Docker

A collection of vulnerable web applications containing command injection flaws designed to test and evaluate detection and exploitation tools like commix.

A command-line tool that extracts manifest and configuration data from Docker registry images for security analysis and reconnaissance purposes.

A comprehensive web application security testing solution that offers built-in vulnerability assessment and management, as well as integration options with popular software development tools.

Deliberately vulnerable CI/CD environment with 11 challenges to practice security.

A Python-based Docker security audit tool that performs CIS benchmark assessments with customizable profiles and JSON reporting capabilities.

A static analysis tool that detects Common Weakness Enumerations (CWEs) in ELF binaries across multiple CPU architectures using Ghidra-based disassembly and various analysis techniques.

A cross-platform post-exploitation HTTP/2 Command & Control framework designed specifically for testing and exploiting containerized environments including Docker and Kubernetes.

A command-line tool that scans websites to detect publicly known security vulnerabilities in frontend JavaScript libraries using Snyk's vulnerability database.

Terrascan is a static code analyzer that scans Infrastructure as Code for security misconfigurations and compliance violations across multiple cloud platforms and container environments.

Automatically curate open-source Yara rules and run scans with YAYA.

Strelka is a real-time, container-based file scanning system that performs file extraction and metadata collection at enterprise scale for threat hunting, detection, and incident response.

A Docker-based honeypot network implementation featuring cowrie and dionaea honeypots with centralized event collection, geolocation enrichment, and real-time attack visualization.

A framework for analyzing container images, running scripts inside containers, and gathering information for static analysis and policy enforcement.

Mobile Audit is a Docker-based SAST and malware analysis tool that performs comprehensive security analysis of Android APK files, including vulnerability detection, certificate verification, and Virus Total integration.

Docker-based honeypot setup with detailed installation and configuration instructions.

A simple Docker-based honeypot to detect port scanning

A Docker security analysis tool that scans containers and networks to identify vulnerabilities and security weaknesses in Docker environments.

A honeypot tool emulating HL7 / FHIR protocols with various installation and customization options.

Passive Network Audit Framework (PNAF) v0.1.2 provides passive network auditing capabilities and is now a project of COSMIC-Chapter of The Honeynet Project.

BW-Pot is an interactive web application honeypot that deploys vulnerable applications to attract and monitor HTTP/HTTPS attacks, with automated logging to Google BigQuery for analysis.

A Python library for interacting with TAXII servers

Research project on bypassing default Falco ruleset with Dockerfile for sshayb/fuber:latest image.

A script for setting up a dionaea and kippo honeypot using Docker images.

Buildah is a command-line tool for building and managing container images in OCI and Docker formats without requiring a running daemon.