0x4C43

followers

following

stars

0x4C43's starred repositories

dive

A tool for exploring each layer in a docker image

Language:GoMIT44780 358 324

grype

A vulnerability scanner for container images and filesystems

Language:GoApache-2.08245 74 806

Web-Attack-Cheat-Sheet

Web Attack Cheat Sheet

CDK

📦 Make security testing of K8s, Docker, and Containerd easier.

Language:GoApache-2.03776 70 42

afrog

A Security Tool for Bug Bounty, Pentest and Red Teaming.

Language:GoMIT3248 55 102

my-re0-k8s-security

:atom: [WIP] 整理过去的分享，从零开始的Kubernetes攻防 🧐

Language:Shell2843 46 2

URLFinder

一款快速、全面、易用的页面信息提取工具，可快速发现和提取页面中的JS、URL和敏感信息。

Language:GoMIT2402 23 100

feeds

免费的公众号 RSS，支持扩展任意 APP

Language:JavaScript2083 6 3453

APIKit

APIKit：Discovery, Scan and Audit APIs Toolkit All In One.

Language:JavaGPL-3.01813 20 61

HummerRisk

HummerRisk 是云原生安全平台，包括混合云安全治理和云原生安全检测。

Language:JavaGPL-3.01772 111 215

awesome-cloud-security

awesome cloud security 收集一些国内外不错的云安全资源，该项目主要面向国内的安全人员

Apache-2.01672 270

QingScan

一个漏洞扫描器粘合剂,添加目标后30款工具自动调用；支持 web扫描、系统扫描、子域名收集、目录扫描、主机扫描、主机发现、组件识别、URL爬虫、XRAY扫描、AWVS自动扫描、POC批量验证，SSH批量测试、vulmap。

Language:PHPGPL-3.01661 22 31

ggshield

Find and fix 400+ types of hardcoded secrets and 70+ types of infrastructure-as-code misconfigurations.

Language:PythonMIT1592 34 189

container-security-checklist

Checklist for container security - devsecops practices

Apache-2.01493 37 1

SecurityInterviewGuide

网络信息安全从业者面试指南

GPL-3.01361 27 2

Chinese-Security-RSS

网络安全资讯的RSS订阅，网络安全博客的RSS订阅，网络安全公众号的RSS订阅

redtool

日常积累的一些红队工具及自己写的脚本，更偏向于一些diy的好用的工具，并不是一些比较常用的msf/awvs/xray这种

Language:Shell1310 28 1

peirates

Peirates - Kubernetes Penetration Testing tool

Language:GoGPL-2.01185 30 35

fetch-github-hosts

🌏 同步github的hosts工具，支持多平台的图形化和命令行，内置客户端和服务端两种模式~ | Synchronize GitHub hosts tool, support multi-platform graphical and command line, built-in client and server modes

Language:GoGPL-3.01076 21 19

neuvector

Language:GoApache-2.01048 27 295

LAW-GPT

中文法律对话语言模型

Language:Python998 8 40

goby-poc

451个goby poc，是否后门及重复自行判断，来源于网络收集的Goby&POC，不定时更新。

Language:Go909 200

Library-POC

基于Pocsuite3、goby编写的漏洞poc&exp存档

Language:Python819 310

TheRoadOfSO

学习安全运营的记录 | The knowledge base of security operation

Language:HTML670 90

EasyPen

EasyPen is a GUI program which helps pentesters do target discovery, vulnerability scan and exploitation

Language:JavaScript604 16 6

container-escape-check

docker container escape check || Docker 容器逃逸检测

Language:ShellMIT523 10 5

BeeScan-web

网络空间资产探测、网络测绘、Go语言、分布式、扫描、资产探测、资产测绘、红队、SRC | Cyberspace Asset Detection, Network Mapping, Go Language, Distributed, Scanning, Asset Detection, Asset Mapping, Red Team, SRC

Language:CSSMIT380 6 10

14Finger

功能齐全的Web指纹识别和分享平台,基于vue3+django前后端分离的web架构，并集成了长亭出品的rad爬虫的功能，内置了一万多条互联网开源的指纹信息。

Language:PythonGPL-3.0371 7 12

awesome-cloud-native-security

awesome resources about cloud native security 🐿

Cloud-Native-Security-Test

云原生(容器云)安全测试镜像

Language:Java600