Alternate reports storage in Kubernetes outside etcd

Monitoring and Observability Tool for the PolicyReport CRD with an optional UI.

Creates PolicyReports based on the different Trivy Operator CRDs like VulnerabilityReports

Kubernetes-native security toolkit

Resumes generated using the GitHub informations

Managed app for aqua starboard

Documenting your Threat Models with HCL

Kubernetes Security Testing Guide

A curated list for Awesome Kubernetes Security resources

Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

Scan Kubernetes resource files , and helm charts for security configurations issues and best practices.

A simple WebUI with latest events from Falco

A curated list of Falco related tools, frameworks, blogs, podcasts, and articles

Example recipes for Kubernetes Network Policies that you can just copy paste

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the …

Directory/File, DNS and VHost busting tool written in Go

A curated list of awesome Microsoft Azure Security tools, guides, blogs, and other resources.

Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.

This repository offers a comprehensive library of security policies designed to enhance the security of Kubernetes cluster configurations. The policies are developed in accordance with the CIS Kube…

Commandline tool for me to play with concrete art.

KubeLinter is a static analysis tool that checks Kubernetes YAML files and Helm charts to ensure the applications represented in them adhere to best practices.

An enterprise friendly way of detecting and preventing secrets in code.

A curated list of awesome social engineering resources.

Only the best quality InfoSec-resources shared, based on regular sourcing of publicly available content found on the internet.

My curated list of awesome links, resources and tools on infosec related topics

A curated list of awesome infosec courses and training resources.

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

Git All the Payloads! A collection of web attack payloads.