rpujet's Stars
danielmiessler/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
OWASP/CheatSheetSeries
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
facebook/watchman
Watches files and records, or triggers actions, when they change.
google/sanitizers
AddressSanitizer, ThreadSanitizer, MemorySanitizer
kubescape/kubescape
Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and resources.
fuzzdb-project/fuzzdb
Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
priyankavergadia/google-cloud-4-words
The Google Cloud Developer's Cheat Sheet
nccgroup/ScoutSuite
Multi-Cloud Security Auditing Tool
google/osv-scanner
Vulnerability scanner written in Go which uses the data provided by https://osv.dev
jhaddix/tbhm
The Bug Hunters Methodology
open-policy-agent/gatekeeper
🐊 Gatekeeper - Policy Controller for Kubernetes
aquasecurity/tracee
Linux Runtime Security and Forensics using eBPF
microsoft/restler-fuzzer
RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services.
kuberhealthy/kuberhealthy
A Kubernetes operator for running synthetic checks as pods. Works great with Prometheus!
cisagov/Malcolm
Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.
NCSC-NL/log4shell
Operational information regarding the log4shell vulnerabilities in the Log4j logging library.
cisagov/decider
A web application that assists network defenders, analysts, and researchers in the process of mapping adversary behaviors to the MITRE ATT&CK® framework.
CodeIntelligenceTesting/jazzer
Coverage-guided, in-process fuzzing for the JVM
thalesgroup-cert/Watcher
Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.
zaproxy/community-scripts
A collection of ZAP scripts and tips provided by the community - pull requests very welcome!
transcend-io/terragrunt-atlantis-config
Generate Atlantis config for Terragrunt projects.
mondoohq/cnquery
open source, cloud-native, graph-based asset inventory
microsoft/rest-api-fuzz-testing
REST API Fuzz Testing (RAFT): Source code for self-hosted service developed for Azure, including the API, orchestration engine, and default set of security tools (including MSR's RESTler), that enables developers to embed security tooling into their CI/CD workflows
turnerlabs/antiope
AWS Inventory and Compliance Framework
snyk-labs/awesome-log4shell
An Awesome List of Log4Shell resources to help you stay informed and secure! 🔒
aws-samples/aws-auto-inventory
AWS Auto Inventory allows you to quickly and easily generate inventory reports of your AWS resources.
alphasoc/nfr
A lightweight tool to score network traffic and flag anomalies
JPCERTCC/MemoryForensic-on-Cloud
Memory Forensic System on Cloud
falcosecurity/pdig
ptrace-based event producer for udig
strongdm/log-export-container
A docker container for easily export strongDM query logs