DevSecOps
Authentication
Data Management
- shredos.x86_64 - Shredos Disk Eraser 64 bit for all Intel 64 bit processors as well as processors from AMD and other vendors which make compatible 64 bit chips. ShredOS - Secure disk erasure/wipe
Hacking
- PayloadsAllTheThings - A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Linters
- trivy - Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues and hard-coded secrets, also cloud infrastructure as well.
Secrets
- No Secrets! 🤫 - Find secrets in your GitHub repo.
- teller - Cloud native secrets management for developers - never leave your command line for secrets.
Tools
- Nepenthes - This is a tarpit intended to catch web crawlers. Specifically, it's targetting crawlers that scrape data for LLM's - but really, like the plants it is named after, it'll eat just about anything that finds it's way inside.
- cloudfox - Automating situational awareness for cloud penetration tests.
- gitsign - Keyless Git signing using Sigstore
Resources
- OAuth 2.0 Simplified
- The DevOps Security Checklist Redux
- The SaaS CTO Security Checklist Redux
- The Cloud Native Wiki
- The Copenhagen Book
- Hacking The Cloud - Hacking the cloud is an encyclopedia of the attacks/tactics/techniques that offensive security professionals can use on their next cloud exploitation adventure. The goal is to share this knowledge with the security community to better defend cloud native technologies.
- SLSA - Supply-chain Levels for Software Artifacts
- The twelve-factor app