Ollie Cuffley-Hur's starred repositories
awesome-appsec
A curated list of resources for learning about application security
flux-operator
Flux Operator is a Kubernetes controller for managing the lifecycle of Flux CD
CloudCommotion
Cloud Commotion intends to cause chaos to simulate security incidents
prowler
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more
pinned-actions
How many GitHub repositories actually pin by hash?
terraform-aws-transit-gateway
Terraform module to provision AWS Transit Gateway, AWS Resource Access Manager (AWS RAM) Resource, and share the Transit Gateway with the Organization or another AWS Account.
aws-network-firewall-terraform
This repository contains terraform code to deploy the necessary resources to get started to test AWS Network Firewall.
awesome-secure-defaults
Awesome secure by default libraries to help you eliminate bug classes!
juice-shop
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
multi-juicer
Host and manage multiple Juice Shop instances for security trainings and Capture The Flags
brokencrystals
A Broken Application - Very Vulnerable!
InternalAllTheThings
Active Directory and Internal Pentest Cheatsheets
kubectl-blame
Show who edited resource fields.
cloudmaturity
Cloud Maturity Model and Assessment tool.
secure-code-game
A GitHub Security Lab initiative, providing an in-repo learning experience, where learners secure intentionally vulnerable code.
tf-cloud-aws
Learn GH with TF Cloud on AWS
exploit-writing-for-oswe
Tips on how to write exploit scripts (faster!)
CCA-Study-Guide
Cilium Certified Associate Certification Study Guide
stratus-red-team
:cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud
Security_Architect_and_Principal_Security_Engineer_Interview_Questions
This is a companion to the Security Engineer Questions
s2c2f
The S2C2F Project is a group working within the OpenSSF's Supply Chain Integrity Working Group formed to further develop and continuously improve the S2C2F guide which outlines and defines how to securely consume Open Source Software (OSS) dependencies into the developer’s workflow.
UK-Critical-Infrastructure
A collection of reports and case studies to understand the threat landscape for UK critical infrastructure
kubesec-action
Runs Kubesec as GitHub action