ValidIaC combines the best open-source tools to help ensure Infrastructure-as-Code best practices, hygiene & security.

ALL IN ONE Hacking Tool For Hackers

Tfsec is now part of Trivy

Automated CIS Benchmark Compliance Remediation for RHEL 8 with Ansible

Automated CIS Benchmark Compliance Remediation for RHEL 7 with Ansible

Best practices for segmentation of the corporate network of any company

⛏️ Extract accounts info from personal pages on various sites for OSINT purpose

A tool for finding memory leaks in web apps

Ultimate DevSecOps library

Easily and securely send things from one computer to another 🐊 📦

The StackRox Kubernetes Security Platform performs a risk analysis of the container environment, delivers visibility and runtime alerts, and provides recommendations to proactively improve security…

🔒 A compiled checklist of 300+ tips for protecting digital security and privacy in 2024

Collection of malware source code for a variety of platforms in an array of different programming languages.

Cloud Native Policy Management

Memray is a memory profiler for Python

Distributed self-replicating programs in Python

Prowler is an Open Cloud Security tool for AWS, Azure, GCP and Kubernetes. It helps for continuos monitoring, security assessments and audits, incident response, compliance, hardening and forensics…

🥑 Language focused docker images, minus the operating system.

Community curated list of templates for the nuclei engine to find security vulnerabilities.

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the …

A tool for securing CI/CD workflows with version pinning.

A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more

Home of the Renovate CLI: Cross-platform Dependency Automation by Mend.io

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Harness Open Source is an end-to-end developer platform with Source Control Management, CI/CD Pipelines, Hosted Developer Environments, and Artifact Registries.

Best DDoS Attack Script Python3, (Cyber / DDos) Attack With 56 Methods

Chaos Monkey is a resiliency tool that helps applications tolerate random instance failures.

Hurl, run and test HTTP requests with plain text.

Go microservice template for Kubernetes

Metlo is an open-source API security platform.