Addepar / RedFlag
RedFlag uses AI to identify high-risk code changes. Run it in batch mode for release candidate testing or in CI pipelines to flag PRs and add reviewers. RedFlag's flexible configuration makes it valuable for any team.
☆148Updated 4 months ago
Alternatives and similar repositories for RedFlag:
Users that are interested in RedFlag are comparing it to the libraries listed below
- Cloud Commotion intends to cause chaos to simulate security incidents☆145Updated 9 months ago
- AWS honey token manager☆87Updated 7 months ago
- Simple Workspace Attack Tool (SWAT) is a tool for simulating malicious behavior against Google Workspace in reference to the MITRE ATT&CK…☆164Updated 5 months ago
- Nextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrix☆58Updated last year
- ☆364Updated 11 months ago
- cloudgrep is grep for cloud storage☆324Updated 3 weeks ago
- Generate datasets of cloud audit logs for common attacks☆208Updated 7 months ago
- Static code analyser for backdoors and malicious code in git repos using OpenAI compatible LLM APIs☆72Updated last year
- ☆163Updated 6 months ago
- A full insecure kubernetes application for testing security tools☆70Updated this week
- ☆47Updated 4 months ago
- A tool to uncover undocumented APIs from the AWS Console.☆98Updated 4 months ago
- An AI-powered tool for discovering privilege escalation opportunities in AWS IAM configurations.☆105Updated 5 months ago
- Use AI to Scan Your Code from the Command Line for security and code smells. Bring your own keys. Supports OpenAI and Gemini☆161Updated last year
- Gram is Klarna's own threat model diagramming tool☆319Updated last week
- Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive files☆216Updated last week
- Ansible/Vagrant/Packer files to create a virtual machine with the tooling needed to perform cloud security assessments☆138Updated 2 months ago
- Released at Black Hat Asia on April 18, 2024, Cloud Console Cartographer is a framework for condensing groupings of cloud events (e.g. Cl…☆164Updated 10 months ago
- Independently deploy customized honeyservices in AWS to trigger alerts on unauthorized access. It utilizes a dedicated CloudTrail for pre…☆51Updated 4 months ago
- An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and secur…☆146Updated last month
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…☆91Updated last year
- IMDSPOOF is a cyber deception tool that spoofs the AWS IMDS service to return HoneyTokens that can be alerted on.☆101Updated last year
- ☆258Updated 3 months ago
- This repo contains IOC, malware and malware analysis associated with Public cloud☆249Updated 4 months ago
- A web CTF for training developers in bug hunting and secure coding!☆97Updated 2 months ago
- A tool for AWS incident response, that allows for enumeration, acquisition and analysis of data from AWS environments for the purpose of …☆186Updated 5 months ago
- HashiCorp-relevant rules for the Semgrep code analysis tool☆39Updated last year
- Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows☆82Updated last week
- find dangling domains in a multi cloud environment☆140Updated this week
- Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @Webbi…☆235Updated 2 weeks ago