cloudnative-security Goto Github PK

docker-prometheus-cloudflare-exporter

Cloudflare exporter for Prometheus

dockprom

Docker hosts and containers monitoring with Prometheus, Grafana, cAdvisor, NodeExporter and AlertManager

festin

FestIn - S3 Bucket Weakness Discovery

flask-oauth2-login

See https://github.com/singingwolfboy/flask-dance

h4cker

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

hacking-kubernetes

httpx

httpx is a fast and multi-purpose HTTP toolkit allows to run multiple probers using retryablehttp library, it is designed to maintain the result reliability with increased threads.

jose

Python implementation of the Javascript Object Signing and Encryption (JOSE) framework (https://datatracker.ietf.org/wg/jose/charter/)

juice-shop

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

jwt_tool

:snake: A toolkit for testing, tweaking and cracking JSON Web Tokens

kaimonkey

KaiMonkey provides example vulnerable infrastructure to help cloud security, DevSecOps and DevOps teams explore and understand common cloud security threats exposed via infrastructure as code.

kubectl-curl

Kubectl plugin to run curl commands against kubernetes pods

kubernetes-goat

Kubernetes Goat is "Vulnerable by Design" Kubernetes Cluster. Designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security.

leapp

Leapp is the tool to access your cloud; It securely stores your access information and generates temporary credential sets to access your cloud ecosystem from your local machine.

linkedin-oauth2

test python for linkedin oauth

log4j-shell-poc

A Proof-Of-Concept for the recently found CVE-2021-44228 vulnerability.

mamba_dlp

mamba_dlp scans your cloud for sensitive data

masscan

TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.

materials

Bonus materials, exercises, and example projects for our Python tutorials

mimikatz

A little tool to play with Windows security

naabu

A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests

nodejs-jwt-authentication-sample

A NodeJS API that supports username and password authentication with JWTs

nodejs-todo-api

Node JS ToDo App sample.

nuclei

Nuclei is a fast tool for configurable targeted vulnerability scanning based on templates offering massive extensibility and ease of use.

nuclei-templates

Community curated list of templates for the nuclei engine to find security vulnerabilities.

oauth2-proxy

A reverse proxy that provides authentication with Google, Azure, OpenID Connect and many more identity providers.

offensive-terraform.github.io

Offensive Terraform Website

okta-oidc-flows-example

opencspm

Open Cloud Security Posture Management Engine

ots

One-Time-Secret sharing platform with a symmetric 256bit AES encryption in the browser