confusedcrib
Follow
Stars
🔎 Static code analysis engine to find security issues in code.
We track 5 million open-source packages, exposing vulnerabilities before they get CVE numbers. Many never do.
An LLM-powered repository agent designed to assist developers and teams in generating documentation and understanding repositories quickly.
Open source templates you can use to bootstrap your security programs
Damn Vulnerable SCA Application
kntrl is an eBPF based runtime agent that monitors and prevents anomalous behaviour defined by you on your pipeline. kntrl achieves this by monitoring kernel calls, and denying access as soon as yo…
A tool to render a pie chart of memory usage (bytes_memlock) of BPF maps on the system 🥧
Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.
A modern SaaS template/boilerplate built with SvelteKit, Tailwind, and Supabase. Includes marketing page, blog, subscriptions, auth, user dashboard, user settings, pricing page, and more.
SaaS Boilerplate - Open Source and free SaaS stack that lets you build SaaS products faster in React, Django and AWS. Focus on essential business logic instead of coding repeatable features!
The simplest, fastest and most reliable way to create a virtual keyboard 💁 . (iOS and Android)
"The mother of all demo apps" — Exemplary fullstack Medium.com clone powered by React, Angular, Node, Django, and many more
🧵 CLI tool for directly patching container images!
Runtime detection and response for malicious events in Kubernetes workloads
Use AI to Scan Your Code from the Command Line for security and code smells. Bring your own keys. Supports OpenAI and Gemini
Superduper: Build end-to-end AI applications and agent workflows on your existing data infrastructure and preferred tools - without migrating your data.
Security-focused Chaos Experiments for DevSecOps Teams
Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive files
The OpenTF Manifesto expresses concern over HashiCorp's switch of the Terraform license from open-source to the Business Source License (BSL) and calls for the tool's return to a truly open-source …
Create your own vulnerable by design AWS penetration testing playground
Automating situational awareness for cloud penetration tests.
☁️ ⚡ Granular, Actionable Adversary Emulation for the Cloud
DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation of repeatable detection samples in the cloud. Built on Google…
A collection of scripts for assessing Microsoft Azure security
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
Tooling to simulate runtime attacks and test default runtime detections from Datadog Cloud Security Management.
Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face. #nolockdown