An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guidelines and important resources about DevSecOps in Cybersecurity.

Compromise a web application and delve deeper into the network to access hosts that you cannot directly reach from your attack host using different approaches.

Deploy GOAD labs to ESXi

This repository is designed for educational purposes, with real code, real labs, and real-world logic — but zero bullshit.

Code from exercises and labs on TryHackMe. TryHackMe is a free online platform for learning cyber security, using hands-on exercises and labs on the browser!

Professional Hardware Security Lab Setup | PCB analysis, firmware extraction, and embedded systems testing environment

Reproducible lab for CVE-2020-0610 (BlueGate) - Windows RD Gateway UDP/DTLS remote code execution vulnerability. Includes PowerShell scripts, setup guide, and nuclei template validation examples.

This project turns a Raspberry Pi 4 into a DShield honeypot to capture and study network probes and brute-force attempts in a safe lab

CVE-2016-15042 lab: Dockerized WordPress PoC for unauthenticated file upload in Frontend File Manager <4.0 and N‑Media Post Front‑end Form <1.1

Educational pentesting lab – Red Team exercises with Kali Linux, Metasploitable2, Nessus, Burp Suit, Wireshark, tcpdump, Nmap, Metasploit Framework, SET, Hydra, sqlmap, aircrack-ng and vulnerable apps. Step-by-step reports, commands, and captures.

Snort → Splunk home-lab that detects Nmap portscans and visualizes alerts (top sources/ports, timeline, last 50). Includes SPL & helper scripts

A Python-based Intrusion Detection System (IDS) that monitors network traffic to detect port scans and SSH brute force attacks. Built using Scapy and validated with Wireshark in an isolated virtual network environment.

🐍 Capture and analyze network probes and brute-force attacks by transforming a Raspberry Pi into a DShield honeypot for safe cybersecurity research.

What's Been Set Up: Complete Codebase - All components implemented and tested Git Repository - Initialized with proper commit history Documentation - Comprehensive guides and API docs GitHub Workflows - CI/CD pipeline with security testing Community Files - Contributing guide, issue templates, PR templates Open Source License

Hands‑on VM lab: Nessus scans & manual patching

Collection of practical codes for Savitribai Phule Pune University's Information Security Laboratory (310258) .

SEED Labs by Kevin Du

Damn Vulnerable Web Application (DVWA) on a local Kubernetes cluster using Minikube and then simulate common web application attacks.