This is a PoC code to exploit the IngressNightmare vulnerabilities (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974).

Build Real-Time Knowledge Graphs for AI Agents

Model Context Protocol (MCP) server for Kubernetes and OpenShift

Code Repository for: AIRTBench: Measuring Autonomous AI Red Teaming Capabilities in Language Models

Lightweight LLM Interaction Framework

Human preference data for "Training a Helpful and Harmless Assistant with Reinforcement Learning from Human Feedback"

A guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disclosure notifications.

A collection of eBPF programs demonstrating bad behavior, presented at DEF CON 29

The Controls Canvas is a Terminal User Interface that allows users to craft a new Gemara Layer 2 control catalog from a menu of available options.

Minimizing rework for governance activities.

FINOS Common Cloud Controls

Peirates - Kubernetes Penetration Testing tool

Hide a process under Linux using the ld preloader (https://sysdig.com/blog/hiding-linux-processes-for-fun-and-profit/)

A replacement for "kubectl exec" that works over WebSocket connections.

Scenario-Based Ethical Alignment Benchmark for Large Language Models

Discover K8s Services & Pods through DNS Records in CoreDNS

Adversary Emulation Framework

Automated Attack Simulation in the Cloud, complete with detection use cases.

AI Red Teaming playground labs to run AI Red Teaming trainings including infrastructure.

PurpleLab is an efficient and readily deployable lab solution, providing a swift setup for cybersecurity professionals to test detection rules and undertake various security tasks, all accessible …

🧙‍♂️ Node.js Command & Control for Script-Jacking Vulnerable Electron Applications

Purple Team Exercise Framework

ForgeArmory provides TTPs that can be used with the TTPForge (https://github.com/facebookincubator/ttpforge).

The TTPForge is a Cybersecurity Framework for developing, automating, and executing attacker Tactics, Techniques, and Procedures (TTPs).

A curated list of resources about detecting threats and defending Kubernetes systems.

Create Kubernetes AdmissionReview requests from Kubernetes resource manifests

CloudTracker helps you find over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies.

CloudMapper helps you analyze your Amazon Web Services (AWS) environments.

Security risk analysis for Kubernetes resources

The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.