rmkanda / toolsLinks
Curated list of security tools
☆66Updated last year
Alternatives and similar repositories for tools
Users that are interested in tools are comparing it to the libraries listed below
Sorting:
- A small tool to help developers understand a huge set of security requirements from appsec teams☆45Updated 2 years ago
- OWASP Foundation Web Respository☆94Updated 4 months ago
- Clean accounts over permissions in GCP infra at scale☆71Updated 2 years ago
- CloudSplaining on AWS Managed Policies☆43Updated this week
- HashiCorp-relevant rules for the Semgrep code analysis tool☆41Updated last year
- Holds the public Hacking the Cloud CTFs.☆56Updated last year
- InfoSec OpenAI Examples☆19Updated last year
- Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts☆61Updated 2 years ago
- Compares and analyzes GCP IAM roles.☆77Updated 2 months ago
- The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.☆172Updated 6 months ago
- The OWASP DevSecOps Guideline explains how we can implement a secure pipeline and use best practices and introduce tools that we can use …☆66Updated 11 months ago
- OWASP Kubernetes Security Testing Guide☆38Updated 9 months ago
- https://breaches.cloud☆39Updated 7 months ago
- PEACH - a step-by-step framework for modeling and improving SaaS and PaaS tenant isolation, by managing the attack surface exposed by use…☆71Updated 2 years ago
- Discover vulnerabilities and container image misconfiguration in production environments.☆56Updated last week
- 🖇️ STRIDE vs. ASVS equivalence table☆76Updated 9 months ago
- Public repository of all things cloud security.☆41Updated 8 months ago
- A tool for preventing the installation of malicious PyPI and npm packages☆145Updated this week
- KaiMonkey provides vulnerable infrastructure as code (IaC) to help explore and understand common cloud security threats exposed via IaC.☆101Updated last year
- Threat Modeling Manifesto☆28Updated 10 months ago
- ☆112Updated last week
- A docker container to simplify and secure the use of Infrastructure as Code (IaC)☆73Updated this week
- Test & Compare different Kubernetes security offerings on EKS, GKE and AKS☆39Updated 9 months ago
- Convert cloudtrail data to MITRE ATT&CK Sightings☆80Updated 2 years ago
- ☆178Updated last month
- truffleproc — hunt secrets in process memory (TruffleHog & gdb mashup)☆118Updated last year
- ☆19Updated 3 years ago
- Modular Kubernetes lab which provides an easy and streamlined way to deploy a test cluster with support for different components.☆52Updated last year
- Awesome resources about Security in Kubernetes☆42Updated 2 years ago
- A curated list of security tools for Hackers & Builders!☆99Updated 10 months ago