Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark

Hundreds of Offensive and Useful Docker Images for Network Intrusion. The name says it all.

Guide to securing and improving privacy on macOS

The Single Sign-On Multi-Factor portal for web apps

eBPF-based Networking, Security, and Observability

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

This guide details creating a secure Linux production system. OpenSCAP (C2S/CIS, STIG).

How to systematically secure anything: a repository about security engineering

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

🐊 Gatekeeper - Policy Controller for Kubernetes

Vulnerable app with examples showing how to not use secrets

Linux eBPF backdoor over TCP. Spawn reverse shells, RCE, on prior privileged access. Less Honkin, More Tonkin.

Smart SSH, HTTPS and MySQL bastion that requires no additional client-side software

Style guide for Rego

Automatic HTTPS for any Go program: fully-managed TLS certificate issuance and renewal

External Secrets Operator reads information from a third-party service like AWS Secrets Manager and automatically injects the values as Kubernetes Secrets.

The Kubernetes Security Profiles Operator

Kubernetes-native security toolkit

The Swiss Army knife for 802.11, BLE, HID, CAN-bus, IPv4 and IPv6 networks reconnaissance and MITM attacks.

A python phishing script for login phishing, image phishing video phishing and many more

Simple and flexible tool for managing secrets

Manage admission policies in your Kubernetes cluster with ease

Flipper Zero Unleashed Firmware

🐬 A collection of awesome resources for the Flipper Zero device.

Code signing and transparency for containers and binaries

nwipe secure disk eraser

Runtime Security Enforcement System. Workload hardening/sandboxing and implementing least-permissive policies made easy leveraging LSMs (BPF-LSM, AppArmor).

A fast TCP/UDP tunnel over HTTP

eBPF-based Security Observability and Runtime Enforcement

An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.