📦 Make security testing of K8s, Docker, and Containerd easier.

☁️ ⚡ Granular, Actionable Adversary Emulation for the Cloud

HummerRisk 是云原生安全平台，包括混合云安全治理和云原生安全检测。

Metarget is a framework providing automatic constructions of vulnerable infrastructures.

Tool for building Kubernetes attack paths

Automated cloud security audit & post-exploitation toolkit for AWS, Aliyun, and TencentCloud AK/SK. 支持多云凭据校验、ECS/EC2远程命令执行(RCE)、安全组动态修改、SSH公钥写入、存储桶(S3/OSS/COS)数据批量脱陷及联邦令牌控制台接管。

Kubernetes Security Checklist and Requirements - All in One (authentication, authorization, logging, secrets, configuration, network, workloads, dockerfile)

AWS云平台 AccessKey 泄漏利用工具

awesome resources about cloud native security 🐿

Deterministic Linux runtime enforcement with eBPF LSM: block file/network operations before syscalls complete.

An ongoing curated list of awesome frameworks, important books, articles, talks, libraries, learning tutorials, best practices and technical resources about Cloud Native Development

ZeroTrustOps — Kubernetes-native DevSecOps enforcement platform that scans Infrastructure-as-Code and repositories on every Git push, evaluating security rules and blocking deployments via a deterministic CI/CD gate (PASS/FAIL).

Web Appliaction Firewall reverse-proxy using Coraza WAF + Caddy with ready-to-use rulesets

Exports Kubernetes resources created by Trivy Operator as individual metrics.

End-to-End Cybersecurity

autonomous intrusion defense system for Kubernetes that combines eBPF-based real-time traffic intelligence with CNN-LSTM deep learning for sub-millisecond threat detection and policy-driven autonomous mitigation.

Jibril Runtime Security Public Types. Important for unmarshalling events and similar needs.

Open-source mapping of CCCS ITSG-33 Annex 4A Profile 1 (Protected B) security controls to Kubernetes mechanisms.

This is a production-grade, Zero Trust financial microservice provisioned via Terraform on AWS EKS. Features OIDC keyless CI/CD, strictly scoped IAM, and non-root container security.

Repository untuk tugas DevSecOps Week7 — Docker Security dengan Trivy