krol3 / kubernetes-security-checklist
Awesome resources about Security in Kubernetes
β42Updated 2 years ago
Alternatives and similar repositories for kubernetes-security-checklist:
Users that are interested in kubernetes-security-checklist are comparing it to the libraries listed below
- Container π¦ Security π Best Practices Checklist π & Slidesβ67Updated 4 years ago
- GCP GOAT is the vulnerable application for learn the GCP Securityβ64Updated last year
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. β¦β61Updated 9 months ago
- KubeStalk discovers Kubernetes and related infrastructure based attack surface from a black-box perspective.β171Updated 2 months ago
- This is vulnerable microservice written in many language to demonstrating OWASP API Top Security Risk (under development)β43Updated 2 years ago
- OWASP Foundation Web Respositoryβ34Updated 6 months ago
- The OWASP DevSecOps Guideline explains how we can implement a secure pipeline and use best practices and introduce tools that we can use β¦β66Updated 9 months ago
- Protect against subdomain takeoverβ93Updated 10 months ago
- DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raiderβ138Updated 3 years ago
- Curated list of security toolsβ64Updated last year
- OWASP Kubernetes security and compliance tool [WIP]β106Updated last year
- DustiLock is a tool to find which of your dependencies is susceptible to a Dependency Confusion attack.β37Updated 3 years ago
- The Open Security Summit is focused on the collaboration between, Developers and Application Securityβ45Updated 3 months ago
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagramsβ102Updated last month
- β239Updated 6 months ago
- OWASP Foundation Web Respositoryβ82Updated 2 months ago
- A small tool to help developers understand a huge set of security requirements from appsec teamsβ45Updated 2 years ago
- openrisk is a tool that generates a risk score based on the results of a Nuclei scan.β166Updated last month
- Jekyll Files for cloudsecwiki.comβ50Updated 3 years ago
- Purposely vulnerable Java application to help lead secure coding workshopsβ179Updated 9 months ago
- A curated list of Software Component Analysis (SCA) books, courses - free and paid, videos, tools, and tutorials.β103Updated 4 months ago
- A step-by-step walkthrough of CloudGoat 2.0 scenarios.β134Updated 4 years ago
- A tool for scanning public or private AMIs for sensitive files and secrets. The tool follows the research made on AWS CloudQuarry where wβ¦β104Updated 4 months ago
- Curating Falco rules with MITRE ATT&CK Matrixβ78Updated last year
- A project to visualize the software supply chainβ43Updated last year
- WAF bypass PoCβ46Updated last year
- An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websitesβ¦β58Updated 2 months ago
- OWASP Raider: a novel framework for manipulating the HTTP processes of persistent sessionsβ104Updated last year
- A full insecure kubernetes application for testing security toolsβ70Updated this week
- An extension to use Semgrep inside Burp Suite.β88Updated last year