ManicodeSecurity / Defending-DevOps

Related projects ⓘ

Alternatives and complementary repositories for Defending-DevOps

• owasp-cloud-security / owasp-cloud-security
  OWASP Cloud Security - Enabling conversations through threat and control stories
  ☆177Updated 5 years ago
• secmerc / materialize-threats
  ☆61Updated last year
• trailofbits / audit-kubernetes
  k8s audit repo
  ☆226Updated 5 years ago
• ksoclabs / kube-goat
  A deliberately vulnerable Kubernetes cluster
  ☆118Updated 11 months ago
• NodyHub / k8s-ctf-rocks
  Kubernetes Easter CTF
  ☆58Updated 4 years ago
• wickett / lambhack
  A very vulnerable serverless application in AWS Lambda
  ☆94Updated 5 years ago
• thought-machine / dracon
  Security scanning & static analysis tool
  ☆93Updated last month
• mauilion / blackhat-2019
  ☆48Updated 4 years ago
• nccgroup / G-Scout
  Google Cloud Platform Security Tool
  ☆232Updated 5 years ago
• sethlaw / sputr
  Security Payload Unit Test Repository (SPUTR)
  ☆86Updated last year
• mykter / aws-security-cert-service-notes
  Security aspects of AWS products for the Security Specialist certification
  ☆208Updated 2 years ago
• stuhirst / awssecurity
  for AWS Security material
  ☆246Updated 2 years ago
• securekubernetes / securekubernetes
  Attacking and Defending Kubernetes Clusters: A Guided Tour
  ☆206Updated 3 years ago
• OWASP / Container-Security-Verification-Standard
  Container Security Verification Standard
  ☆57Updated 5 years ago
• we45 / orchestron-community
  Orchestron is an Application Vulnerability Management and Correlation Tool.Orchestron helps you solve one key problem "Find and fix vulne…
  ☆31Updated 2 years ago
• semgrep-old / rules-owasp-asvs
  Semgrep rules corresponding to the OWASP ASVS standard
  ☆27Updated 4 years ago
• secdec / attack-surface-detector-zap
  The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters
  ☆61Updated last year
• raesene / kube_security_lab
  ☆233Updated 2 months ago
• nccgroup / go-pillage-registries
  Pentester-focused Docker registry tool to enumerate and pull images
  ☆104Updated 4 years ago
• google / gke-auditor
  ☆74Updated 4 years ago
• appsecpipeline / AppSecPipeline-Specification
  AppSecPipeline Specification for DevOps automation.
  ☆38Updated last year
• bgeesaman / kube-env-stealer
  Automated GKE Kubelet Impersonation and Cluster Secret Stealer via kube-env
  ☆102Updated 5 years ago
• OWASP / Serverless-Goat
  OWASP ServerlessGoat: a serverless application demonstrating common serverless security flaws
  ☆320Updated 3 months ago
• we45 / DVFaaS-Damn-Vulnerable-Functions-as-a-Service
  Intentionally Vulnerable Serverless Functions to understand the specifics of Serverless Security Vulnerabilities
  ☆135Updated last year
• alexivkin / kubepwn
  Kubernetes Pwnage for all
  ☆54Updated 4 years ago
• OWASP / www-project-kubernetes-security-testing-guide
  OWASP Kubernetes Security Testing Guide
  ☆37Updated 2 months ago
• we45 / ThreatPlaybook
  A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestrat…
  ☆274Updated last week
• Netflix-Skunkworks / aws-credential-compromise-detection
  Example detection of compromise credentials in AWS
  ☆119Updated 6 years ago