rmkanda / toolsLinks
Curated list of security tools
☆66Updated last year
Alternatives and similar repositories for tools
Users that are interested in tools are comparing it to the libraries listed below
Sorting:
- KaiMonkey provides vulnerable infrastructure as code (IaC) to help explore and understand common cloud security threats exposed via IaC.☆102Updated last year
- A Cloud Security Posture Manager or CSPM with a focus on security analysis for the modern cloud stack and a focus on the emerging threat …☆189Updated 11 months ago
- OWASP Kubernetes security and compliance tool [WIP]☆106Updated 2 years ago
- Ansible/Vagrant/Packer files to create a virtual machine with the tooling needed to perform cloud security assessments☆143Updated 7 months ago
- Holds the public Hacking the Cloud CTFs.☆56Updated last year
- A deliberately vulnerable Kubernetes cluster☆127Updated last year
- OWASP Foundation Web Respository☆45Updated 2 months ago
- Clean accounts over permissions in GCP infra at scale☆71Updated 2 years ago
- OWASP Foundation Web Respository☆97Updated 6 months ago
- OWASP Kubernetes Security Testing Guide☆38Updated 11 months ago
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …☆66Updated last month
- Container 📦 Security 🔐 Best Practices Checklist 📋 & Slides☆68Updated 4 years ago
- Discover vulnerabilities and container image misconfiguration in production environments.☆56Updated 2 weeks ago
- Convert cloudtrail data to MITRE ATT&CK Sightings☆80Updated 3 years ago
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…☆100Updated last year
- ☆140Updated this week
- ☆179Updated 3 months ago
- An AI-powered tool for discovering privilege escalation opportunities in AWS IAM configurations.☆114Updated this week
- A simple tool to audit your AWS/GCP infrastructure for misconfiguration or potential security issues with plugins integration☆329Updated this week
- GCP GOAT is the vulnerable application for learn the GCP Security☆64Updated 2 months ago
- PEACH - a step-by-step framework for modeling and improving SaaS and PaaS tenant isolation, by managing the attack surface exposed by use…☆71Updated 2 years ago
- A docker container to simplify and secure the use of Infrastructure as Code (IaC)☆77Updated last week
- Public repository of all things cloud security.☆43Updated 10 months ago
- A curated list of security tools for Hackers & Builders!☆100Updated last year
- The OWASP DevSecOps Guideline explains how we can implement a secure pipeline and use best practices and introduce tools that we can use …☆69Updated last year
- ☆112Updated 2 years ago
- A small tool to help developers understand a huge set of security requirements from appsec teams☆46Updated 2 years ago
- MetaHub is an automated contextual security findings enrichment and impact evaluation tool for vulnerability management.☆174Updated last week
- Tooling to simulate runtime attacks and test default runtime detections from Datadog Cloud Security Management.☆31Updated 9 months ago
- Monitor the internet attack surface of various public cloud environments. Currently supports AWS, GCP, Azure, DigitalOcean and Oracle Clo…☆126Updated last year