Creates diagrams from textual descriptions!

Damn Vulnerable Kubernetes App (DVKA) is a series of apps deployed on Kubernetes that are damn vulnerable.

Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.

Web Desktop Operating System for low power platforms, Now written in Go!

🎨 Diagram as Code for prototyping cloud system architectures

An open-source remote desktop application designed for self-hosting, as an alternative to TeamViewer.

Open Source Cloud Native Application Protection Platform (CNAPP)

A programming language for the cloud ☁️ A unified programming model, combining infrastructure and runtime code into one language ⚡

Kubernetes RBAC static analysis & visualisation tool

CLI tool and library for generating a Software Bill of Materials from container images and filesystems

Red Canary Mac Monitor is an advanced, stand-alone system monitoring tool tailor-made for macOS security research. Beginning with Endpoint Security (ES), it collects and enriches system events, dis…

🧵 CLI tool for directly patching container images!

A collection of GCP IAM privilege escalation methods documented by the Rhino Security Labs team.

An OCI container runtime monitor written in Rust

EKS Logging Examples

Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝

Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

Programming framework for writing and deploying cloud applications.

Vulnerability scanner written in Go which uses the data provided by https://osv.dev

kube-scan: Octarine k8s cluster risk assessment tool

CLI Text Search across your infrastructure platforms, Universal Ctrl+F for infra

Greenbone Vulnerability Management Docker Image with OpenVAS

A simple app to help play and demo Cloud Native things

A tool to scan Kubernetes cluster for risky permissions

Awesome list of VCs investing in commercial open-source startups 💸

Runtime Security Enforcement System. Workload hardening/sandboxing and implementing least-permissive policies made easy leveraging LSMs (BPF-LSM, AppArmor).

Linux, Jenkins, AWS, SRE, Prometheus, Docker, Python, Ansible, Git, Kubernetes, Terraform, OpenStack, SQL, NoSQL, Azure, GCP, DNS, Elastic, Network, Virtualization. DevOps Interview Questions

Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.