Highlights
Stars
A deliberately vulnerable CI/CD environment. Learn CI/CD security through multiple challenges.
A collection of awesome security hardening guides, tools and other resources
Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.
Kubernetes Security Checklist and Requirements - All in One (authentication, authorization, logging, secrets, configuration, network, workloads, dockerfile)
A curated list for Awesome Kubernetes Security resources
Automate the creation of a lab environment complete with security tooling and logging best practices
This solution automatically deploys a single web access control list (web ACL) with a set of AWS WAF rules designed to filter common web-based attacks.
AzureGoat : A Damn Vulnerable Azure Infrastructure
A curated list of web3Security materials and resources For Pentesters and Bug Hunters.
A collection of real world AI/ML exploits for responsibly disclosed vulnerabilities
All the deals for InfoSec related software/tools this Black Friday
Install Magisk on Official Android Emulator
Welcome to the Very Vulnerable Lambda Application repository! This repository contains an intentionally vulnerable serverless application that serves as a testing environment for security professio…
WinRing0 is a hardware access library for Windows.
IoTGoat is a deliberately insecure firmware created to educate software developers and security professionals with testing commonly found vulnerabilities in IoT devices.
Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
A proof-of-concept Command & Control framework that utilizes the powerful AsyncSSH Python library which provides an asynchronous client and server implementation of the SSHv2 protocol and use PyNgr…
AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.
Cowrie SSH/Telnet Honeypot https://cowrie.readthedocs.io
⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
These are the labs for my Intro class. Yes, this is public. Yes, this is intentional.
SCADA StrangeLove Default/Hardcoded Passwords List