security
Analysis of syscall sequence pattern from exploit codes for advanced system call sequence filtering for enhanced container security
Linux Runtime Security and Forensics using eBPF
SDLC evidence store and policy engine for your Software Supply Chain attestations, SBOMs, VEX, SARIF, QA reports, and more
Hardened Debian GNU/Linux distro auditing
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the …
An Argo CD plugin to replace placeholders in Kubernetes manifests with secrets stored in Hashicorp Vault.
A tool for checking the security hardening options of the Linux kernel
Snoop — инструмент разведки на основе открытых данных (OSINT world)
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
Monitor linux processes without root permissions
GTFOBins is a curated list of Unix-like executables that can be used to bypass local security restrictions in misconfigured systems.
Ingress node firewall implements Kubernetes operator to provision stateless ingress node level firewall rules, stateless ingress node firewall implementation is done using eBPF XDP kernel plugin
JumpServer is an open-source Privileged Access Management (PAM) platform that provides DevOps and IT teams with on-demand and secure access to SSH, RDP, Kubernetes, Database and RemoteApp endpoints…
A high performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar
Powerful+Fast+Low Privilege Kubernetes discovery tools
OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container …
Various tips & tricks
Sniff and attack networks that use IP-in-IP or VXLAN encapsulation protocols.
A reverse proxy that provides authentication with Google, Azure, OpenID Connect and many more identity providers.
A pure Unix shell script ACME client for SSL / TLS certificate automation
Open Source Cloud Native Application Protection Platform (CNAPP)
A Terminal UI for browsing security vulnerabilities (CVEs)
OliveTin gives safe and simple access to predefined shell commands from a web interface.