Search Results for "docker" - Page 2
Sort By:
Showing 49 open source projects for "docker"
View related business solutions-
Outgrown Windows Task Scheduler?Windows Task Scheduler wasn't built for complex, cross-platform automation. Get a free diagnostic that shows exactly where things are failing and provides remediation recommendations. Interactive HTML report delivered in minutes.
-
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
1
Authorizer
Your data, your control. Fully open source, authentication, etc.
Your data, your control. Fully open source, authentication and authorization. No lock-ins. Deployment in Railway in 120 seconds || Spin a docker image as a micro-service in your infra. Built in login page and Admin panel out of the box. Authorizer is an open-source authentication and authorization solution for your applications. Bring your database and have complete control over the user information. You can self-host authorizer instances and connect to any database (Currently supports 11+ databases including Postgres, MySQL, SQLite, SQLServer, YugaByte, MariaDB, PlanetScale, CassandraDB, ScyllaDB, MongoDB, ArangoDB). ... -
2
PoshC2
C2 framework used to aid red teamers with post-exploitation
PoshC2 is a proxy-aware C2 framework used to aid penetration testers with red teaming, post-exploitation and lateral movement. PoshC2 is primarily written in Python3 and follows a modular format to enable users to add their own modules and tools, allowing an extendible and flexible C2 framework. Out-of-the-box PoshC2 comes PowerShell/C# and Python2/Python3 implants with payloads written in PowerShell v2 and v4, C++ and C# source code, a variety of executables, DLLs and raw shellcode in... -
3
kube2iam
Provides different AWS IAM roles for pods running on Kubernetes
Provide IAM credentials to containers running inside a Kubernetes cluster based on annotations. Traditionally in AWS, service level isolation is done using IAM roles. IAM roles are attributed through instance profiles and are accessible by services through the transparent usage by the aws-sdk of the ec2 metadata API. When using the aws-sdk, a call is made to the EC2 metadata API which provides temporary credentials that are then used to make calls to the AWS service. The problem is that in a... -
4
ThreatMapper
Open source cloud native security observability platform
Thousands of companies trust Deepfence to secure their most critical cloud workloads and applications with a unified platform. Experience rapid threat detection and remediation, while significantly reducing non-critical security alerts by 90%. Deepfence ThreatMapper hunts for threats in your production platforms, and ranks these threats based on their risk of exploit. It uncovers vulnerable software components, exposed secrets, and deviations from good security practices. ThreatMapper uses a... -
AI-generated apps that pass security reviewRetool lets you generate dashboards, admin panels, and workflows directly on your data. Type something like “Build me a revenue dashboard on my Stripe data” and get a working app with security, permissions, and compliance built in from day one. Whether on our cloud or self-hosted, create the internal software your team needs without compromising enterprise standards or control.
-
5
gorush
A push notification server written in Go (Golang)
...Support install TLS certificates from Let's Encrypt automatically. Support send notification through RPC protocol, we use gRPC as default framework. Support running in Docker, Kubernetes or AWS Lambda (Native Support in Golang). -
6
transfer.sh
Easy and fast file sharing from the command-line
...Transfer.sh currently supports the s3 (Amazon S3), gdrive (Google Drive), storj (Storj) providers, and local file system (local). For easy deployment, we've created a Docker container. For the usage with a AWS S3 Bucket, you just need to specify the following options, provider, aws-access-key, aws-secret-key, bucket, and s3-region. If you specify the s3-region, you don't need to set the endpoint URL since the correct endpoint will used automatically. To use a custom non-AWS S3 provider, you need to specify the endpoint as defined from your cloud provider. ... -
7
OmniEdge
Bringing intranet on the internet with Zero-Config Mesh VPNS.
