Securing DevOps – A book on Security techniques for DevOps that reviews state of the art practices used in securing web applications and their infrastructure. ansible-os-hardening – Ansible role for OS hardening bunkerized-nginx – nginx Docker image secure by default Trivy – A simple and comprehensive vulnerability scanner for containers and other artifacts, suitable for […]

Docker Images for Penetration Testing & Security

docker pull owasp/zap2docker-stable – official OWASP ZAP docker pull wpscanteam/wpscan – official WPScan docker pull citizenstig/dvwa – Damn Vulnerable Web Application (DVWA) docker pull hmlio/vaas-cve-2014-6271 – Vulnerability as a service: Shellshock docker pull hmlio/vaas-cve-2014-0160 – Vulnerability as a service: Heartbleed docker pull opendns/security-ninjas – Security Ninjas docker pull diogomonica/docker-bench-security – Docker Bench for Security docker […]