudGoat 2.0 scenarios.
breaking-and-pwning-apps-and-servers-aws-azure-training
Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!
bugcrowd-levelup-subdomain-enumeration
This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference
devsecops-using-cloudnative-workshop
This repo contains workshop material delivered at #nullcon2020
dvja
Damn Vulnerable Java (EE) Application
dvna
Damn Vulnerable NodeJS Application
spaces-finder
A tool to hunt for publicly accessible DigitalOcean Spaces
the-art-of-subdomain-enumeration
This repository contains all the supplement material for the book "The art of sub-domain enumeration"
using-docker-kubernetes-for-automating-appsec-and-osint-workflows
Repository for all the workshop content delivered at nullcon X on 1st of March 2019
vulnerable-apps
Appsecco 's Repositories
appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training
Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!
appsecco/dvna
Damn Vulnerable NodeJS Application
appsecco/bugcrowd-levelup-subdomain-enumeration
This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference
appsecco/vulnerable-apps
appsecco/spaces-finder
A tool to hunt for publicly accessible DigitalOcean Spaces
appsecco/attacking-cloudgoat2
A step-by-step walkthrough of CloudGoat 2.0 scenarios.
appsecco/dvja
Damn Vulnerable Java (EE) Application
appsecco/defcon-26-workshop-attacking-and-auditing-docker-containers
DEF CON 26 Workshop - Attacking & Auditing Docker Containers Using Open Source
appsecco/sqlinjection-training-app
A simple PHP application to learn SQL Injection detection and exploitation techniques.
appsecco/VyAPI
VyAPI - A cloud based vulnerable hybrid Android App
appsecco/using-docker-kubernetes-for-automating-appsec-and-osint-workflows
Repository for all the workshop content delivered at nullcon X on 1st of March 2019
appsecco/dvcsharp-api
Damn Vulnerable C# Application (API)
appsecco/opa-traefik-microservice-authz
Proof of concept implementation of a scenario using Open Policy Agent for microservices authorization in API Gateway (Traefik).
appsecco/raneto-docker
Docker container for Markdown based Raneto Knowledgebase
appsecco/sqlinjectionloginbypass
A simple app to demo SQL Injection login bypass
appsecco/CloudPentestCheatsheets
This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.
appsecco/kubeseco
Application Security Workflow Automation using Docker and Kubernetes
appsecco/devsecops-using-cloudnative-workshop
This repo contains workshop material delivered at #nullcon2020
appsecco/c0c0n-2019-ctf-writeups
CTF write-ups from c0c0n 2019 CTF challenges that we participated
appsecco/prowler-aws-securityhub-integration
Using Prowler to Automate Compliance Checks for AWS CIS Benchmarks
appsecco/django-rev-shell
A simple django app to provide a reverse shell when deployed and invoked.
appsecco/nodejs-google-idp-sample
Presentation with proof of concept code on using Google as Identity Provider for Web API authentication using NodeJS as backend and VueJS as frontend
appsecco/asn-search-api
A Golang API over MaxMind ASN database
appsecco/container-image-scanner-api
A minimalist Go API to scan Docker images for security vulnerabilities and weaknesses
appsecco/secrets-in-google-cloud-run-with-google-cloud-build
Baking secrets in Google Cloud Run containers using Google Cloud Build
appsecco/kube-scan
kube-scan: Octarine k8s cluster risk assessment tool
appsecco/kubernetes-ptaas-scripts
Scripts to generate kubeconfig files required to perform a PT.
appsecco/anchore-engine
A service that analyzes docker images and applies user-defined acceptance policies to allow automated container image validation and certification
appsecco/J2M
[UNMAINTAINED] Convert from JIRA text formatting to GitHub Flavored MarkDown and back again
appsecco/kccss
Kubernetes Common Configuration Scoring System