Presentations, training modules, and other education materials from Duo Security's Application Security team.
updated at Nov. 29, 2023, 5:43 p.m.
Securely manage passwords, certs, and other secrets in Chef
updated at Dec. 23, 2023, 3:02 p.m.
Keyscope is a key and secret workflow (validation, invalidation, etc.) tool built in Rust
updated at April 13, 2024, 10:31 a.m.
Cfngoat is Bridgecrew's "Vulnerable by Design" Cloudformation repository. Cfngoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
updated at April 21, 2024, 4:20 p.m.
Imperva's customizable API attack tool takes an API specification as an input, generates and runs attacks that are based on it as an output.
updated at May 3, 2024, 9:32 p.m.
TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
updated at May 4, 2024, 7:10 a.m.
Discover internet-wide misconfigurations while drinking coffee
updated at May 4, 2024, 7:53 p.m.
Scan your code for security misconfiguration, search for passwords and secrets.
updated at May 5, 2024, 6:14 a.m.
Security risk analysis for Kubernetes resources
updated at May 6, 2024, 1:16 a.m.
Vulnerability Patterns Detector for C# and VB.NET
updated at May 6, 2024, 9:35 a.m.
A static analysis security vulnerability scanner for Ruby on Rails applications
updated at May 7, 2024, 2 a.m.
A command-line reference-implementation client for SSL Labs APIs, designed for automated and/or bulk testing.
updated at May 8, 2024, 7:17 a.m.