container-security

Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀

📦 Make security testing of K8s, Docker, and Containerd easier.

veinmind-tools 是由长亭科技自研，基于 veinmind-sdk 打造的容器安全工具集

A Blazing fast Security Auditing tool for Kubernetes

Metarget is a framework providing automatic constructions of vulnerable infrastructures.

Kubernetes Security Checklist and Requirements - All in One (authentication, authorization, logging, secrets, configuration, network, workloads, dockerfile)

Help building an adaptive and fine-grained pod security policy

awesome resources about cloud native security 🐿

📦 CLI tool for directly patching container images using reports from vulnerability scanners

k0otkit is a universal post-penetration technique which could be used in penetrations against Kubernetes clusters.

🔐 Docker Container for Penetration Testing & Security

Inspect certificate authorities in container images

Simplifying Seccomp enforcement in containerized or non-containerized apps

A container image that exfiltrates the underlying container runtime to a remote server

Container Security Workshop covering using Falco on Kubernetes.

一个由长亭自研，直观而可扩展的容器安全 SDK

A collection of tools to improve your containerized apps security posture

collections of container escape techniques 🐿

The Amazon Elastic Kubernetes Service (EKS) Creation Engine (ECE) is a Python command-line program created by the Lightspin Office of the CISO to facilitate the creation and enablement of secure EKS Clusters.