tillerfoo Goto Github PK

all-defense-tool

本项目集成了全网优秀的攻防武器工具项目，包含自动化利用，子域名、目录扫描、端口扫描等信息收集工具，各大中间件、cms漏洞利用工具，爆破工具、内网横向及免杀、社工钓鱼以及应急响应等资料。

awesome-golang-security

Awesome Golang Security resources 🕶🔐

aws-eks-best-practices

A best practices guide for day 2 operations, including operational excellence, security, reliability, performance efficiency, and cost optimization.

checkov

Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.

cloud-native-security-book

《云原生安全：攻防实践与体系构建》资料仓库

codeql

《深入理解CodeQL》Finding vulnerabilities with CodeQL.

codeqlnote

Codeql学习笔记

cve_for_today

A script to fetch today new update cve info

firecracker

Secure and fast microVMs for serverless computing.

gosec

Golang security checker

hacking-with-golang

Golang安全资源合集

hsuan-fuzz

Hsuan-Fuzz: REST API Fuzzing by Coverage Level Guided Blackbox Testing

ingress-nginx

NGINX Ingress Controller for Kubernetes

k0otkit

k0otkit is a universal post-penetration technique which could be used in penetrations against Kubernetes clusters.

k8s-best-practices

A collection of best practices for running Kubernetes on Azure with AKS or ACS-Engine from the Intelligent Cloud Global Blackbelt team

kube-linter

KubeLinter is a static analysis tool that checks Kubernetes YAML files and Helm charts to ensure the applications represented in them adhere to best practices.

kube-pod-escape

Kubernetes POC for utilizing write mount to /var/log for getting a root on the host

kube2ram

kube2ram provides different Alibaba Cloud RAM roles for pods running on ACK

kubeletctl

A client for kubelet

kubescape

kubescape is the first tool for testing if Kubernetes is deployed securely as defined in Kubernetes Hardening Guidance by to NSA and CISA (https://www.nsa.gov/News-Features/Feature-Stories/Article-View/Article/2716980/nsa-cisa-release-kubernetes-hardening-guidance/)

kubesploit

Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized environments.

kubiscan

A tool to scan Kubernetes cluster for risky permissions

metarget

Metarget is a framework providing automatic constructions of vulnerable infrastructures.

multi-tenancy

A working place for multi-tenancy related proposals and prototypes.

neuvector

pouch

An Efficient Enterprise-class Container Engine

rbac-police

Evaluate the RBAC permissions of serviceaccounts, pods and nodes in Kubernetes clusters through policies written in Rego

secguide

面向开发人员梳理的代码安全指南

syzkaller

syzkaller is an unsupervised coverage-guided kernel fuzzer

xray

一款完善的安全评估工具，支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档