Highlights
Cloud Sec ☁️
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀
Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark
The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in production.
📦 Make security testing of K8s, Docker, and Containerd easier.
k0otkit is a universal post-penetration technique which could be used in penetrations against Kubernetes clusters.
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
Elkeid is an open source solution that can meet the security requirements of various workloads such as hosts, containers and K8s, and serverless. It is derived from ByteDance's internal best practi…
The Swiss Army Container for Cloud Native Security. Container with all the list of useful tools/commands while hacking and securing Containers, Kubernetes Clusters, and Cloud Native workloads.
A tool for exploring each layer in a docker image
kubeaudit helps you audit your Kubernetes clusters against common security controls
eBPF-based Security Observability and Runtime Enforcement
Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernet…
A High Performance Metadata System for Kubernetes
[WIP] 整理过去的分享,从零开始的Kubernetes攻防 🧐
🛡️ Awesome Cloud Security Resources ⚔️
Docker Enumeration, Escalation of Privileges and Container Escapes (DEEPCE)