OmniEdge is an Open source p2p layer 2 , zero-config mesh VPN infrastructure, a traditional VPN, AWS VPC, Ngrok, DDNS alternative. No central server, easy to scale with less maintenance. What happens in intranet, stays in in intranet. -
8
Wemake Django Template
Bleeding edge django template focused on code quality and security
...This template is a result of implementing our processes, it should not be considered as an independent part. When developing this template we had several goals in mind. Development environment should be bootstrapped easily, so we use docker-compose for that. Development should be consistent, so we use strict quality and style checks. Development, testing, and production should have the same environment, so again we develop, test, and run our apps in docker containers. Documentation and codebase are the only sources of truth. This template is oriented on big projects, when there are multiple people working on it for a long period of time. -
9
StarHackIt
StarHackIt: React/Native/Node fullstack starter kit
StarHackIt: React/Native/Node full-stack starter kit with authentication and authorization, data backed by SQL, the infrastructure deployed with GruCloud. -
Atera all-in-one platform IT management software with AI agentsAtera’s AI agents don’t just assist, they act. From detection to resolution, they handle incidents and requests instantly, taking your IT management from automated to autonomous.
-
10
Horusec
Open source tool that improves identification of vulnerabilities
Horusec is an open source tool that performs a static code analysis to identify security flaws during the development process. Currently, the languages for analysis are C#, Java, Kotlin, Python, Ruby, Golang, Terraform, Javascript, Typescript, Kubernetes, PHP, C, HTML, JSON, Dart, Elixir, Shell, Nginx. The tool has options to search for key leaks and security flaws in all your project's files, as well as in Git history. Horusec can be used by the developer through the CLI and by the... -
11
Kraken tool
Kraken: A multi-platform distributed brute-force password cracking
...It allows you to parallelize dictionaries and crunch word generator-based cracking across multiple machines both as a web app in a web browser and as a standalone electron-based client. Kraken aims to be easy to use, fault-tolerant and scalable. Kraken is a dockerized application using docker-compose which will launch the db (Postgres), s3-compliant file storage (Minio), the server and the browser client. You can find the docker-compose file in the root directory of the repository. To upload password lists or dictionaries, upload them to Minio Console at localhost:9001. View the steps explained for a detailed guide Otherwise, you can generate word lists dynamically using crunch. ... -
12
SurveyKing
Make a better survey system
...A variety of questionnaire settings, support white list answers, public inquiries, answer restrictions, etc. Simple installation and deployment ( deployment within 1 minute at the fastest ), supports one-click windows deployment, one-click docker deployment, front-end and back-end separation deployment, single jar deployment, and secondary directory deployment. -
13
Kubesploit
Kubesploit is a cross-platform post-exploitation HTTP/2 Command
Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent dedicated for containerized environments written in Golang and built on top of Merlin project by Russel Van Tuyl. While researching Docker and Kubernetes, we noticed that most of the tools available today are aimed at passive scanning for vulnerabilities in the cluster, and there is a lack of more complex attack vector coverage. They might allow you to see the problem but not exploit it. It is important to run the exploit to simulate a real-world attack that will be used to determine corporate resilience across the network. ... -
14
OpenWAF
Web security protection system based on openresty
The first all-round open source Web security protection system, more protection than others. OpenWAF is the first fully open source Web application protection system (WAF), based on nginx_lua API analysis of HTTP request information. OpenWAF is composed of two functional engines: behavior analysis engine and rule engine. The rule engine mainly analyzes the individual requests, and the behavior analysis engine is mainly responsible for the tracking of the request information. Rule engine... -
15
sWAF
A simple Web Application Firewall docker image
