Beast code in Giters

Ollie Cuffley-Hur's starred repositories

awesome-appsec

A curated list of resources for learning about application security

Language:PHPMIT628900

flux-operator

Flux Operator is a Kubernetes controller for managing the lifecycle of Flux CD

Language:GoAGPL-3.010200

CloudCommotion

Cloud Commotion intends to cause chaos to simulate security incidents

Language:HCLApache-2.012500

Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more

Language:PythonApache-2.01068400

pinned-actions

How many GitHub repositories actually pin by hash?

Language:HTMLMIT800

cve.icu

CVE.ICU code.

Language:Jupyter NotebookMIT3400

please

High-performance extensible build system for reproducible multi-language builds.

Language:GoApache-2.0245000

dracon

Security scanning & static analysis tool

Language:GoApache-2.09300

terraform-aws-transit-gateway

Terraform module to provision AWS Transit Gateway, AWS Resource Access Manager (AWS RAM) Resource, and share the Transit Gateway with the Organization or another AWS Account.

Language:HCLApache-2.05300

aws-network-firewall-terraform

This repository contains terraform code to deploy the necessary resources to get started to test AWS Network Firewall.

Language:HCLMIT-06700

awesome-secure-defaults

Awesome secure by default libraries to help you eliminate bug classes!

65300

juice-shop

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

Language:TypeScriptMIT1028000

multi-juicer

Host and manage multiple Juice Shop instances for security trainings and Capture The Flags

Language:JavaScriptApache-2.027100

brokencrystals

A Broken Application - Very Vulnerable!

Language:TypeScriptMIT12400

devpod

Codespaces but open-source, client-only and unopinionated: Works with any IDE and lets you use any cloud, kubernetes or just localhost docker.

Language:GoMPL-2.0877700

InternalAllTheThings

Active Directory and Internal Pentest Cheatsheets

Language:HTML92600

kubectl-blame

Show who edited resource fields.

Language:GoMIT13400

cloudmaturity

Cloud Maturity Model and Assessment tool.

Language:JavaScriptMIT500

secure-code-game

A GitHub Security Lab initiative, providing an in-repo learning experience, where learners secure intentionally vulnerable code.

Language:PythonMIT204100

tf-cloud-aws

Learn GH with TF Cloud on AWS

Language:HCLMIT100

exploit-writing-for-oswe

Tips on how to write exploit scripts (faster!)

40200

CCA-Study-Guide

Cilium Certified Associate Certification Study Guide

NOASSERTION20100

stratus-red-team

:cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud

Language:GoApache-2.0178400

Security_Architect_and_Principal_Security_Engineer_Interview_Questions

This is a companion to the Security Engineer Questions

19800

s2c2f

The S2C2F Project is a group working within the OpenSSF's Supply Chain Integrity Working Group formed to further develop and continuously improve the S2C2F guide which outlines and defines how to securely consume Open Source Software (OSS) dependencies into the developer’s workflow.

NOASSERTION17900

olcuhu