101 private links
CLI tool for linting and testing Helm charts. Contribute to helm/chart-testing development by creating an account on GitHub.
Introduction to SELinux Security Enhanced Linux (SELinux) provides an additional layer of system security. SELinux fundamentally answers the question: May <subject> do <action> to <object>?, for example: May a web…
Kubernetes LAN Party - by Wiz
Contribute to vulnersCom/trivy-plugin-vulners-db development by creating an account on GitHub.
This is a GitBook of mine whose purpose is keeping my pentest notes on hand. It's far from being perfect in terms of organization (that's why I call it "promiscuous") and, basically, I'm logging it for myself, but it turned out that hosting it online makes it most convenient to access. So, if you find it handy too, feel free to use it... responsibly, of course!
Original PoC for CVE-2023-32784. Contribute to vdohney/keepass-password-dumper development by creating an account on GitHub.
Never ever ever use pixelation as a redaction technique - GitHub - BishopFox/unredacter: Never ever ever use pixelation as a redaction technique
The open source tool analyzes Kubernetes YAML files and Helm charts to ensure they adhere to best practices, focusing on production readiness and security. Here's how to set it up and use it.
🔒 Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories. - GitHub - StevenBlack/hosts: 🔒 Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.
Kubernetes exploitation tool. Contribute to Rolix44/Kubestroyer development by creating an account on GitHub.
I hacked into a @Bing CMS that allowed me to alter search results and take over millions of @Office365 accounts. How did I do it? Well, it all started with a simple click in @Azure… 👀 This is the story of #BingBang 🧵⬇️
OWASP has created the OWASP Kubernetes Top 10, which helps identify the most likely risks.
Quickly collect data from thousands of exposed Elasticsearch or Kibana instances and generate a report to be analysed. - GitHub - 9oelM/elasticpwn: Quickly collect data from thousands of exposed Elasticsearch or Kibana instances and generate a report to be analysed.
Vulnerable app with examples showing how to not use secrets - GitHub - OWASP/wrongsecrets: Vulnerable app with examples showing how to not use secrets
This repository brings together tool builders, bloggers, speakers, book authors, and other interesting Mastodon accounts - GitHub - cipher387/OSINT-and-Cybersecurity-accounts-in-Mastodon: This repository brings together tool builders, bloggers, speakers, book authors, and other interesting Mastodon accounts
Hello, we shall run the OWASP juice shop as a deployment, and expose it as a service in a local kubernetes cluster launched with kind. Hence, familiarity with kubernetes deployment and service is essential to follow along. You can try this with any cluster, though I am using a cluster that was launched with kind. For those not aware, kind is a tool that makes launching k8s clusters on your local machine easy.
Welcome to the page where you will find each hacking trick/technique/whatever I have learnt from CTFs, real life apps, reading researches, and news.