pealtrufo's Stars
k88hudson/git-flight-rules
Flight rules for git
aquasecurity/trivy
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
blaCCkHatHacEEkr/PENTESTING-BIBLE
articles
kgretzky/evilginx2
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
kubescape/kubescape
Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and resources.
veeral-patel/how-to-secure-anything
How to systematically secure anything: a repository about security engineering
kyverno/kyverno
Cloud Native Policy Management
ossf/scorecard
OpenSSF Scorecard - Security health metrics for Open Source
RhinoSecurityLabs/pacu
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
madhuakula/kubernetes-goat
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀
inonshk/31-days-of-API-Security-Tips
This challenge is Inon Shkedy's 31 days API Security Tips.
cncf/tag-security
🔐CNCF Security Technical Advisory Group -- secure access, policy control, privacy, auditing, explainability and more!
OWASP/API-Security
OWASP API Security Project
magnologan/awesome-k8s-security
A curated list for Awesome Kubernetes Security resources
krol3/container-security-checklist
Checklist for container security - devsecops practices
aquasecurity/starboard
Moved to https://github.com/aquasecurity/trivy-operator
ossf/allstar
GitHub App to set and enforce security policies
OWASP/wrongsecrets
Vulnerable app with examples showing how to not use secrets
ksoclabs/awesome-kubernetes-security
A curated list of awesome Kubernetes security resources
StyraInc/awesome-opa
A curated list of OPA related tools, frameworks and articles
jatrost/awesome-kubernetes-threat-detection
A curated list of resources about detecting threats and defending Kubernetes systems.
iacsecurity/tool-compare
madhuakula/hacker-container
The Swiss Army Container for Cloud Native Security. Container with all the list of useful tools/commands while hacking and securing Containers, Kubernetes Clusters, and Cloud Native workloads.
developer-guy/awesome-falco
A curated list of Falco related tools, frameworks, blogs, podcasts, and articles
raspbernetes/k8s-security-policies
This repository offers a comprehensive library of security policies designed to enhance the security of Kubernetes cluster configurations. The policies are developed in accordance with the CIS Kubernetes benchmark.
salesforce/dockerfile-image-update
A tool that helps you get security patches for Docker images into production as quickly as possible without breaking things
Santandersecurityresearch/corsair_scan
Corsair_scan is a security tool to test Cross-Origin Resource Sharing (CORS).
aquasecurity/appshield
Security configuration checks for popular cloud native applications and infrastructure.
Santandersecurityresearch/DrHeader
drHEADer helps with the audit of security headers received in response to a single request or a list of requests.
dependency-check/Dependency-Check_Action
Github action to run dependency check