tldrsec / awesome-secure-defaults
Awesome secure by default libraries to help you eliminate bug classes!
☆669Updated 3 weeks ago
Related projects ⓘ
Alternatives and complementary repositories for awesome-secure-defaults
- Gram is Klarna's own threat model diagramming tool☆282Updated this week
- This is a companion to the Security Engineer Questions☆200Updated 11 months ago
- Create your own vulnerable by design AWS penetration testing playground☆331Updated 5 months ago
- ☆356Updated 7 months ago
- Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.☆489Updated 3 weeks ago
- Websec interview questions by tib3rius answered☆303Updated last year
- A built-to-be-vulnerable API application based on the OWASP top 10 API vulnerabilities. Use c{api}tal to learn, train and exploit API Sec…☆274Updated 7 months ago
- boostsecurityio/poutine☆231Updated this week
- ☆152Updated 2 months ago
- OWASP Domain Protect - prevent subdomain takeover☆397Updated last month
- Collection of Threat Models☆383Updated 2 years ago
- GitHub Actions Pipeline Enumeration and Attack Tool☆570Updated 3 months ago
- Open source templates you can use to bootstrap your security programs☆515Updated 3 weeks ago
- Cloud Commotion intends to cause chaos to simulate security incidents☆140Updated 5 months ago
- Lambda function that streamlines containment of an AWS account compromise☆315Updated 11 months ago
- RedFlag uses AI to identify high-risk code changes. Run it in batch mode for release candidate testing or in CI pipelines to flag PRs and…☆140Updated this week
- This repo contains IOC, malware and malware analysis associated with Public cloud☆244Updated last week
- Use AI to Scan Your Code from the Command Line for security and code smells. Bring your own keys. Supports OpenAI and Gemini☆149Updated 8 months ago
- GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment☆443Updated last month
- cloudgrep is grep for cloud storage☆318Updated this week
- A curated list of resources about detecting threats and defending Kubernetes systems.☆364Updated last year
- Generate datasets of cloud audit logs for common attacks☆184Updated 3 months ago
- CNAPPgoat is an open source project designed to modularly provision vulnerable-by-design components in cloud environments.☆266Updated 2 months ago
- Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets☆775Updated last week
- Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @Webbi…☆207Updated 2 months ago
- AWS Attack Path Management Tool - Walking on the Moon☆223Updated 3 weeks ago
- Documenting your Threat Models with HCL☆401Updated 2 months ago
- FlowAnalyzer is a tool to help in testing and analyzing OAuth 2.0 Flows, including OpenID Connect (OIDC).☆174Updated 4 months ago
- The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.☆169Updated 9 months ago
- Validate the isolation posture of your container environment.☆152Updated this week