Docker

Sysdig is a universal system visibility tool that provides deep monitoring and analysis capabilities for traditional systems and containerized environments through system call tracing and network activity monitoring.

Cross-platform HTTP honeypot that traps bots with infinite data streams

Aggregator of FireHOL IP lists with HTTP-based API service and Python client package.

Fake SSH server that sends push notifications for login attempts

Exploit that launches a process on the host from within a Docker container run with the --privileged flag by abusing the Linux cgroup v1 “notification on release” feature.

A collection of tips and tricks for container and container orchestration hacking and security testing.

A Docker MultiStage build implementation that integrates CVE scanning into Alpine Linux container builds using Docker 17.05's build-time vulnerability assessment capabilities.

BunkerWeb is a next-generation and open-source Web Application Firewall (WAF) with seamless integration and user-friendly customization options.

A tool for deep analysis of malicious files using ClamAV and YARA rules, with features like scoring suspect files, building visual tree graphs, and extracting specific patterns.

A Golang application that stores and queries NIST NSRL Reference Data Set for MD5 and SHA1 hash lookups using Bolt database technology.

Weave Scope is a real-time visualization and monitoring tool that automatically maps Docker container infrastructures and microservices, providing interactive topology views and direct container management capabilities.

A command-line interface tool for managing container image security analysis, vulnerability scanning, and policy enforcement through the Anchore Engine REST API.

Curiefense is an application security platform that extends Envoy proxy to protect web applications and APIs against SQL injection, XSS, DDoS, and other common threats.

A hands-on cybersecurity laboratory environment for Gray Hat Hacking Chapter 29 that creates virtualized Docker and Kali Linux machines using Terraform for practical security training exercises.

A collection of 20 cross-site scripting challenges covering various XSS attack vectors and filtering bypass techniques for educational purposes.

An automation framework that runs multiple open-source subdomain bruteforcing tools in parallel using Docker Compose and custom wordlists.

A logging proxy tool created in response to the 'MongoDB Apocalypse', with Docker support.

An image with commonly used tools for creating a pentest environment easily and quickly, with detailed instructions for launching in a VPS.

Emulates Docker HTTP API with event logging and AWS deployment script.

Clair is an open source static analysis tool that scans application containers for known vulnerabilities through API-based image indexing and matching.

WackoPicko is an intentionally vulnerable web application used for security testing, penetration testing practice, and vulnerability scanner evaluation.

Docker's Actuary is an automated security assessment tool that checks Docker container deployments against configurable best-practice checklists to ensure production readiness.

Package verification tool for npm with various verification and testing capabilities.

DVXTE is a Docker-based training platform containing multiple vulnerable applications designed for cybersecurity education and skill development.