pop36's starred repositories
Vulnerable-OAuth-2.0-Applications
vulnerable OAuth 2.0 applications: understand the security implications of your OAuth 2.0 decisions.
oauth-2.0-security-cheat-sheet
oauth security guidelines
chain-bench
An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmark.
ssc-reading-list
A reading list for software supply-chain security.
aws_exposable_resources
Resource types that can be publicly exposed on AWS
bottlerocket
An operating system designed for hosting containers
container.training
Slides and code samples for training, tutorials, and workshops about Docker, containers, and Kubernetes.
Incident-Playbook
GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]
DevSecOps-Playbook
This is a step-by-step guide to implementing a DevSecOps program for any size organization
awesome-security-hardening
A collection of awesome security hardening guides, tools and other resources
wrongsecrets
Vulnerable app with examples showing how to not use secrets
aws-customer-security-incidents
A repository of breaches of AWS customers
awesome-list-of-secrets-in-environment-variables
🦄🔒 Awesome list of secrets in environment variables 🖥️
cloud-security-remediation-guides
Security Remediation Guides
awesome-kubernetes-security
A curated list of awesome Kubernetes security resources
csp_security_mistakes
This repo has been replaced by https://www.cloudvulndb.org
MicrosoftSentinel-ShodanMonitor
Ingesting Shodan Monitor Alerts to Microsoft Sentinel
SecureSoftwareSupplyChain
This repo is a consolidation of Secure Software Supply Chain resources, such as talks, whitepapers, conferences and more.
API-s-for-OSINT
List of API's for gathering information about phone numbers, addresses, domains etc
Fast-Google-Dorks-Scan
The OSINT project, the main idea of which is to collect all the possible Google dorks search combinations and to find the information about the specific web-site: common admin panels, the widespread file types and path traversal. The 100% automated.