vpnj012k's repositories
ansible-for-kubernetes
Ansible and Kubernetes examples from Ansible for Kubernetes Book
bandit
Bandit is a tool designed to find common security issues in Python code.
berglas
A tool for managing secrets on Google Cloud
cicd
This repo demonstrates how to use CyberArk Conjur to secure CI/CD pipeline
circleci-demo-python-django
Example Django application running on CircleCI
circleci-demo-python-flask
A demo application to learn how to use CircleCI
ember-cli-mirage
An Ember Addon to easily add Mirage JS to your Ember app.
envkey-app
Secure, human-friendly, cross-platform secrets and config.
keywhiz
A system for distributing and managing secrets
kubeaudit
kubeaudit helps you audit your Kubernetes clusters against common security controls
NodeGoat
The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.
osm
Open Service Mesh (OSM) is a lightweight, extensible, cloud native service mesh that allows users to uniformly manage, secure, and get out-of-the-box observability features for highly dynamic microservice environments.
pycharm-security
Finds security holes in your Python projects from PyCharm and GitHub
PyGoat
A Python-based web platform for education in web vulnerabilities
RoboBurp2
Robot Framework Library for BurpSuite 2.X
security-scripts
A collection of security related Python and Bash shell scripts. Analyze hosts on generic security vulnerabilities. Wrapper around popular tools like nmap (portscanner), nikto (webscanner) and testssl.sh (SSL/TLS scanner)
security-unit-testing
This is a repository containing example code for how you can use unit tests to protect against security regression.
skf-flask
Security Knowledge Framework (SKF) Python Flask / Angular project
terragoat
TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
threagile
Agile Threat Modeling Toolkit
Tiredful-API
An intentionally designed broken web application based on REST API.
vapi
vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios in the means of Exercises.
vault-guides
Example usage of HashiCorp Vault secrets management
web-blog-vault
to demo a flask python app talking to mongodb and using dynamic secrets with vault using the API
WebGoat
WebGoat is a deliberately insecure application