diff --git a/Kubernetes/readme.md b/Kubernetes/readme.md index 029a503..2751132 100644 --- a/Kubernetes/readme.md +++ b/Kubernetes/readme.md @@ -19,11 +19,11 @@ ## Tools -* [kubeaudit](https://github.com/Shopify/kubeaudit). kubeaudit is a command line tool to audit Kubernetes clusters for various different security concerns: run the container as a non-root user, use a read only root filesystem, drop scary capabilities, don't add new ones, don't run privileged, ... -* [kubesec.io](https://kubesec.io/). Security risk analysis for Kubernetes resources. -* [kube-bench](https://github.com/aquasecurity/kube-bench). kube-bench is a Go application that checks whether Kubernetes is deployed securely by running the checks documented in the [CIS Kubernetes Benchmark](https://www.cisecurity.org/benchmark/kubernetes/). - -* [katacoda](https://katacoda.com/courses/kubernetes). Learn Kubernetes using interactive broser-based scenarios. +* [kubeaudit](https://github.com/Shopify/kubeaudit) - Audit Kubernetes clusters against common security concerns +* [kubesec.io](https://kubesec.io/) - Security risk analysis for Kubernetes resources +* [kube-bench](https://github.com/aquasecurity/kube-bench) - Checks whether Kubernetes is deployed securely by running [CIS Kubernetes Benchmark](https://www.cisecurity.org/benchmark/kubernetes/) +* [kube-hunter](https://github.com/aquasecurity/kube-hunter) - Hunt for security weaknesses in Kubernetes clusters +* [katacoda](https://katacoda.com/courses/kubernetes) - Learn Kubernetes using interactive broser-based scenarios ## Service Token diff --git a/Request Smuggling/README.md b/Request Smuggling/README.md index d48b4b1..3cf45ac 100644 --- a/Request Smuggling/README.md +++ b/Request Smuggling/README.md @@ -11,6 +11,7 @@ ## Tools * [HTTP Request Smuggler / BApp Store](https://portswigger.net/bappstore/aaaa60ef945341e8a450217a54a11646) +* [Smuggler](https://github.com/defparam/smuggler) ## CL.TE vulnerabilities @@ -105,4 +106,4 @@ Challenge: https://portswigger.net/web-security/request-smuggling/lab-ofuscating ## References * [PortSwigger - Request Smuggling](https://portswigger.net/web-security/request-smuggling) -* [A Pentester's Guide to HTTP Request Smuggling - Busra Demir - 2020, October 16](https://blog.cobalt.io/a-pentesters-guide-to-http-request-smuggling-8b7bf0db1f0) \ No newline at end of file +* [A Pentester's Guide to HTTP Request Smuggling - Busra Demir - 2020, October 16](https://blog.cobalt.io/a-pentesters-guide-to-http-request-smuggling-8b7bf0db1f0)