Skip to content
View cji-stripe's full-sized avatar

Block or report cji-stripe

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
Showing results

This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-Google owned code.

C 3,477 419 Updated Jan 7, 2025

High-performance QEMU memory and instruction tracing

Rust 529 34 Updated Jul 26, 2024

A good looking terminal emulator which mimics the old cathode display...

QML 22,651 860 Updated Jun 14, 2024

Evaluate the RBAC permissions of Kubernetes identities through policies written in Rego

Go 341 37 Updated Dec 21, 2023

Linux Process Discovery. C Library, Go bindings, Runtime.

Go 219 12 Updated Jul 20, 2022

A reading list for software supply-chain security.

361 13 Updated Nov 21, 2022

Contextual Content Discovery Tool

Go 2,705 304 Updated Apr 29, 2024

Quick and dirty demo for some Kubernetes hacking

Shell 2 Updated Apr 29, 2022

Custom firmware for the HackRF+PortaPack H1/H2/H4

C 3,705 602 Updated Jan 8, 2025

A collection of my Semgrep rules to facilitate vulnerability research.

C 598 65 Updated Jul 9, 2024

Hardening a sketchy containerized application one step at a time

Go 54 7 Updated Jan 25, 2022

A collection of manifests that will create pods with elevated privileges.

Shell 605 104 Updated Jun 2, 2022

Tool for auditing RBACs in Kubernetes

Python 215 60 Updated Feb 5, 2024

POC for CVE-2022-23648

Dockerfile 36 12 Updated Mar 29, 2022

Curated resources help you prepare for the CNCF/Linux Foundation CKS 2021 "Kubernetes Certified Security Specialist" Certification exam. Please provide feedback or requests by raising issues, or ma…

AGS Script 2,015 538 Updated Jun 23, 2024

Correlates serviceaccounts and pods to the permissions granted to them via rolebindings and clusterrolesbindings.

Python 35 2 Updated May 18, 2022

A tool for standing up (and tearing down!) purposefully insecure cloud infrastructure

HCL 676 96 Updated Oct 14, 2023

CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

Python 3,031 638 Updated Dec 20, 2024

Use Terraform to create your own vulnerable by design AWS IAM privilege escalation playground.

HCL 484 85 Updated Feb 1, 2024

This is a step-by-step guide to implementing a DevSecOps program for any size organization

1,931 326 Updated Dec 21, 2024

Access portal for Kubernetes

Less 110 6 Updated Jan 5, 2025

⬆️ ☠️ 🔥 Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock

Go 6,779 584 Updated Mar 12, 2024

CVE-2022-25636

C 427 83 Updated Mar 7, 2022

Helping allocate resources to secure the critical open source projects we all depend on.

337 40 Updated Oct 10, 2024

How to exploit a double free vulnerability in 2021. Use After Free for Dummies

Python 1,323 65 Updated Oct 31, 2021

insject is a tool for poking at containers. It enables you to run an arbitrary command in a container or any mix of Linux namespaces.

Rust 49 3 Updated Jan 6, 2022

Security Remediation Guides

714 178 Updated Nov 18, 2024

Vulnerable Kustomize Kubernetes templates for training and education

HTML 47 95 Updated Jun 21, 2022

🔐CNCF Security Technical Advisory Group -- secure access, policy control, privacy, auditing, explainability and more!

HTML 2,120 531 Updated Dec 15, 2024
Next
Showing results