D

devsecops

DevSecOps health check for GitLab Self-Managed instances.

Skaledheim (SKM) is a modular platform designed to orchestrate distributed services inside a cohesive DevSecOps cluster oriented ecosystem.

Medium-interaction SSH/Telnet honeypot built with Cowrie, Loki, Promtail, and Grafana - provisioned on DigitalOcean via Terraform with a GitLab CI validation pipeline.

Cheatsheet / IT toolbox

This Git repository serves as a valuable resource for managing Dockerfiles and associated scripts.

D3FENDer is a security assessment and gap detection tool developed by Michael Favvas for his thesis titled "Development of a security assessment and gap detection system using the MITRE ATT&CK and D3FEND Frameworks". It uses a rule based system to grade an organization's defenses based on the input. It then detects possible gaps and suggests mitigations based on the MITRE ATT&CK and D3FEND Knowledge Bases. The tool can be used in SOC work flows.

AI-powered incident classification for ITSM environments. Python, FastAPI, Claude API, ChromaDB, BM25. Full CI/CD pipeline with SAST and dependency scanning.

AI-powered security orchestration for GitLab CI/CD. Automated vulnerability patching, threat modeling, and compliance scoring with GPT-4 and Claude AI agents.

Kubernetes-native Helm auditor for supply chain security, aggregating SBOM, vulnerability, and provenance data.

Setup Static Application Secret Testing (SAST) in GitLab CI pipeline using NJSScan and Semgrep.

Probably the most modern and sophisticated insecure web application!

Clone of OWASP Juice Shop with GitLab branding and more.

Learn more by seeing our DevSecOps Tutorial

AI-driven autonomous penetration testing for your GitLab CI/CD pipeline. Scan for SQL injection, XSS, IDOR, SSRF, auth bypass and more on every push or merge request. Results in GitLab Security Dashboard (DAST report). Free tier available.

About FreePlayground is my public engineering lab notebook and proof-of-work repo. It captures weekly progress across DevOps fundamentals, cloud, automation, and security, plus the projects and experiments I build along the way.

Réaliser en solo une application web sécurisée (frontend + backend + base de données) en architecture microservices, déployée via Docker et orientée DevSecOps, avec authentification OAuth 2.0, chat en temps réel via WebSockets et observabilité complète.

This Git repository serves as a valuable resource for managing Automations and associated scripts, like backups script, synchronization, etc.

SPM (Shell Package Manager) is a tool designed to manage shell-based applications and libraries.

Cloud-native DevOps portfolio project with Docker, Kubernetes, GitLab CI/CD, Terraform, AWS and Trivy.