Jon Goldman's repositories
Awesome-CobaltStrike-Defence
Defences against Cobalt Strike
awesome-k8s-security
A curated list for Awesome Kubernetes Security resources
Benchmark
OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web app written in Java, it supports analysis by Static (SAST), Dynamic (DAST), and Runtime (IAST) tools that support Java. The idea is that since it is fully runnable and all the vulnerabilities are actually exploitable, it’s a fair test for any kind of vulnerability detection tool. For more details on this project, please see the OWASP Benchmark Project home page.
cilium
eBPF-based Networking, Security, and Observability
CVE-2021-31760
Exploiting a Cross-site request forgery (CSRF) attack to get a Remote Command Execution (RCE) through the Webmin's running process feature
dnSpy
.NET debugger and assembly editor
docs
The open-source repo for docs.github.com
juice-shop
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
k8s-sec.github.io
Links and resources for the O'Reilly Kubernetes Security book
lambda-isemail
Serverless end point to check validity of an email address
refinery
High Octane Triage Analysis
s3-account-search
S3 Account Search
serverless-mysql
A module for managing MySQL connections at SERVERLESS scale
shiftleft-cicd-demo
ShiftLeft CI/CD Demo
vulnado
Purposely vulnerable Java application to help lead secure coding workshops