Appsecco 's repositories
breaking-and-pwning-apps-and-servers-aws-azure-training
Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!
bugcrowd-levelup-subdomain-enumeration
This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference
spaces-finder
A tool to hunt for publicly accessible DigitalOcean Spaces
attacking-cloudgoat2
A step-by-step walkthrough of CloudGoat 2.0 scenarios.
defcon-26-workshop-attacking-and-auditing-docker-containers
DEF CON 26 Workshop - Attacking & Auditing Docker Containers Using Open Source
sqlinjection-training-app
A simple PHP application to learn SQL Injection detection and exploitation techniques.
using-docker-kubernetes-for-automating-appsec-and-osint-workflows
Repository for all the workshop content delivered at nullcon X on 1st of March 2019
dvcsharp-api
Damn Vulnerable C# Application (API)
opa-traefik-microservice-authz
Proof of concept implementation of a scenario using Open Policy Agent for microservices authorization in API Gateway (Traefik).
raneto-docker
Docker container for Markdown based Raneto Knowledgebase
sqlinjectionloginbypass
A simple app to demo SQL Injection login bypass
CloudPentestCheatsheets
This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.
devsecops-using-cloudnative-workshop
This repo contains workshop material delivered at #nullcon2020
c0c0n-2019-ctf-writeups
CTF write-ups from c0c0n 2019 CTF challenges that we participated
prowler-aws-securityhub-integration
Using Prowler to Automate Compliance Checks for AWS CIS Benchmarks
django-rev-shell
A simple django app to provide a reverse shell when deployed and invoked.
nodejs-google-idp-sample
Presentation with proof of concept code on using Google as Identity Provider for Web API authentication using NodeJS as backend and VueJS as frontend
asn-search-api
A Golang API over MaxMind ASN database
container-image-scanner-api
A minimalist Go API to scan Docker images for security vulnerabilities and weaknesses
secrets-in-google-cloud-run-with-google-cloud-build
Baking secrets in Google Cloud Run containers using Google Cloud Build
kubernetes-ptaas-scripts
Scripts to generate kubeconfig files required to perform a PT.
anchore-engine
A service that analyzes docker images and applies user-defined acceptance policies to allow automated container image validation and certification