Projects in Awesome Lists tagged with container-security
A curated list of projects in awesome lists tagged with container-security .
https://github.com/wazuh/wazuh
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
cloud-security compliance configuration-assessement container-security cybersecurity file-integrity-monitoring incident-response infosec log-analysis malware-detection pci-dss security security-audit security-automation security-hardening security-tools siem vulnerability-detection wazuh xdr
Last synced: 06 Feb 2026
https://github.com/madhuakula/kubernetes-goat
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀
blueteam cloud-native cloud-security cloudsecurity container container-security devsecops docker hacking infrastructure k8s kubernetes kubernetes-goat kubernetes-security owasp pentesting redteam security vulnerable-app
Last synced: 13 May 2025
https://github.com/cdk-team/cdk
📦 Make security testing of K8s, Docker, and Containerd easier.
blackhat cloud-native cloud-native-security container container-escape container-security docker exploits hacktools hitb k8s k8s-penetration-toolkit kernel-exploitation kubernetes kubernetes-security linux penetration penetration-testing-tools privilege-escalation vulnerabilities
Last synced: 15 May 2025
https://github.com/cdk-team/CDK
📦 Make security testing of K8s, Docker, and Containerd easier.
blackhat cloud-native cloud-native-security container container-escape container-security docker exploits hacktools hitb k8s k8s-penetration-toolkit kernel-exploitation kubernetes kubernetes-security linux penetration penetration-testing-tools privilege-escalation vulnerabilities
Last synced: 04 Apr 2025
https://github.com/chaitin/veinmind-tools
veinmind-tools 是由长亭科技自研,基于 veinmind-sdk 打造的容器安全工具集
cloud-native cloud-security container-security containerd docker image-security security
Last synced: 15 May 2025
https://github.com/project-copacetic/copacetic
🧵 CLI tool for directly patching container images!
cncf compliance container-image container-security containers devsecops docker hacktoberfest patching security security-tools trivy vulnerabilities vulnerability vulnerability-management
Last synced: 21 Oct 2025
https://github.com/metarget/metarget
Metarget is a framework providing automatic constructions of vulnerable infrastructures.
cloud-native cloud-native-security container container-escape container-security kernel-exploitation kubernetes kubernetes-security privilege-escalation target vulnerabilities vulnerable-infrastructure vulnerable-infrastructures vulnerable-scenes
Last synced: 13 Apr 2025
https://github.com/Metarget/metarget
Metarget is a framework providing automatic constructions of vulnerable infrastructures.
cloud-native cloud-native-security container container-escape container-security kernel-exploitation kubernetes kubernetes-security privilege-escalation target vulnerabilities vulnerable-infrastructure vulnerable-infrastructures vulnerable-scenes
Last synced: 30 Apr 2025
https://github.com/vchinnipilli/kubestriker
A Blazing fast Security Auditing tool for Kubernetes
aks automation aws azure container-security containers devops docker docker-security eks gke informationsecurity infosec kubernetes kubernetes-security security security-audit security-tools
Last synced: 30 Mar 2025
https://github.com/opengovern/opensecurity
opensecurity: open-source security and compliance. See and secure your cloud, containers, code, networks, deployments, devices. Define your rules, get precise checks, fix gaps fast. Streamlined audits. No fluff.
audit cloud-security compliance container-security cspm devsecops optimization oss policy-as-code security security-auditing-tool
Last synced: 12 Jan 2026
https://github.com/Vinum-Security/kubernetes-security-checklist
Kubernetes Security Checklist and Requirements - All in One (authentication, authorization, logging, secrets, configuration, network, workloads, dockerfile)
checklist cloud-native-security container-security devsecops kubernetes kubernetes-security requirments security
Last synced: 29 Apr 2025
https://github.com/sysdiglabs/kube-psp-advisor
Help building an adaptive and fine-grained pod security policy
container-security kubernetes psp security-tools
Last synced: 06 Apr 2025
https://github.com/Metarget/k0otkit
k0otkit is a universal post-penetration technique which could be used in penetrations against Kubernetes clusters.
