Docker

A tool for deep analysis of malicious files using ClamAV and YARA rules, with features like scoring suspect files, building visual tree graphs, and extracting specific patterns.

A Golang application that stores and queries NIST NSRL Reference Data Set for MD5 and SHA1 hash lookups using Bolt database technology.

Weave Scope is a real-time visualization and monitoring tool that automatically maps Docker container infrastructures and microservices, providing interactive topology views and direct container management capabilities.

A command-line interface tool for managing container image security analysis, vulnerability scanning, and policy enforcement through the Anchore Engine REST API.

Curiefense is an application security platform that extends Envoy proxy to protect web applications and APIs against SQL injection, XSS, DDoS, and other common threats.

A hands-on cybersecurity laboratory environment for Gray Hat Hacking Chapter 29 that creates virtualized Docker and Kali Linux machines using Terraform for practical security training exercises.

A collection of 20 cross-site scripting challenges covering various XSS attack vectors and filtering bypass techniques for educational purposes.

An automation framework that runs multiple open-source subdomain bruteforcing tools in parallel using Docker Compose and custom wordlists.

A logging proxy tool created in response to the 'MongoDB Apocalypse', with Docker support.

An image with commonly used tools for creating a pentest environment easily and quickly, with detailed instructions for launching in a VPS.

Emulates Docker HTTP API with event logging and AWS deployment script.

Clair is an open source static analysis tool that scans application containers for known vulnerabilities through API-based image indexing and matching.

WackoPicko is an intentionally vulnerable web application used for security testing, penetration testing practice, and vulnerability scanner evaluation.

Docker's Actuary is an automated security assessment tool that checks Docker container deployments against configurable best-practice checklists to ensure production readiness.

Package verification tool for npm with various verification and testing capabilities.

DVXTE is a Docker-based training platform containing multiple vulnerable applications designed for cybersecurity education and skill development.

Dagda is a Docker security tool that performs static vulnerability analysis of container images and monitors running containers for malicious threats and anomalous activities.

A testing tool that generates suspect actions to validate and test Falco runtime security monitoring rulesets.

A security testing framework for assessing container environment security across AWS and GCP cloud platforms.

A DICOM server with a twist, blocking C-STORE attempts for protection but logging them.

Fuzzapi is a Rails application with a user-friendly UI for API_Fuzzer gem and Docker setup.

A proof-of-concept tool that demonstrates the Dirty COW kernel exploit (CVE-2016-5195) for privilege escalation within Docker containers, specifically targeting nginx images while providing mitigation guidance through AppArmor profiles.

Docker Explorer is a forensic tool that enables investigators to explore and analyze offline Docker container filesystems by reconstructing layered filesystem structures.

Atomic Reactor is a Python library and CLI tool for building Docker images with advanced features including Git integration, registry operations, and build system integration.