A curated list of awesome tools, platforms, products and resources for MSPs

CISO Assistant is a one-stop-shop for GRC, covering Risk, AppSec and Audit Management and supporting +70 frameworks worldwide with auto-mapping: NIST CSF, ISO 27001, SOC2, CIS, PCI DSS, NIS2, CMMC,…

GitHub Action for running Cypress end-to-end & component tests

Advanced Wazuh Rules for more accurate threat detection. Feel free to implement within your own Wazuh environment, contribute, or fork!

A payment application to demonstrate real-world usage of Cypress testing methods, patterns, and workflows.

This Ansible collection provides battle tested hardening for Linux, SSH, nginx, MySQL

Ansible playbook for provisioning WordPress servers

The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in production.

Awesome tools around HashiCorp Vault

Various Veeam products related PowerShell scripts

Oracle Cloud Infrastructure Observability and Management

A simple demo with a Turnstile-protected form, using Cloudflare Workers.

Check if your IP is blacklisted or not.

A highly customizable homepage (or startpage / application dashboard) with Docker and service API integrations.

SigNoz is an open-source observability platform native to OpenTelemetry with logs, traces and metrics in a single application. An open-source alternative to DataDog, NewRelic, etc. 🔥 🖥. 👉 Open sour…

A tool for exploring each layer in a docker image

CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI.

Notary is a project that allows anyone to have trust over arbitrary collections of data

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

An extensible multilanguage static code analyzer.

Opiniated RAG for integrating GenAI in your apps 🧠 Focus on your product rather than the RAG. Easy integration in existing products with customisation! Any LLM: GPT4, Groq, Llama. Any Vectorstore: …

Metrics exporter and samples for unified observability for data-centric app dev and microservices

Pretius APEX Nested Reports

ODAT: Oracle Database Attacking Tool

Terraform module to deploy Redis on Oracle Cloud Infrastructure (OCI)

A list of alternatives for Adobe software

Surveillance Detection Scout: Your Lookout on Autopilot

Anteater is Reconnaissance tool for discovering interesting files and folders in a web application that most likely has been misconfigured to be accessible. Anteater discovers admin pages as well.

Checks expired domains for categorization/reputation and Archive.org history to determine good candidates for phishing and C2 domain names

A curated list of awesome cloud security blogs, podcasts, standards, projects, and examples.