iac security scan skills for your AI workflows

Bootstrap Kubernetes the hard way. No scripts.

Read-only developer endpoint scanner for on-disk package, extension, and developer-tool metadata, built to check exposure to known software supply-chain compromises.

This tool will be invaluable for: SIEM Testing - Generate realistic multi-source logs Security Training - Reproducible scenarios for education Development - Consistent test data for log processing …

Generate realistic synthetic security logs for cybersecurity threat hunting training and research

Protect against malicious code installed via npm, yarn, pnpm, npx, pnpx, pip, uv and poetry with Aikido Safe Chain. Free to use, no tokens required.

Scan your dev machine for AI agents, MCP servers, IDE extensions, and suspicious packages - in seconds.

An awesome collection of articles, papers, conferences, guides, and tools relating to deception in cybersecurity.

Master Terraform in 7 days using this Zero to Hero course.

A collection of Azure AD/Entra tools for offensive and defensive security purposes

Documentation for connecting Microsoft Sentinel and the ACSC CTIS platform

SOC investigation and detection lab using Microsoft Sentinel, KQL, and live Azure telemetry to investigate real brute-force attacks, engineer custom detections, and simulate Tier 1 analyst workflows.

Building environments to replicate small networks and deploy applications

Microsoft Sentinel2Go is an open source project developed to expedite the deployment of a Microsoft Sentinel research lab.

Welcome to the Microsoft Defender for Cloud community repository

A simple Python script to do quick, targeted recon of a given domain.

Production-grade MCP server giving Claude 27 security intelligence tools across 21 APIs — CVE lookup, EPSS scoring, CISA KEV, MITRE ATT&CK, Shodan, VirusTotal, and more.

This application gives Mac users in enterprise environments control over the administration of their machines by elevating their access level to administrator privileges on macOS. Users can set a t…

Detection engineering framework for CrowdStrike NG-SIEM — CQL detections, Python automation, and threat hunting queries mapped to MITRE ATT&CK

Some Threat Hunting queries useful for blue teamers

Repository with Sample KQL Query examples for Threat Hunting

A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 Defender).

Jenkins Role-Strategy plugin

Open-source GRC platform for modern security teams. Manage compliance (SOC 2, ISO 27001, HIPAA), risk registers, vendor assessments, and audits—all in one place. AI-powered, containerized, enterpri…

🐶 Automated code review tool integrated with any code analysis tools regardless of programming language

🐊 Policy Controller for Kubernetes

Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernet…

Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark

Head First Python 3rd Edition