D

devsecops

This repository provides a Terraform framework for managing multiple infrastructure projects through a centralized, reusable architecture.

This Git repository serves as a valuable resource for centralizing Kubernetes manifests and automating GitOps workflows using Argo CD.

Probably the most modern and sophisticated insecure web application!

Clone of OWASP Juice Shop with GitLab branding and more.

Learn more by seeing our DevSecOps Tutorial

This project leverages GitLab's DevOps platform to demonstrate the seamless integration of development, security, and operations in deploying a cloud-native application. It highlights GitLab CI/CD pipelines and security scanning, showcasing a streamlined, secure software delivery process.

Cheatsheet / IT toolbox

This Git repository serves as a valuable resource for managing Automations and associated scripts, like backups script, synchronization, etc.

The BFG is a simpler, faster alternative to git-filter-branch for cleansing bad data (Passwords, Credentials & other Private data)

https://rtyley.github.io/bfg-repo-cleaner/

This Git repository serves as a valuable resource for managing Dockerfiles and associated scripts.

--The alphabet is not language but a circuit of cognition.

SPM (Shell Package Manager) is a tool designed to manage shell-based applications and libraries.

This POC evaluates the HUGO static site generator framework for potential adoption in our infrastructure documentation projects.

This platform is designed to simplify the resignation process by providing a structured and professional way to craft resignation letters.

This platform takes a satirical approach to the HR system, offering a humorous yet insightful perspective on navigating salary negotiations and understanding the intricacies of workplace compensation.

The purpose of this POC is to perform a comprehensive proof of concept of the entire process, from development to deployment.

This project serves as a comprehensive reference implementation for enterprise DevSecOps practices, demonstrating how security, automation, and observability integrate seamlessly in modern cloud applications.

LinkSphere is a modern URL shortener built with Go and React. It provides fast link generation, click tracking, and a clean dashboard for managing and analyzing shortened URLs.

SafeDep vet CI Component for policy driven vetting of open source dependencies.

This project sets up Static Application Security Testing (SAST) in a GitLab CI/CD pipeline using two tools:

NJSScan → A security scanner specialized for JavaScript applications. It analyzes source code and flags insecure coding patterns and vulnerabilities.

Semgrep → A lightweight, multi-language static analysis tool that uses rulesets (such as p/javascript) to detect vulnerabilities, insecure practices, and style issues across different programming languages.

This project demonstrates how to integrate GitLeaks for secrets scanning into a GitLab CI pipeline, along with a Git pre-commit hook.