abdullahgarcia / kubernetes-for-soc
kubernetes-for-soc aims to fast-track the learning curve for SOC analysts by enabling them to swiftly grasp the essential concepts and knowledge necessary to perform their critical duties.
β50Updated 9 months ago
Related projects: β
- π§° Multi Tool Kubernetes Pentest Imageβ207Updated 3 weeks ago
- β163Updated 2 months ago
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.β56Updated 6 months ago
- Tooling to simulate runtime attacks and test default runtime detections from Datadog Cloud Security Management.β29Updated 5 months ago
- β41Updated 10 months ago
- Nextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrixβ55Updated last year
- OPA policies for securing Docker APIβ10Updated last year
- Research on various techniques to bypass default falco ruleset (based on falco v0.28.1).β78Updated 7 months ago
- Supporting code and demos for KubeCon EU 2023 talk "Malicious Compliance: Reflections on Trusting Container Image Scanners"β64Updated 9 months ago
- HashiCorp-relevant rules for the Semgrep code analysis toolβ37Updated 11 months ago
- AWACS for RBAC. Tool for auditing CRUD permissions in Kubernetes' RBAC.β26Updated 3 months ago
- β60Updated 6 months ago
- A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.β58Updated 4 months ago
- Kubernetes audit logging, when you don't control the control planeβ64Updated this week
- truffleproc β hunt secrets in process memory (TruffleHog & gdb mashup)β110Updated last year
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation oβ¦β82Updated 8 months ago
- Curating Falco rules with MITRE ATT&CK Matrixβ74Updated 6 months ago
- Generate datasets of cloud audit logs for common attacksβ158Updated last month
- a tool to audit the istio service meshβ173Updated 2 years ago
- β106Updated 3 months ago
- A full insecure kubernetes application for testing security toolsβ41Updated last week
- β19Updated 5 months ago
- KubeStalk discovers Kubernetes and related infrastructure based attack surface from a black-box perspective.β166Updated last year
- β15Updated 2 months ago
- A library of Incident Response notebooks using Jupyter. We will show how you can leverage pre-defined notebook files to guide your incideβ¦β140Updated 10 months ago
- A replacement for "kubectl exec" that works over WebSocket connections.β27Updated 5 months ago
- Leveraging MISP indicators via a pDNS-based infrastructure as a poor manβs SOC.β48Updated 2 weeks ago
- pySigma backend for generating Grafana Loki/LogQL rulesβ35Updated this week
- An AI-powered tool for discovering privilege escalation opportunities in AWS IAM configurations.β93Updated 2 months ago
- Compares and analyzes GCP IAM roles.β76Updated 3 months ago