A vulnerability scanner for container images and filesystems

An extremely fast Python package and project manager, written in Rust.

The open context layer that gives AI agents grounded, governed SQL across 20+ data sources, that helps you build GenBI, text-to-sql, dashboards, and advanced analytics.

A repository of breaches of AWS customers

Open Source realtime backend in 1 file

Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernet…

A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data into Splunk

A full insecure kubernetes application for testing security tools

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Multi-Cloud Security Auditing Tool

Prowler is the world’s most widely used open-source cloud security platform that automates security and compliance across any cloud environment.

A list of cloud security tools and vendors.

The Single Sign-On Multi-Factor portal for web apps, now OpenID Certified™

Light LDAP implementation

JumpServer is an open-source Privileged Access Management (PAM) platform that provides DevOps and IT teams with on-demand and secure access to SSH, RDP, Kubernetes, Database and RemoteApp endpoints…

Tool for auditing RBACs in Kubernetes

At LinkedIn, we are using this curriculum for onboarding our entry-level talents into the SRE role.

Fabric is an open-source framework for augmenting humans using AI. It provides a modular system for solving specific problems using a crowdsourced set of AI prompts that can be used anywhere.

Easily find roles and cluster roles attached to any user, service account, or group name in your Kubernetes cluster

kube2iam provides different AWS IAM roles for pods running on Kubernetes

A Kubernetes operator that simplifies the management of Role Bindings and Service Accounts.

Autogenerate RBAC policies based on Kubernetes audit logs

Windows Exploit Suggester - Next Generation

Exploitation paths allowing you to (mis)use the Windows Privileges to elevate your rights within the OS.

A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

Small and highly portable detection tests based on MITRE's ATT&CK.

Attack and defend active directory using modern post exploitation adversary tradecraft activity

a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )