advanced-terraform-2823489

Advanced Terraform

altoroj

WARNING: This app contains security vulnerabilities. AltoroJ is a sample banking J2EE web application. It shows what happens when web applications are written with consideration of app functionality but not app security. It's a simple and uncluttered platform for demonstrating and learning more about real-life application security issues.

amass

In-depth Attack Surface Mapping and Asset Discovery

anchore-engine

A service that analyzes docker images and applies user-defined acceptance policies to allow automated container image validation and certification

aquatone

A Tool for Domain Flyovers

arachni

archerysec

Centralize Vulnerability Assessment and Management for DevSecOps Team

asvs

Application Security Verification Standard

asvs-agile-delivery-guide

atlas-jekyll-theme

A jekyll theme for personal website

awesome-dotnet-security

Awesome .NET Security Resources

awesome-malware-analysis

Defund the Police.

aws-devsecops-factory

Sample DevSecOps pipelines (heavily biased on the "Sec") for various stacks and tools using open-source security tools and AWS native services

aws-security-benchmark

Open source demos, concept and guidance related to the AWS CIS Foundation framework.

batea

AI-based, context-driven network device ranking

brutesploit

BruteSploit is a collection of method for automated Generate, Bruteforce and Manipulation wordlist with interactive shell. That can be used during a penetration test to enumerate and maybe can be used in CTF for manipulation,combine,transform and permutation some words or file text :p

burpsuitecertifiedlabs

This repo is just a guide where you can find all labs of burp suite resolved, you can see the workflow and all type of web attacks

cam-hackers

Hack Cameras CCTV FREE

cassandra-workshop-series

All materials for the Cassandra Workshop Series in a single place

certandcredentials

cheat.sh

the only cheat sheet you need

checkov

Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.

cis-docker-benchmark

CIS Docker Benchmark - InSpec Profile

cloud-custodian

Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources

cloud-iac-scanner-action

codepulse

Code Pulse is a real-time code coverage tool for penetration testing activities

content-kubernetes-security

Kubernetes Security Course

cr3dov3r

Know the dangers of credential reuse attacks.

crwebapp

cs-suite

Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.