Docker

A network forensics toolkit that transforms network traffic data into graph-based representations for interactive analysis and visualization through a web interface.

A low-interaction honeypot that simulates network services to detect and monitor potential intrusion attempts on internal networks.

Node.js Goof is a vulnerable Node.js demo application containing multiple security vulnerabilities for testing and educational purposes.

A Docker-based penetration testing toolkit that provides a portable environment with GUI support and pre-installed security tools for web application testing and CTF activities.

A CLI tool and Go library for generating a Software Bill of Materials (SBOM) from container images and filesystems.

Retraced is an audit logging solution that provides compliant, searchable audit trails for applications with client libraries for Go and JavaScript.

A cloud-focused attack simulation framework that provides granular, self-contained offensive techniques mapped to MITRE ATT&CK for red team exercises.

A Docker-based utility that monitors TLS certificate expiration dates and exposes the data as Prometheus metrics with support for Kubernetes ingress discovery and configurable domain filtering.

An educational repository providing structured lab materials and scripts for learning container technologies and their internal mechanisms.

YaraHunter scans container images, running Docker containers, and filesystems using YARA rules to detect malware indicators and signs of compromise.

Policy Sentry is an automated IAM policy generator that helps developers create least privilege AWS IAM policies through a template-based workflow.

A configurable DNS honeypot with SQLite logging and Docker support.

Docker image with essential tools for Kubernetes penetration testing.

WebGoat is an OWASP-maintained deliberately insecure web application designed to teach web application security through hands-on exercises with intentional vulnerabilities.

Local pentest lab using docker compose to spin up victim and attacker services.

A Golang-based container security scanner that identifies potential vulnerabilities and misconfigurations in container environments by checking namespacing, capabilities, security profiles, and host device mounts.

WordPress honeypot tool running in a Docker container for monitoring access attempts.

A tool to run YARA rules against node_module folders to identify suspicious scripts

QIRA is a competitor to strace and gdb with MIT license, supporting Ubuntu and Docker for wider compatibility.

A book that helps improve Docker security by covering risks and countermeasures

A cryptographic framework that secures software update systems by enabling publishers to sign content offline and consumers to verify authenticity through trusted verification mechanisms.

MKIT is a Docker-based security assessment tool that identifies common misconfigurations in managed Kubernetes clusters across AKS, EKS, and GKE platforms.

A Docker-based steganography analysis toolkit containing pre-installed tools and automated scripts for detecting and extracting hidden data from files, primarily designed for CTF challenges.

A container compliance and vulnerability assessment tool that uses OpenSCAP to scan Docker images and running containers for security vulnerabilities and compliance violations.