Analysis of syscall sequence pattern from exploit codes for advanced system call sequence filtering for enhanced container security

Linux Runtime Security and Forensics using eBPF

SDLC evidence store and policy engine for your Software Supply Chain attestations, SBOMs, VEX, SARIF, QA reports, and more

SSH Session Monitoring Daemon

Hidden parameters discovery suite

PCI-DSS compliant Debian 11/12 hardening

Hardened Debian GNU/Linux distro auditing

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the …

An Argo CD plugin to replace placeholders in Kubernetes manifests with secrets stored in Hashicorp Vault.

A tool for checking the security hardening options of the Linux kernel

Snoop — инструмент разведки на основе открытых данных (OSINT world)

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

Monitor linux processes without root permissions

GTFOBins is a curated list of Unix-like executables that can be used to bypass local security restrictions in misconfigured systems.

Ingress node firewall implements Kubernetes operator to provision stateless ingress node level firewall rules, stateless ingress node firewall implementation is done using eBPF XDP kernel plugin

JumpServer is an open-source Privileged Access Management (PAM) platform that provides DevOps and IT teams with on-demand and secure access to SSH, RDP, Kubernetes, Database and RemoteApp endpoints…

A high performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar

Powerful+Fast+Low Privilege Kubernetes discovery tools

OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container …

Main Sigma Rule Repository

Various tips & tricks

Sniff and attack networks that use IP-in-IP or VXLAN encapsulation protocols.

A reverse proxy that provides authentication with Google, Azure, OpenID Connect and many more identity providers.

A pure Unix shell script ACME client for SSL / TLS certificate automation

Open Source Cloud Native Application Protection Platform (CNAPP)

A Terminal UI for browsing security vulnerabilities (CVEs)

DPI bypass multi platform

Automated Access and Data Protection

OliveTin gives safe and simple access to predefined shell commands from a web interface.