container-security
There are 77 repositories under container-security topic.
wazuh/wazuh
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
madhuakula/kubernetes-goat
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀
cdk-team/CDK
📦 Make security testing of K8s, Docker, and Containerd easier.
chaitin/veinmind-tools
veinmind-tools 是由长亭科技自研,基于 veinmind-sdk 打造的容器安全工具集
project-copacetic/copacetic
🧵 CLI tool for directly patching container images!
Metarget/metarget
Metarget is a framework providing automatic constructions of vulnerable infrastructures.
vchinnipilli/kubestriker
A Blazing fast Security Auditing tool for Kubernetes
opengovern/opensecurity
opensecurity: open-source security and compliance. See and secure your cloud, containers, code, networks, deployments, devices. Define your rules, get precise checks, fix gaps fast. Streamlined audits. No fluff.
Vinum-Security/kubernetes-security-checklist
Kubernetes Security Checklist and Requirements - All in One (authentication, authorization, logging, secrets, configuration, network, workloads, dockerfile)
sysdiglabs/kube-psp-advisor
Help building an adaptive and fine-grained pod security policy
Metarget/awesome-cloud-native-security
awesome resources about cloud native security 🐿
Metarget/k0otkit
k0otkit is a universal post-penetration technique which could be used in penetrations against Kubernetes clusters.
r0binak/MTKPI
🧰 Multi Tool Kubernetes Pentest Image
ellerbrock/docker-security-images
:closed_lock_with_key: Docker Container for Penetration Testing & Security
jetstack/paranoia
Inspect certificate authorities in container images
R3DRUN3/sploitcraft
🏴☠️ Hacking Guides, Demos and Proof-of-Concepts 🥷
mikeroyal/OpenShift-Guide
OpenShift Guide. Learn about the Red Hat OpenShift Container Platform, Data Science, Code Ready Containers, Podman, Buildah, and Kubernetes.
koslib/awesome-containerized-security
A collection of tools to improve your containerized apps security posture
twistlock/whoc
A container image that exfiltrates the underlying container runtime to a remote server
chaitin/libveinmind
一个由长亭自研,直观而可扩展的容器安全 SDK
grantseltzer/karn
Simplifying Seccomp enforcement in containerized or non-containerized apps
falcosecurity-retire/falco-security-workshop
Container Security Workshop covering using Falco on Kubernetes.
CloudDefenseAI/falco_extended_rules
Curating Falco rules with MITRE ATT&CK Matrix
brant-ruan/awesome-container-escape
collections of container escape techniques 🐿
paulveillard/cybersecurity-container-security
An ongoing & curated collection of awesome frameworks, and most important libraries, videos, learning tutorials , tools and and cool stuff about containers.
lightspin-tech/eks-creation-engine
The Amazon Elastic Kubernetes Service (EKS) Creation Engine (ECE) is a Python command-line program created by the Lightspin Office of the CISO to facilitate the creation and enablement of secure EKS Clusters.
0xN3utr0n/Kanis
Advanced threat detection solution for Linux.
anchore/ci-tools
Contains scripts for running anchore engine in CI pipelines
ExploitWorks/EscalateX
A powerful Linux privilege escalation scanner — a feature-rich and modern alternative to LinPEAS, built for speed, depth, and clarity.
pjbgf-archives/zaz
A command line tool to automatically generate seccomp profiles.
ansible-lockdown/Kubernetes1.6.1-CIS
Automated CIS Benchmark Compliance Remediation for Kubernetes 1.6.1 with Ansible
appvia/cosign-keyless-admission-webhook
Kubernetes admission webhook that uses cosign verify to check the subject and issuer of the image matches what you expect
slimdevops/slim-containers
Tutorials, examples, and streaming notes
sysdiglabs/security-playground
This is a sample application which runs an HTTP web server and allows to read and write files and exec commands
blues-man/vote-app-gitops
A demo of cloud-native Inner Loop and Outer Loop controlling a 2-tier app (Python + Go) with Red Hat OpenShift using Tekton Pipelines, Argo CD GitOps, Eclipse Che aka OpenShift DevSpaces and Quay.io registry
kube-tarian/sigrun
Sign your artifacts, source code or container images using Sigstore tools, Save the Signatures you want to use, and Validate & Control the deployments to allow only the known Sources based on Signatures, Maintainers & other payloads automatically.