Kubernetes security notes and best practices
☆731Apr 15, 2022Updated 4 years ago
Alternatives and similar repositories for k8s-security
Users that are interested in k8s-security are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- k0otkit is a universal post-penetration technique which could be used in penetrations against Kubernetes clusters.☆301Aug 30, 2021Updated 4 years ago
- attackRmi☆259Oct 14, 2020Updated 5 years ago
- Multi-language web CGI interfaces exploits.☆395Aug 22, 2022Updated 3 years ago
- 一个全新的敏感文件发现工具☆225Jan 10, 2021Updated 5 years ago
- tomcat使用了自带session同步功能时,不安全的配置(没有使用EncryptInterceptor)导致存在的反序列化漏洞,通过精心构造的数据包, 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484,9484…☆213May 19, 2020Updated 6 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- (周瑜)Java - SpringBoot 持久化 WebShell(不仅仅是SpringBoot,适合任何符合JavaEE规范的服务)☆615Dec 29, 2021Updated 4 years ago
- Apache Solr Injection Research☆580Jan 28, 2020Updated 6 years ago
- X安蜜罐用的一些存在JSonp劫持的API☆92May 28, 2021Updated 5 years ago
- ☆147Jun 20, 2018Updated 7 years ago
- ☆131Jun 17, 2022Updated 4 years ago
- CVE-2020-1066-EXP支持Windows 7和Windows Server 2008 R2操作系统☆187Jun 17, 2020Updated 6 years ago
- JumpServer远程代码执行漏洞检测利用脚本☆204Feb 9, 2021Updated 5 years ago
- ☆77Jan 12, 2021Updated 5 years ago
- ☆153Jun 24, 2019Updated 6 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- 基于亚马逊S3\阿里云OSS\腾讯COS通信隧道的远程管理工具☆328Oct 10, 2020Updated 5 years ago
- 适用于weblogic和Tomcat的无文件的内存马(memshell)☆272Mar 4, 2022Updated 4 years ago
- Flask 内存马☆314Mar 26, 2021Updated 5 years ago
- 用于辅助安全工程师漏洞挖掘、测试、复现,集合了mock、httplog、dns tools、xss,可用于测试各类无回显、无法直观判断或特定场景下的漏洞。☆866Jul 21, 2019Updated 6 years ago
- Kubernetes Security - Best Practice Guide☆2,713Sep 11, 2019Updated 6 years ago
- some struts tag , attributes which out of the range will call SetDynamicAttribute() function, it will cause ONGL expression execute☆70Dec 14, 2020Updated 5 years ago
- Java Agent is a Java application probe of DongTai IAST, which collects method invocation data during runtime of Java application by dynam…☆698Dec 25, 2023Updated 2 years ago
- proxylogon exploit - CVE-2021-26857☆110Mar 11, 2021Updated 5 years ago
- A system that may trick hackers. 针对黑客的拟态欺骗系统。☆454Nov 20, 2025Updated 6 months ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- 内存马Demo合集 memshell demo for java / php / python☆425May 31, 2021Updated 5 years ago
- BCS(北京网络安全大会)2019 红队行动会议重点内容☆820Sep 4, 2019Updated 6 years ago
- 用于记录分享一些有趣的案例☆868Jan 10, 2022Updated 4 years ago
- 🌶 一些和容器化/容器编排/服务网格等技术相关的安全代码片段[自用备份]☆81Jul 23, 2021Updated 4 years ago
- ☆837Jun 7, 2022Updated 4 years ago
- 伪造Myslq服务端,并利用Mysql逻辑漏洞来获取客户端的任意文件反击攻击者☆359Apr 24, 2022Updated 4 years ago
- 通过 Redis 主从写出无损文件☆718May 25, 2020Updated 6 years ago
- MySQL JDBC Deserialization Payload / MySQL客户端jdbc反序列化漏洞payload☆13Feb 8, 2020Updated 6 years ago
- anti AV☆291Mar 12, 2020Updated 6 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- weaponized tool for CVE-2020-17144☆157Dec 9, 2020Updated 5 years ago
- awesome resources about cloud native security 🐿☆328Nov 4, 2023Updated 2 years ago
- 一个利用ASM对字节码进行污点传播分析的静态代码审计应用(添加了大量代码注释,适合大家进行源码学习)。也加入了挖掘Fastjson反序列化gadget chains和SQLInject(JdbcTemplate、MyBatis、JPA、Hibernate、原生jdbc等)静…☆456Mar 24, 2022Updated 4 years ago
- A tool to scan Kubernetes cluster for risky permissions☆1,427May 25, 2025Updated last year
- There is no pre-auth RCE in Jenkins since May 2017, but this is the one!☆608May 17, 2019Updated 7 years ago
- 利用agent hock指定的class,在jar运行周期内,用于跟踪被执行的方法,辅助做一些事情,比如挖洞啊☆124Jul 17, 2020Updated 5 years ago
- Help building an adaptive and fine-grained pod security policy☆328Oct 11, 2023Updated 2 years ago