A lightweight sandboxing tool for enforcing filesystem and network restrictions on arbitrary processes at the OS level, without requiring a container.

Raptor turns Claude Code into a general-purpose AI offensive/defensive security agent. By using Claude.md and creating rules, sub-agents, and skills, and orchestrating security tool usage, we confi…

Curated resources, research, and tools for securing AI systems

[Experimental] jail for Go modules

LEAKED SYSTEM PROMPTS FOR CHATGPT, GEMINI, GROK, CLAUDE, PERPLEXITY, CURSOR, DEVIN, REPLIT, AND MORE! - AI SYSTEMS TRANSPARENCY FOR ALL! 👐

Automatic Exploit Generation with LLMs

Specification and documentation for Agent Skills

Trail of Bits Claude Code skills for security research, vulnerability detection, and audit workflows

A comprehensive benchmark and analytics platform for evaluating Kubernetes security scanners. Features 235+ intentionally vulnerable manifests across 12 security categories, CCSS integration, Helm …

An Easy-to-use, Scalable and High-performance Agentic RL Framework based on Ray (PPO & DAPO & REINFORCE++ & TIS & vLLM & Ray & Async RL)

micromize is a security hardening tool designed to detect and break the post-exploit kill chain for containerized applications, leveraging BPF LSM.

Post-exploit a compromised etcd, gain persistence and remote shell to nodes.

A flexible, AI powered C2 framework built with operators in mind

A realistic exam simulator for CKAD, CKA, and CKS featuring timed sessions and hands-on labs with pre-configured clusters.

PatchEval: A New Benchmark for Evaluating LLMs on Patching Real-World Vulnerabilities

Pre-Built Vulnerable Environments Based on Docker-Compose

Benchmarking LLM agents on Cyber Threat Investigation.

Helm charts for running open source digital forensic tools in Kubernetes

The dragon in the dark. A red team post exploitation framework for testing security controls during red team assessments.

Rulezet is an open-source web platform for sharing, evaluating, improving, and managing cybersecurity detection rules (YARA, Sigma, Suricata, etc). It aims to foster collaboration among professiona…

Galah: An LLM-powered web honeypot.

Find relevant incidents, logs, events, and alerts to all of your incidents. [Attack Flows, Attack Chains, & Root Cause Discovery - NO LLMs, NO Queries, Just Explainable Machine Learning] >> Use it …

Behavioral Evaluation of Application Metrics (BEAM)

Real-time, container-based file scanning at enterprise scale

A security tool that detects malicious packages from external vulnerability feeds and searches for them in your package registries or artifact repositories.

ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring supporting 100s of services and evaluations to harden your CSP…

A client for kubelet

Modern image vulnerability scanning & patching platform with multi-tool integration.

Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start