tillerfoo Goto Github PK
Type: User
Type: User
本项目集成了全网优秀的攻防武器工具项目,包含自动化利用,子域名、目录扫描、端口扫描等信息收集工具,各大中间件、cms漏洞利用工具,爆破工具、内网横向及免杀、社工钓鱼以及应急响应等资料。
Awesome Golang Security resources 🕶🔐
A best practices guide for day 2 operations, including operational excellence, security, reliability, performance efficiency, and cost optimization.
Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
《云原生安全:攻防实践与体系构建》资料仓库
《深入理解CodeQL》Finding vulnerabilities with CodeQL.
Codeql学习笔记
A script to fetch today new update cve info
Secure and fast microVMs for serverless computing.
Golang security checker
Golang安全资源合集
Hsuan-Fuzz: REST API Fuzzing by Coverage Level Guided Blackbox Testing
NGINX Ingress Controller for Kubernetes
k0otkit is a universal post-penetration technique which could be used in penetrations against Kubernetes clusters.
A collection of best practices for running Kubernetes on Azure with AKS or ACS-Engine from the Intelligent Cloud Global Blackbelt team
KubeLinter is a static analysis tool that checks Kubernetes YAML files and Helm charts to ensure the applications represented in them adhere to best practices.
Kubernetes POC for utilizing write mount to /var/log for getting a root on the host
kube2ram provides different Alibaba Cloud RAM roles for pods running on ACK
A client for kubelet
kubescape is the first tool for testing if Kubernetes is deployed securely as defined in Kubernetes Hardening Guidance by to NSA and CISA (https://www.nsa.gov/News-Features/Feature-Stories/Article-View/Article/2716980/nsa-cisa-release-kubernetes-hardening-guidance/)
Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized environments.
A tool to scan Kubernetes cluster for risky permissions
Metarget is a framework providing automatic constructions of vulnerable infrastructures.
A working place for multi-tenancy related proposals and prototypes.
An Efficient Enterprise-class Container Engine
Evaluate the RBAC permissions of serviceaccounts, pods and nodes in Kubernetes clusters through policies written in Rego
面向开发人员梳理的代码安全指南
syzkaller is an unsupervised coverage-guided kernel fuzzer
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.