This research project explores techniques to bypass the default Falco ruleset (based on Falco v0.28.1) by providing documentation and supporting artifacts in subdirectories. It includes a Dockerfile for the sshayb/fuber:latest image, which is used extensively in the project to demonstrate bypass techniques such as privilege escalation and lateral movement during cluster compromise.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A comprehensive guide to Nessus, a vulnerability scanner, covering data directories, binary directories, logs directories, plugin directories, advanced settings, API, and good practices.
A comprehensive SQL injection cheat sheet covering various database management systems and techniques.
A condensed field guide for cyber security incident responders, covering incident response processes, attacker tactics, and practical techniques for handling incidents.
Free and open-source cybersecurity training classes with multi-class learning paths for high-skill, high-pay job skills.
Comprehensive security training platform for web developers, offering hands-on experience with real, vulnerable applications and concrete advice for securing code.
A comprehensive guide to understanding and responding to modern ransomware attacks, covering incident response, cyber threat intelligence, and forensic analysis.
A comprehensive guide to developing an incident response capability through intelligence-based threat hunting, covering theoretical concepts and real-life scenarios.
A repository of cybersecurity conference presentation slides from Black Hat, Offensivecon, and REcon.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.