📦 Make security testing of K8s, Docker, and Containerd easier.

☁️ ⚡ Granular, Actionable Adversary Emulation for the Cloud

HummerRisk 是云原生安全平台，包括混合云安全治理和云原生安全检测。

Metarget is a framework providing automatic constructions of vulnerable infrastructures.

Tool for building Kubernetes attack paths

阿里云aliyun/腾讯云tencentcloud/华为云huaweicloud/aws等各种云厂商的accesskey运维安全工具，accesskey利用工具，包括但不限于创建ecs、ecs查询和命令执行、oss查询和批量下载等各种功能,aws accesskey rce;remote command execute

Kubernetes Security Checklist and Requirements - All in One (authentication, authorization, logging, secrets, configuration, network, workloads, dockerfile)

AWS云平台 AccessKey 泄漏利用工具

awesome resources about cloud native security 🐿

An ongoing curated list of awesome frameworks, important books, articles, talks, libraries, learning tutorials, best practices and technical resources about Cloud Native Development

A Kubernetes-native platform that enforces security at the CI/CD layer — detecting misconfigurations, exposed secrets, and blocking insecure deployments before they ever reach production.

Web Appliaction Firewall reverse-proxy using Coraza WAF + Caddy with ready-to-use rulesets

Exports Kubernetes resources created by Trivy Operator as individual metrics.

autonomous intrusion defense system for Kubernetes that combines eBPF-based real-time traffic intelligence with CNN-LSTM deep learning for sub-millisecond threat detection and policy-driven autonomous mitigation.

End-to-End Cybersecurity

Jibril Runtime Security Public Types. Important for unmarshalling events and similar needs.

A curated list of cloud security tools for AWS, Azure, GCP, and Kubernetes

Repository untuk tugas DevSecOps Week7 — Docker Security dengan Trivy

This is a production-grade, Zero Trust financial microservice provisioned via Terraform on AWS EKS. Features OIDC keyless CI/CD, strictly scoped IAM, and non-root container security.

KCSA (Kubernetes Cloud Native Security Associate) hands-on labs covering Kubernetes security, container security, admission control, and cloud native security practices.