Example implementation DevSecOps using Gitlab

Gitlab CI/CD Templates for build,test,deploy to your infra

Belajar kubernetes untuk pemula sampai mahir

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

A cheat sheet that contains advanced queries for SQL Injection of all types.

Source Code Review resources for Bug Bounty Hunters & Developers. This Repo is updated consistently.

🔥 🔥 Open source cloud native security observability platform. Linux, K8s, AWS Fargate and more. 🔥 🔥

An authoritative list of awesome devsecops tools with the help from community experiments and contributions.

A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for learning Threat modeling and initial phases of security review.

DevSecOps FYPJ with GitLab

📙 Markdown Templates for Offensive Security OSCP, OSWE, OSCE, OSEE, OSWP exam report

Vulnerable Django Application

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place

Organize your API security assessment by using MindAPI. It's free and open for community collaboration.

Nuclei Templates Collection

Some files for bruteforcing certain things.

XS-Leaks Wiki

DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

🧾 Collection of resources to study for CompTia Pentest+ exam (PT0-002).

Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to…