83 tools and resources
Goof is a vulnerable Node.js demo application that includes a series of vulnerabilities and exploits
A lightweight and portable Docker container for penetration testers and CTF players
A CLI tool and Go library for generating a Software Bill of Materials (SBOM) from container images and filesystems.
A python module for orchestrating content acquisitions and analysis via Amazon SSM.
Emulate offensive attack techniques in the cloud with a self-contained Go binary.
Utility that exposes TLS certificate expiry as Prometheus metrics.
A collection of lab scripts and files for learning about containers and container internals.
YaraHunter scans container images, running Docker containers, and filesystems to find indicators of malware.
A configurable DNS honeypot with SQLite logging and Docker support.
Docker image with essential tools for Kubernetes penetration testing.
Local pentest lab using docker compose to spin up victim and attacker services.
WordPress honeypot tool running in a Docker container for monitoring access attempts.
A tool to run YARA rules against node_module folders to identify suspicious scripts
QIRA is a competitor to strace and gdb with MIT license, supporting Ubuntu and Docker for wider compatibility.
A book that helps improve Docker security by covering risks and countermeasures
A Docker image with tools for solving Steganography challenges and screening scripts for analyzing files.
Tool for assessing compliance and running vulnerability scans on Docker images.
A script that checks for common best-practices around deploying Docker containers in production.
A comprehensive guide for using Docker with detailed information on prerequisites, installation, containers, images, networks, and more.
Discover and understand the Docker Layer 2 ICC Bug and its implications on inter-container communication.
gVisor is an application kernel that provides isolation for running sandboxed containers.
Python tool for remote memory acquisition
A vulnerable web application for learning about web application vulnerabilities and writing secure code.
Haaukins is an automated virtualization platform for cybersecurity education with a focus on capture the flag concept.
Create Docker container images for testing and long-term use.
Toolkit for post-mortem analysis of Docker runtime environments using forensic HDD copies.
Toolkit for building custom minimal, immutable Linux distributions with secure defaults.
A web collaborative platform for incident responders to share technical details during investigations, shipped in Docker containers for easy installation and upgrades.
A portable Docker container with preinstalled AWS security tools for SecOps on AWS.
Docker file for building Androguard dependencies with an optional interactive shell environment.
Open-source project for building instrumented environments to simulate attacks and test detections.
Multi-honeypot platform with various honeypots and monitoring tools.
A tool for pillaging Docker registries to extract image manifests and configurations.
A comprehensive web application security testing solution that offers built-in vulnerability assessment and management, as well as integration options with popular software development tools.
Introductory book about cryptography with instructions for building and translating.
Deliberately vulnerable CI/CD environment with 11 challenges to practice security.
Docker security audit tool with custom audit profiles and JSON report generation based on CIS Docker 1.6 Benchmark.
Static code analyzer for Infrastructure as Code with 500+ security policies and support for various IaC tools and cloud platforms.
Automatically curate open-source Yara rules and run scans with YAYA.
A subset of the Modern Honey Network project set up to run in docker, including hpfeeds broker, cowrie honeypot, and dionaea honeypot.
A framework to analyze container images and gather useful information.
SAST and malware analysis tool for Android APKs with detailed scan information.
Docker-based honeypot setup with detailed installation and configuration instructions.
A simple Docker-based honeypot to detect port scanning
A Docker analysis tool for identifying potential security vulnerabilities and weaknesses in Docker environments
A honeypot tool emulating HL7 / FHIR protocols with various installation and customization options.
Passive Network Audit Framework (PNAF) v0.1.2 provides passive network auditing capabilities and is now a project of COSMIC-Chapter of The Honeynet Project.
A highly interactive honeypot for observing access from attackers by building easily targeted and compromised web applications, forwarding logs to Google BigQuery for accumulation and visualization.
Research project on bypassing default Falco ruleset with Dockerfile for sshayb/fuber:latest image.
A script for setting up a dionaea and kippo honeypot using Docker images.
A tool for building Open Container Initiative (OCI) container images with various functionalities.
Aggregator of FireHOL IP lists with HTTP-based API service and Python client package.
Fake SSH server that sends push notifications for login attempts
Exploit that launches a process on the host from within a Docker container run with the --privileged flag by abusing the Linux cgroup v1 “notification on release” feature.
Scans Alpine base images for vulnerabilities using Multi Stage builds in Docker 17.05
BunkerWeb is a next-generation and open-source Web Application Firewall (WAF) with seamless integration and user-friendly customization options.
A tool for deep analysis of malicious files using ClamAV and YARA rules, with features like scoring suspect files, building visual tree graphs, and extracting specific patterns.
Weave Scope automatically generates a map of your application for troubleshooting and monitoring Docker & Kubernetes.
Command line interface for managing and inspecting images, policies, subscriptions, and registries with support for various operating systems and packages.
Curiefense is an application security platform that protects against various threats and offers community involvement.
Directory containing components to build labs for Chapter 29 with setup instructions and VM information.
An automation framework for subdomain bruteforcing
A logging proxy tool created in response to the 'MongoDB Apocalypse', with Docker support.
Repository for apps to be used in Shuffle with compatibility instructions.
An image with commonly used tools for creating a pentest environment easily and quickly, with detailed instructions for launching in a VPS.
Emulates Docker HTTP API with event logging and AWS deployment script.
An open source project for static analysis of vulnerabilities in application containers
WackoPicko is a vulnerable website with known vulnerabilities, now available as a Docker image and included in the OWASP Broken Web Applications Project.
Docker's Actuary automates security best-practices checks for Docker containers.
Package verification tool for npm with various verification and testing capabilities.
A docker container with multiple vulnerable applications for cybersecurity training.
A tool for static analysis of known vulnerabilities, trojans, viruses, malware & other malicious threats in docker images/containers
Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.
A DICOM server with a twist, blocking C-STORE attempts for protection but logging them.
Fuzzapi is a Rails application with a user-friendly UI for API_Fuzzer gem and Docker setup.
Utilizes dirtyc0w kernel exploit for privilege escalation in a Docker container.
Forensics tool for exploring offline Docker filesystems.
Python library for building Docker images with advanced features.
Blazingly fast Yara queries for malware analysts with an analyst-friendly web GUI.
A proof of concept for using the SSM Agent in Fargate for incident response
Custom AppArmor profile generator for Docker containers with file globbing.
Vulnerable web application for beginners in penetration testing.