container-escape container-injection container-security fileless-attack hack-k8s k8s kubernetes-security post-penetration reverse-shell
Last synced: 29 Apr 2025
https://github.com/metarget/k0otkit
k0otkit is a universal post-penetration technique which could be used in penetrations against Kubernetes clusters.
container-escape container-injection container-security fileless-attack hack-k8s k8s kubernetes-security post-penetration reverse-shell
Last synced: 13 Apr 2025
https://github.com/jetstack/paranoia
Inspect certificate authorities in container images
certificate-authority container-security containers security tls
Last synced: 09 Apr 2025
https://github.com/r0binak/MTKPI
🧰 Multi Tool Kubernetes Pentest Image
container-security image kubernetes kubernetes-security pentest redteam
Last synced: 11 May 2025
https://github.com/ellerbrock/docker-security-images
:closed_lock_with_key: Docker Container for Penetration Testing & Security
container container-hardening container-security cyber-security cybersecurity devops devsecops docker docker-security infosec it-security penetration-testing pentest pentest-tool pentesting secops
Last synced: 20 Aug 2025
https://github.com/r3drun3/sploitcraft
🏴☠️ Hacking Guides, Demos and Proof-of-Concepts 🥷
ai aws cloud container-security cybersecurity docker hacking hacking-tutorials linux llm-security network-security offensive-security proof-of-concept python redteam tutorials web-vulnerabilities windows
Last synced: 04 Apr 2025
https://github.com/mikeroyal/openshift-guide
OpenShift Guide. Learn about the Red Hat OpenShift Container Platform, Data Science, Code Ready Containers, Podman, Buildah, and Kubernetes.
active-directory btrfs chaos-engineering container-image container-security deploy-tool hybrid-cloud kubernetes kubernetes-cluster kubevirt multicloud openshift openshift-ansible openshift-cluster openshift-dedicated openshift-deployment openshift4 reliability-engineering site-reliability-engineering systemctl
Last synced: 28 Oct 2025
https://github.com/twistlock/whoc
A container image that exfiltrates the underlying container runtime to a remote server
Last synced: 12 Jan 2026
https://github.com/chaitin/libveinmind
一个由长亭自研,直观而可扩展的容器安全 SDK
cloud-native container-security containerd docker golang-library image-security python-library sdk
Last synced: 12 Jun 2025
https://github.com/grantseltzer/karn
Simplifying Seccomp enforcement in containerized or non-containerized apps
container-security containers karn seccomp seccomp-filter security security-hardening security-tools
Last synced: 12 May 2025
https://github.com/falcosecurity-retire/falco-security-workshop
Container Security Workshop covering using Falco on Kubernetes.
cncf container-security containers docker kubernetes kubernetes-security
Last synced: 22 Apr 2025
https://github.com/sandbox-utils/sandbox-run
🔒🐧 Run command in a secure OS-native sandbox (0 deps)
bubblewrap bubblewrap-scripts bwrap container container-security containerization exec firejail jail jails namespaces opsec posix-sh sandbox sandbox-environment sandboxing secure security security-tools shell
Last synced: 16 Jun 2026
https://github.com/paulveillard/cybersecurity-container-security
An ongoing & curated collection of awesome frameworks, and most important libraries, videos, learning tutorials , tools and and cool stuff about containers.
container container-image container-management container-orchestration container-security containerd containerization containers containersplatform kubernetes-cluster kubernetes-deployment kubernetes-setup microservices microservices-architecture
Last synced: 10 Apr 2025
https://github.com/0xN3utr0n/Kanis
Advanced threat detection solution for Linux.
antivirus container-security containers docker endpoint-security ids linux malware rootkit threat-detection yara yara-scanner
Last synced: 30 Mar 2025
https://github.com/exploitworks/escalatex
A powerful Linux privilege escalation scanner — a feature-rich and modern alternative to LinPEAS, built for speed, depth, and clarity.
bash blackarch capability-checker container-security ctf-tools cybersecurity ethical-hacking infosec kali-linux kernel-exploitation linux penetration-testing pentesting privilege-escalation redteam security security-tools suidsploit sysadmin vulnerability-scanners
Last synced: 11 Apr 2025
https://github.com/appvia/cosign-keyless-admission-webhook
Kubernetes admission webhook that uses cosign verify to check the subject and issuer of the image matches what you expect
container-security cosign hacktoberfest kubernetes kubernetes-admission-webhook oidc sigstore
Last synced: 05 Sep 2025
https://github.com/slimdevops/slim-containers
Tutorials, examples, and streaming notes
container-image container-security containers examples golang java node nodejs python ruby-on-rails rust-lang security security-tools tutorial-code
Last synced: 29 Jul 2025
https://github.com/blues-man/vote-app-gitops
A demo of cloud-native Inner Loop and Outer Loop controlling a 2-tier app (Python + Go) with Red Hat OpenShift using Tekton Pipelines, Argo CD GitOps, Eclipse Che aka OpenShift DevSpaces and Quay.io registry
argocd cicd cloud-native container-security devsecops-pipeline gitops kubernetes openshift tekton-pipelines
Last synced: 10 Apr 2025
https://github.com/msaad00/agent-bom
Open security scanner for AI supply chain and infrastructure: agents, MCP, containers, cloud, GPU, and runtime with blast-radius analysis.
ai-agents ai-security ai-supply-chain aibom blast-radius cloud-security compliance container-security cyclonedx devsecops kubernetes llm-security mcp mcp-server owasp sarif sbom security-scanner supply-chain-security vulnerability-scanning
Last synced: 25 May 2026
https://github.com/kube-tarian/sigrun
Sign your artifacts, source code or container images using Sigstore tools, Save the Signatures you want to use, and Validate & Control the deployments to allow only the known Sources based on Signatures, Maintainers & other payloads automatically.
artifacts container-security containers containersecurity cosign fulcio gatekeeper kubernetes kubernetes-security kubernetessecurity opa open-policy-agent pods policy-as-code rekor signature signature-verification sigstore
Last synced: 01 May 2025
https://github.com/stelligent/aws-anchore-engine-scanner
This guide details steps and procedures you can follow to create, launch and implement your own standalone container scanning solution within AWS ecosystem. This approach uses an opensource container scanning tool called Anchore Engine as a proof-of-concept and provides examples of how Anchore integrates with your favorite CI/CD systems orchestration platforms.
anchore-cli anchore-engine aws container-security devops devsecops docker ecs
Last synced: 09 Apr 2025
https://github.com/huntridge-labs/argus
Argus brings “a hundred eyes” to your project, combining leading open source security tools into a scalable, automated, continuous security pipeline.
container-security dast devsecops fedramp hardening iac-security malware-detection sast secret-detection security-automation security-scanning security-tools vulnerability-scanning
Last synced: 01 Apr 2026
https://github.com/rezmoss/awesome-security-pipeline
🔐 A curated list of open-source security tools organized by CI/CD pipeline stage. Covers secrets detection, SBOM, SAST, SCA, IaC security, container scanning, Kubernetes security & more. Actively maintained with weekly status updates
appsec awesome awesome-list checkov cicd container-security devops devsecops gitleaks kubernetes-security sast sbom security security-tools supply-chain-security trivy vulnerability-scanner
Last synced: 03 Apr 2026
https://github.com/trendmicro/tmas-scan-action
Vision One Container Security Scan Action
cloud container container-security devsecops github-actions security security-scanner security-tools vulnerability
Last synced: 13 Jul 2025
https://github.com/42bytelabs/konarr
Konarr: A free and open source SCA platform for your containers
container-security containers homelab rust supply-chain supply-chain-security
Last synced: 10 Jun 2025
https://github.com/houssemdellai/kubernetes-allowed-registries-policy
Demoing whitelisting Container Registries in Kubernetes using OPA/Gatekeeper policy.
aks-kubernetes-cluster container-registry container-security policy security
Last synced: 03 Jan 2026
https://github.com/onzack/kube-scout
Vulnerability Management Tool for Kubernetes and Containers
container-security docker kubernetes
Last synced: 13 Apr 2025
https://github.com/darkwizard242/ansible-role-trivy
Ansible role for Trivy. Available on Ansible Galaxy.
ansible ansible-galaxy ansible-role container-security system trivy vulnerability-detection
Last synced: 02 Jan 2026
https://github.com/sysdiglabs/security-playground
This is a sample application which runs an HTTP web server and allows to read and write files and exec commands
container-security kubernetes security-tools
Last synced: 13 Jul 2025
https://github.com/juburr/cosign-orb
A simple CircleCI orb used to install Cosign and sign container images
circleci circleci-orb container-security cosign docker-signatures signature-verification signatures sigstore supply-chain-security
Last synced: 01 Feb 2026
https://github.com/snailsploit/kuberoast_v1
From-scratch, red-team–oriented Kubernetes misconfiguration & attack-path scanner. Fast, readable, and opinionated toward real-world escalation paths.
cloud-security container-security k8s kubernetes kubernetes-scanner misconfiguration-scanner penetration-testing privilege-escalation python red-teaming
Last synced: 17 May 2026
https://github.com/Mutasem-mk4/procscope
Zero-overhead eBPF process tracer for Linux malware triage and incident response. Traces syscalls, network, and file events per-process without strace overhead.
bpf cli container-security ebpf forensics golang incident-response kali-linux kubernetes-security linux-security malware-analysis monitoring observability process-monitoring reverse-engineering runtime-security security-tools threat-detection threat-hunting tracing
Last synced: 28 Apr 2026
https://github.com/licenseware/kubectl
Minimal Alpine-based Docker image for kubectl with automatic updates, Cosign signing, and security scanning
alpine-linux automation ci-cd cloud-native container container-security cosign devops docker docker-image github-actions image-signing k8s kubectl kubernetes kubescape minimal security supply-chain-security vulnerability-scanning
Last synced: 08 Oct 2025
https://github.com/pradumnasaraf/soss-scout-demo
The repository demonstrates the use of Docker Scout in a CI/CD pipeline to examine vulnerabilities in container images. This demo was presented at Secure Open Source Software (SOSS) Community Days India 2024.
container-security docker docker-scout image-security security
Last synced: 19 Feb 2026
https://github.com/veilair/docker-development
An ongoing curated list of awesome frameworks, important books, articles, talks, libraries, learning tutorials, best practices and technical resources about Docke
container container-image container-linux container-management container-runtime container-security containerization containers docker docker-apps docker-build docker-cloud docker-compose docker-container docker-hub docker-image docker-registry
Last synced: 06 May 2026
https://github.com/erhardtconsulting/images
Rootless Docker Images for Secure Kubernetes Deployments
container-security containerization devops docker docker-containers docker-image kubernetes rootless rootless-container rootless-docker secure-deployment
Last synced: 05 May 2026
https://github.com/albertdobmeyer/opencli-container
Hardened container harness for OpenClaw agents — proxy-gated networking and security verification
ai-agents ai-safety container-security defense-in-depth docker mitmproxy openclaw podman sandbox seccomp security
Last synced: 29 May 2026
https://github.com/fortify/fortify-ssc-parser-tenable-io-cs
Fortify SSC Parser Plugin for Tenable.io Container Security results
container-security fortify fortify-integration fortify-parser-plugin fortify-ssc tenable
Last synced: 02 Sep 2025
https://github.com/false-systems/syva
Kernel-level eBPF enforcement for existing Kubernetes clusters. 7 LSM hooks watch every open, exec, kill, ptrace, and cgroup move — no runtime replacement needed.
bpf container-security containerd containers ebpf isolation kubernetes linux-security lsm rust
Last synced: 21 Apr 2026
https://github.com/tmatens/compose-lint
Security-focused linter for Docker Compose files. Catches dangerous misconfigurations before they reach production. Grounded in OWASP and CIS Docker Benchmark.
cis-benchmark code-quality compose container-security devops devsecops docker docker-compose github-actions hardening iac-security linter owasp pre-commit python security security-scanner security-tools static-analysis yaml
Last synced: 26 Apr 2026
https://github.com/911abaddon/securityheaderx
Instant web security analysis: detect vulnerabilities in HTTP headers, TLS, and CORS with a single scan
api-security appsec cloud-security container-security cybersecurity devsecops http-headers javascript nodejs owasp penetration-testing privacy security security-headers security-tools web-security
Last synced: 18 May 2026
https://github.com/ej-east/redoubt
Hardened container images and reusable CI workflows with cosign signing and SBOM attestation.
ci-cd container-security cosign devsecops distroless docker dockerfile ghcr github-actions hardened-images image-signing oci reusable-workflows sbom sigstore slsa supply-chain-security syft trivy vulnerability-scanning
Last synced: 07 Jun 2026
https://github.com/juburr/grype-orb
A simple CircleCI orb used to install Grype and perform vulnerability scans
circleci circleci-orbs container-scanning container-security containers grype vulnerability-scanners
Last synced: 17 Jan 2026
https://github.com/juliosuas/copyfail-guard
Fast, auditable Linux mitigation for CVE-2026-31431 Copy Fail: algif_aead block, verification, and AF_ALG seccomp hardening.
af-alg container-security copy-fail cve cve-2026-31431 devsecops docker-security incident-response kernel-hardening kubernetes-security linux linux-kernel seccomp security sysadmin
Last synced: 03 May 2026
https://github.com/sysdiglabs/secure-image-scanning
Image scanning with Sysdig Secure
container-security security-tools
Last synced: 16 Mar 2025
https://github.com/meysam81/build-docker
A shorthand GitHub Action for building Docker and pushing to ghcr.io and other repositories. An smaller alternative to combining qemu and other steps.
automation buildx ci-cd composite-action container-image container-registry container-security devops docker docker-build docker-push docker-scout dockerhub ghcr github-action github-actions kubescape multi-platform security-scanning vulnerability-scanning
Last synced: 11 Apr 2025
https://github.com/defensia/agent
Lightweight security agent for Linux servers — SSH brute force, WAF, bot detection, Docker/Kubernetes native. Deploy via curl, Docker, Helm.
bot-detection brute-force container-security daemonset docker firewall go helm helm-chart intrusion-detection kubernetes linux linux-security owasp security server-security ssh waf
Last synced: 13 Apr 2026
https://github.com/lawndoc/seccomp-ci-demo
Automate seccomp filter generation in your CI pipeline
ci container-security containers devops devsecops ebpf linux seccomp security security-automation syscalls
Last synced: 07 May 2026
https://github.com/hackertwinten/clair-helm
Helm chart for Clair container vulnerability scanner
clair container-security helm kubernetes security vulnerability-scanner
Last synced: 24 May 2026
https://github.com/antonlovesdnb/fishbowl
Containerized credential auditing perimeter for AI coding agents. Wraps Codex/Claude Code in Docker, audits every credential access via eBPF.
ai-agents claude-code codex container-security credential-security devtools docker ebpf rust security
Last synced: 26 Apr 2026
https://github.com/tupacalypse187/falco-airgapped-deployment
Complete solution for deploying Falco security in air-gapped environments with local testing and AWS EKS production deployment
air-gapped almalinux container-security devops eks falco helm kubernetes runtime-security security
Last synced: 10 Feb 2026
https://github.com/tvroi/ebpf-docker-build-monitor
eBPF-based monitor for detecting suspicious activity during Docker image builds
c2-detection container-security dependency-injection devsecops docker-build docker-security ebpf runtime-monitoring syscall
Last synced: 12 Jun 2025
https://github.com/roiswd/ebpf-docker-build-monitor
eBPF-based monitor for detecting suspicious activity during Docker image builds
c2-detection container-security dependency-injection devsecops docker-build docker-security ebpf runtime-monitoring syscall
Last synced: 15 May 2026
https://github.com/kariemoorman/dockeraudit
A container security auditing toolkit, with trivy and snyk CVE scanning integration
container-security docker docker-security k8s
Last synced: 20 Apr 2026
https://github.com/anchore/circleci-orbs
Repo for all Anchore circleci orb source code
anchore anchore-engine circleci-orb circleci-orbs container-security docker image-scanning vulnerability-scanner
Last synced: 13 Aug 2025