sWAF is a simple Web Application Firewall docker image, pre-configured to be easily used within your web services architecture. It runs NGINX as a dedicated reverse proxy embedding powerful WAF engines: ModSecurity 3, using OWASP® ModSecurity Core Rule Set (CRS) rules, and NAXSI. It uses acme.sh for Let's Encrypt and other free CA support. A lot of people are self-hosting their own cloud infrastructure (using Nextcloud, Synology, QNAP, a cloud lease server or home-made solutions...), but we can never be too much paranoid about web security for a lot of good reasons. ... -
16
Active Directory Exploitation
A cheat sheet that contains common enumeration and attack methods
Active-Directory-Exploitation-Cheat-Sheet is a comprehensive, community-curated cheat sheet that collects practical enumeration commands, attack techniques, and quick references for attacking and auditing Windows Active Directory environments. The repository is organized as a stepwise kill-chain: recon, domain enumeration, local privilege escalation, user hunting, BloodHound guidance, lateral movement, persistence, domain-admin takeover, cross-trust attacks, data exfiltration, and a toolbox... -
17
SHAD0W
A post exploitation framework designed to operate covertly
...Dynamically resolved syscalls are heavily used to avoid userland API hooking, anti-DLL injection to make it harder for EDR to load code into the beacons, and official Microsoft mitigation methods to protect spawn processes. Runs fully inside of Docker allowing cross-platform usage. SHAD0W is a modular C2 framework designed to successfully operate on mature environments. All traffic between beacons and the C2 are encrypted and transmitted over HTTPS. -
18
Hackingtool
ALL IN ONE Hacking Tool For Hackers
HackingTool by Z4nzu is a large collection (“all-in-one”) of tools and scripts for penetration testing / hacking / OSINT etc. It bundles many utilities (port scanners, payload injectors, web attack tools, phishing tools, wireless attack tools, reverse engineering, etc.) into a menu interface. Includes many individual tools, often wrappers or aggregations of existing well-known tools (e.g. port scanners, web attack tools, steganography, hash cracking etc.). A menu interface offering... -
19
passcore
A self-service password management tool for Active Directory
...My hope is that the new version continues to be just as popular. There really is no free alternative out there (that I know of) so hopefully, this saves someone else some time and money. We recommend use the docker image and redirect the traffic to nginx. -
20
docker-nginx-auto-ssl
Docker image for automatic generation of SSL certs using Let's encrypt
The simpliest solution to add SSL cert to your site. Docker image for automatic generation of SSL certs using Let's encrypt and Open Resty, with reasonable SSL settings, HTTP/2 and WebSockets support out-of-the-box. You can specify allowed domains and simple proxies using ENV variables, and easily override nginx.conf to your needs. -
21
Gitkube
Build and deploy docker images to Kubernetes using git push
Gitkube is a tool for building and deploying Docker images on Kubernetes using git push. After a simple initial setup, users can simply keep git push-ing their repos to build and deploy to Kubernetes automatically. Ideal for development where you can push your WIP branch to the cluster to test. Reference implementation for writing git-based automation on your server. Fork this repo and create your own CRD + controller + git remote hook that can do things on the Kubernetes cluster. ... -
22
Java Sec Code
Java web common vulnerabilities and security code
...The application will use mybatis auto-injection. Please run mysql server ahead of time and configure the mysql server database's name and username/password except docker environment. -
23
SSH MITM
SSH man-in-the-middle tool
This penetration testing tool allows an auditor to intercept SSH connections. A patch applied to the OpenSSH v7.5p1 source code causes it to act as a proxy between the victim and their intended SSH server; all plaintext passwords and sessions are logged to disk. Of course, the victim's SSH client will complain that the server's key has changed. But because 99.99999% of the time this is caused by a legitimate action (OS re-install, configuration change, etc), many/most users will disregard... -
24
Offensive Web Testing Framework
Offensive Web Testing Framework (OWTF), is a framework
OWASP OWTF is a project focused on penetration testing efficiency and alignment of security tests to security standards like the OWASP Testing Guide (v3 and v4), the OWASP Top 10, PTES and NIST so that pentesters will have more time to see the big picture and think out of the box. More efficiently find, verify and combine vulnerabilities. Have time to investigate complex vulnerabilities like business logic/architectural flaws or virtual hosting sessions. Perform more tactical/targeted...
