Every Security Engineer Interview Question From Glassdoor.com

This repo contains the code for my secure code review challenges. People used this as the primary resource to pass FAANG AppSec interviews 😉

Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀

Securing open-source package ecosystems by originating, validating, and augmenting build attestations.

Pike is a tool for determining the permissions or policy required for IAC code

Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, and process activity on those runners, detecting threats in re…

Example solutions demonstrating how to implement patterns within the AWS Security Reference Architecture guide using CloudFormation (including Customizations for AWS Control Tower) and Terraform.

🥑 Language focused docker images, minus the operating system.

Audit your GitHub Actions workflow runs to see exactly which Actions were downloaded

CLI tool to generate terraform files from existing infrastructure (reverse Terraform). Infrastructure to Code

💻 A fully functional local AWS cloud stack. Develop and test your cloud & Serverless apps offline

Example AWS Resource control policies to get started or mature your usage of AWS RCPs.

A GitHub App that enforces approval policies on pull requests

Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark

Collection of semi-useful Service Control Policies and scripts to manage them

dnsReaper - subdomain takeover tool for attackers, bug bounty hunters and the blue team!

IMDSPOOF is a cyber deception tool that spoofs the AWS IMDS service to return HoneyTokens that can be alerted on.

Fast web fuzzer written in Go

Learn how to design large-scale systems. Prep for the system design interview. Includes Anki flashcards.

🛡️ Windows Hello™ style facial authentication for Linux

🐳 Matrix (An open network for secure, decentralized communication) server setup using Ansible and Docker

Community curated list of templates for the nuclei engine to find security vulnerabilities.

WireGuard VPN installer for Linux servers

Small and highly portable detection tests based on MITRE's ATT&CK.

☁️ ⚡ Granular, Actionable Adversary Emulation for the Cloud

Registers an Amazon ECS task definition and deploys it to an ECS service.

Inserts a container image URI into an Amazon ECS task definition JSON file.

Fast linters runner for Go