cnsolu's Stars
eip-work/kuboard-press
Kuboard 是基于 Kubernetes 的微服务管理界面。同时提供 Kubernetes 免费中文教程,入门教程,最新版本的 Kubernetes v1.23.4 安装手册,(k8s install) 在线答疑,持续更新。
abiosoft/colima
Container runtimes on macOS (and Linux) with minimal setup
labring/sealos
Sealos is a production-ready Kubernetes distribution. You can create any programming language and any framework development Env, create high availability databases like mysql/pgsql/redis/mongo, and run any docker image.
Tencent/secguide
面向开发人员梳理的代码安全指南
prowler-cloud/prowler
Prowler is an Open Cloud Security tool for AWS, Azure, GCP and Kubernetes. It helps for continuos monitoring, security assessments and audits, incident response, compliance, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more.
quay/clair
Vulnerability Static Analysis for Containers
kubescape/kubescape
Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and resources.
falcosecurity/falco
Cloud Native Runtime Security
bridgecrewio/checkov
Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
aquasecurity/kube-bench
Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark
turbot/steampipe
Zero-ETL, infinite possibilities. Live query APIs, code & more with SQL. No DB required.
nccgroup/ScoutSuite
Multi-Cloud Security Auditing Tool
tenable/terrascan
Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
aquasecurity/kube-hunter
Hunt for security weaknesses in Kubernetes clusters
neargle/my-re0-k8s-security
:atom: [WIP] 整理过去的分享,从零开始的Kubernetes攻防 🧐
tellerops/teller
Cloud native secrets management for developers - never leave your command line for secrets.
salesforce/policy_sentry
IAM Least Privilege Policy Generator
kubearmor/KubeArmor
Runtime Security Enforcement System. Workload hardening/sandboxing and implementing least-permissive policies made easy leveraging LSMs (BPF-LSM, AppArmor).
nccgroup/PMapper
A tool for quickly evaluating IAM permissions in AWS.
neuvector/neuvector
projectdiscovery/cloudlist
Cloudlist is a tool for listing Assets from multiple Cloud Providers.
cyberark/SkyArk
SkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS
BishopFox/iam-vulnerable
Use Terraform to create your own vulnerable by design AWS IAM privilege escalation playground.
mageni/mageni
Open-source vulnerability scanner
OpenCSPM/opencspm
Open Cloud Security Posture Management Engine
hdiv/hdiv
Hdiv CE | Application Self-Protection
cncf/contribute
🙋🏿♀️🙋🏽♂️🙋🏻♀️Contribution guide to the CNCF ecosystem
securisec/cliam
Cloud agnostic IAM permissions enumerator
goldfiglabs/introspector
A schema and set of tools for using SQL to query cloud infrastructure.
ElementakGod/kubequery
用sql查询k8s资源