dragon040's repositories
security-remediation-guides
Security Remediation Guides
ansible-os-hardening
This Ansible role provides numerous security-related configurations, providing all-round base protection.
ansible-ssh-hardening
This Ansible role provides numerous security-related ssh configurations, providing all-round base protection.
awesome-web-security
🐶 A curated list of Web Security materials and resources.
aws_security_tools
Scripts and tools for AWS Pentest
Benchmark
OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web app written in Java, it supports analysis by Static (SAST), Dynamic (DAST), and Runtime (IAST) tools that support Java. The idea is that since it is fully runnable and all the vulnerabilities are actually exploitable, it’s a fair test for any kind of vulnerability detection tool. For more details on this project, please see the OWASP Benchmark Project home page.
bugbounty-cheatsheet
A list of interesting payloads, tips and tricks for bug bounty hunters.
chef-os-hardening
This chef cookbook provides numerous security-related configurations, providing all-round base protection.
ci-integrations
Example scripts to run Tinfoil Security via your CI
cis-docker-benchmark
CIS Docker Benchmark - InSpec Profile
cis-kubernetes-benchmark
CIS Kubernetes Benchmark - InSpec Profile
demoit
Live coding demos without Context Switching
dockerlabs
Docker | Kubernetes - Beginners | Intermediate | Advanced
dragon040.github.io
sample website
git-secrets
Prevents you from committing secrets and credentials into git repositories
hashicat-aws
Sample app for Terraform workshops
hashicat-azure
Sample app for Terraform workshops
k8s-sec.github.io
Links and resources for the O'Reilly Kubernetes Security book
kube-hunter
Hunt for security weaknesses in Kubernetes clusters
Mobile-Security-Framework-MobSF
Mobile Security Framework is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing framework capable of performing static analysis, dynamic analysis, malware analysis and web API testing.
NodeJsScan
NodeJsScan is a static security code scanner for Node.js applications.
puppet-os-hardening
This puppet module provides numerous security-related configurations, providing all-round base protection.
skills-secure-code-game
My clone repository for skills-secure-code-game
tools.tldr.run
Curated list of security tools for Hackers & Builders!
Vulmap-Local-Vulnerability-Scanners
Information about Vulmap Local Vulnerability Scanners project
Vulmap-Windows
Host-based local vulnerability scanner. Finds installed software on the host, asks their vulnerabilities to vulmon.com API and print vulnerabilities with available exploits. All found exploits can be downloaded by Vulmap.