Stars
Kubernetes Security Checklist and Requirements - All in One (authentication, authorization, logging, secrets, configuration, network, workloads, dockerfile)
⛅️🔐 Security Requirements for Yandex.Cloud configuration: IAM, network access, key management, Kubernetes, audit logs.
This repository offers a comprehensive library of security policies designed to enhance the security of Kubernetes cluster configurations. The policies are developed in accordance with the CIS Kube…
Docker image to exploit RCE, try for pentest methods and test container security solutions (trivy, falco and etc.)
A container analysis and exploitation tool for pentesters and engineers.
Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF
OCI hook to trace syscalls and generate a seccomp profile
Help building an adaptive and fine-grained pod security policy
Write tests against structured configuration data using the Open Policy Agent Rego query language
Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.
ASOC, ASPM, DevSecOps, Vulnerability Management Using ArcherySec.
Awesome DevSecOps на русском языке
🛡️ Open-source and next-generation Web Application Firewall (WAF)
Plant environment data sensor aggregation / UI server.
A Django vulnerable Web application for testing the w3af framework
Майнд-карта для совместного структурирования проблем с безопасностью веб-приложений и подборки решений для них.