Proof of Concepts for malicious maintainers: How to Tamper with Releases built with GitHub Actions Worfklows, presented at fwd:cloudsec Europe 2025

Java agent designed to dynamically instrument Java applications to simulate and identify potential deadlock scenarios

Summaries, transcripts, key points, and other useful insights from fwd:cloudsec 2025 talks for those of us who don't have time to watch every presentation!

Linux, Jenkins, AWS, SRE, Prometheus, Docker, Python, Ansible, Git, Kubernetes, Terraform, OpenStack, SQL, NoSQL, Azure, GCP, DNS, Elastic, Network, Virtualization. DevOps Interview Questions

Let LLMs manage your Java application via JMX/Jolokia 🌶️

🚀 Level up your GitHub profile readme with customizable card 8000 s including LOC statistics!

Data acquisition platform

Website sources for the Apache Security website

Halberd : Multi-Cloud Agentic Attack Tool

ebpf-go is a pure-Go library to read, modify and load eBPF programs and attach them to various hooks in the Linux kernel.

External Secrets Operator reads information from a third-party service like AWS Secrets Manager and automatically injects the values as Kubernetes Secrets.

Conference presentation slides

Summarize Financial Data with a RAG workflow using Weaviate, Red Hat OpenShift and Red Hat Build of Apache Camel.

LangChain4j is an open-source Java library that simplifies the integration of LLMs into Java applications through a unified API, providing access to popular LLMs and vector databases. It makes impl…

CVE discovery

✨ A curated list of awesome threat detection and hunting resources 🕵️‍♂️

AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.

Pre-Built Vulnerable Environments Based on Docker-Compose

large hashcat rulesets generated from real-world compromised passwords

find relevant security papers published in the top-4 conferences (S&P, USENIX, CCS, NDSS)

Creates CycloneDX Software Bill of Materials (SBOM) from Maven projects

aws2tf - automates the importing of existing AWS resources into Terraform and outputs the Terraform HCL code.

Top disclosed reports from HackerOne

This repository contains the artifacts for the paper "Terrapin Attack: Breaking SSH Channel Integrity By Sequence Number Manipulation".

Nord Stream is a tool that allows you to extract secrets stored inside CI/CD environments by deploying malicious pipelines. It currently supports Azure DevOps, GitHub and GitLab.

All the deals for InfoSec related software/tools this Black Friday

Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan, VirusTotal & Intelligence X!