Cyber Threat Intelligence Repository expressed in STIX 2.0

An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

MISP trainings, threat intel and information sharing training materials with source code

Notes on responding to security breaches relating to Azure AD

CloudTracker helps you find over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies.

A guide to setting up a production-like Kubernetes cluster on a local machine

Azure Red Team tool for graphing Azure and Azure Active Directory objects

Azure Security Resources and Notes

Community Security Analytics provides a set of community-driven audit & threat queries for Google Cloud

A curated list of awesome Microsoft Azure Security tools, guides, blogs, and other resources.

A curated list of threat detection rule repositories and sharing communities.

Identify Azure blobs using a wordlist of account name and container name strings

A guide to simplify the process of evaluating Datadog's Cloud SIEM security capabilities to detect AWS threats.

ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. It has a robust event-based programming language which provides protection from a rang…

Linux, Jenkins, AWS, SRE, Prometheus, Docker, Python, Ansible, Git, Kubernetes, Terraform, OpenStack, SQL, NoSQL, Azure, GCP, DNS, Elastic, Network, Virtualization. DevOps Interview Questions

DevOps resources - Linux, Jenkins, AWS, SRE, Prometheus, Docker, Python, Ansible, Git, Kubernetes, Terraform, OpenStack, SQL, NoSQL, Azure, GCP

A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for learning Threat modeling and initial phases of security review.

♾️ Collection and Roadmap for everyone who wants DevSecOps. Hope your DevOps are more safe 😎

Ultimate DevSecOps library

⭐️ Companies that don't have a broken hiring process

Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark

This repository is a collection of resources to prepare for the Certified Kubernetes Security Specialist (CKSS) exam.

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

An ongoing & curated collection of awesome frameworks, and most important libraries, videos, learning tutorials , tools and and cool stuff about containers.

A curated list of tools for incident response

Will Boyd, 1124, Kubernetes and Cloud Native Associate (KCNA)

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS