A curated list of my GitHub stars! Generated by starred.
- falcosecurity/falco - Cloud Native Runtime Security
- manticoresoftware/manticoresearch - Easy to use open source fast database for search | Good alternative to Elasticsearch now | Drop-in replacement for E in the ELK stack
- zero2504/Early-Cryo-Bird-Injections - Early Bird Cryo Injections – APC-based DLL & Shellcode Injection via Pre-Frozen Job Objects
- openappsec/openappsec - open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.
- carlyrichmond/webdevcon-grounding-rag-applications-workshop - Grounding RAG Applications with JavaScript, Langchain and Elasticsearch @ Webdevcon NL
- reviewdog/reviewdog - 🐶 Automated code review tool integrated with any code analysis tools regardless of programming language
- mikeroyal/Google-Cloud-Guide - Google Cloud Platform (GCP) Guide. Learn all about Google Cloud Tools, Services, and Certifications.
- cilium/cilium - eBPF-based Networking, Security, and Observability
- loft-sh/vcluster - vCluster - Create fully functional virtual Kubernetes clusters - Each vcluster runs inside a namespace of the underlying k8s cluster. It's cheaper than creating separate full-blown clusters and it off
- argoproj/argo-cd - Declarative Continuous Deployment for Kubernetes
- caddyserver/caddy - Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS
- aquasecurity/trivy - Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
- istio/istio - Connect, secure, control, and observe services.
- google/osv-scanner - Vulnerability scanner written in Go which uses the data provided by https://osv.dev
- ethereum/go-ethereum - Go implementation of the Ethereum protocol
- dexidp/dex - OpenID Connect (OIDC) identity and OAuth 2.0 provider with pluggable connectors
- prometheus/alertmanager - Prometheus Alertmanager
- SonarSource/orchestrator - Java library for running SonarQube in tests
- DependencyTrack/dependency-track - Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
- tronprotocol/java-tron - Java implementation of the Tron whitepaper
- SonarSource/sonar-java - ☕ SonarSource Static Analyzer for Java Code Quality and Security
- SonarSource/sonarqube - Continuous Inspection
- SonarSource/sonar-scanner-java-library - Common Java library used by many SonarScanners
- oracle/visualvm - VisualVM is an All-in-One Java Troubleshooting Tool
- SonarSource/sonar-custom-rules-examples - Shows how to bootstrap a project to write custom rules for PHP, Python, Cobol, RPG
- zaproxy/zaproxy - The ZAP by Checkmarx Core project
- mercedes-benz/sechub - SecHub provides a central API to test software with different security tools.
- step-security/github-actions-goat - GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment
- microsoft/Web-Dev-For-Beginners - 24 Lessons, 12 Weeks, Get Started as a Web Developer
- trailofbits/algo - Set up a personal VPN in the cloud
- codecrafters-io/build-your-own-x - Master programming by recreating your favorite technologies from scratch.
- semgrep/semgrep - Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
- priyankavergadia/GCPSketchnote - If you are looking to become a Google Cloud Engineer , then you are at the right place. GCPSketchnote is series where I share Google Cloud concepts in quick and easy to learn format.
- cider-security-research/top-10-cicd-security-risks -
- freach/kubernetes-security-best-practice - Kubernetes Security - Best Practice Guide
- Littlehack3r/awesome-gcp-pentesting - Tools and blogs I use to perform GCP red teams
- trimstray/the-practical-linux-hardening-guide - This guide details creating a secure Linux production system. OpenSCAP (C2S/CIS, STIG).
- StyraInc/awesome-opa - A curated list of OPA related tools, frameworks and articles
- sottlmarek/DevSecOps - Ultimate DevSecOps library
- m3y54m/Embedded-Engineering-Roadmap - Comprehensive roadmap for aspiring Embedded Systems Engineers, featuring a curated list of learning resources
- Developer-Y/cs-video-courses - List of Computer Science courses with video lectures.
- ByteByteGoHq/system-design-101 - Explain complex systems using visuals and simple terms. Help you prepare for system design interviews.
- kelseyhightower/kubernetes-the-hard-way - Bootstrap Kubernetes the hard way. No scripts.
- BjarneStroustrup/profiles - site for discussing profiles design
- jwasham/coding-interview-university - A complete computer science study plan to become a software engineer.
- arainho/awesome-api-security - A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.
- its-a-feature/offensive_macos - Tracking of offensive macOS tooling, blogs, and related helpful information
- bridgecrewio/checkov - Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
- prowler-cloud/prowler - Prowler is the Open Cloud Security platform for AWS, Azure, GCP, Kubernetes, M365 and more. It helps for continuos monitoring, security assessments and audits, incident response, compliance, hardening
- mitmproxy/mitmproxy - An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
- opencve/opencve - Open-source CVE monitoring and alerting platform
- FirmWire/FirmWire - FirmWire is a full-system baseband firmware emulation platform for fuzzing, debugging, and root-cause analysis of smartphone baseband firmwares
- swisskyrepo/PayloadsAllTheThings - A list of useful payloads and bypass for Web Application Security and Pentest/CTF
- mercedes-benz/odxtools - odxtools is a collection of utilities to interact with the diagnostic functionality of automotive electronic control units using python
- donnemartin/system-design-primer - Learn how to design large-scale systems. Prep for the system design interview. Includes Anki flashcards.
- Yelp/fuzz-lightyear - A pytest-inspired, DAST framework, capable of identifying vulnerabilities in a distributed, micro-service ecosystem through chaos engineering testing and stateful, Swagger fuzzing.
- Yelp/detect-secrets - An enterprise friendly way of detecting and preventing secrets in code.
- botesjuan/Burp-Suite-Certified-Practitioner-Exam-Study - Burp Suite Certified Practitioner Exam Study
- endoflife-date/endoflife.date - Informative site with EoL dates of everything
- analysis-tools-dev/static-analysis - ⚙️ A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The focus is on tools which improve code quality.
- joaoviictorti/RustRedOps - RustRedOps is a repository for advanced Red Team techniques and offensive malware, focused on Rust 🦀
- Decurity/semgrep-smart-contracts - Semgrep rules for smart contracts based on DeFi exploits
- insidegui/VirtualBuddy - Virtualize macOS 12 and later on Apple Silicon, VirtualBuddy is a virtual machine GUI for macOS M1, M2, M3, M4
- kamranahmedse/developer-roadmap - Interactive roadmaps, guides and other educational content to help developers grow in their careers.
- renovatebot/renovate - Home of the Renovate CLI: Cross-platform Dependency Automation by Mend.io
- freeCodeCamp/freeCodeCamp - freeCodeCamp.org's open-source codebase and curriculum. Learn math, programming, and computer science for free.
To the extent possible under law, lib0xidium has waived all copyright and related or neighboring rights to this work.