CycodeLabs / GitOpsSecurityChampion
Collection of security best practices to secure GitOps workflows
☆22Updated 2 months ago
Alternatives and similar repositories for GitOpsSecurityChampion:
Users that are interested in GitOpsSecurityChampion are comparing it to the libraries listed below
- Tool for building Kubernetes attack paths☆811Updated this week
- Validate the isolation posture of your container environment.☆235Updated last week
- Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.☆503Updated 3 months ago
- 🧰 Multi Tool Kubernetes Pentest Image☆221Updated 5 months ago
- Kubernetes tool for scanning clusters for network policies and identifying unprotected workloads.☆414Updated 2 weeks ago
- Nord Stream is a tool that allows you to extract secrets stored inside CI/CD environments by deploying malicious pipelines. It currently …☆266Updated 2 months ago
- Evaluate the RBAC permissions of Kubernetes identities through policies written in Rego☆341Updated last year
- CNAPPgoat is an open source project designed to modularly provision vulnerable-by-design components in cloud environments.☆271Updated 4 months ago
- Octoscan is a static vulnerability scanner for GitHub action workflows.☆188Updated last week
- boostsecurityio/poutine☆245Updated this week
- A collection of manifests that will create pods with elevated privileges.☆606Updated 2 years ago
- OWASP Kubernetes security and compliance tool [WIP]☆105Updated last year
- Process documentation, non-code deliverables, and miscellaneous artifacts of Kubernetes SIG Security☆180Updated 3 weeks ago
- A curated list of resources about detecting threats and defending Kubernetes systems.☆371Updated last year
- Demos for our research on Github actions script injection vulnerabilities☆13Updated 8 months ago
- GitHub Actions Pipeline Enumeration and Attack Tool☆580Updated 5 months ago
- #supply #chain #attack #detection☆496Updated this week
- Kubernetes Security Training Platform - focusing on security mitigation☆939Updated 4 months ago
- OWASP Foundation Web Respository☆572Updated 11 months ago
- RedFlag uses AI to identify high-risk code changes. Run it in batch mode for release candidate testing or in CI pipelines to flag PRs and…☆144Updated 2 months ago
- Supporting code and demos for KubeCon EU 2023 talk "Malicious Compliance: Reflections on Trusting Container Image Scanners"☆67Updated last year
- Ansible/Vagrant/Packer files to create a virtual machine with the tooling needed to perform cloud security assessments☆134Updated 3 weeks ago
- All-in-one auditing toolkit for identifying common security issues in managed Kubernetes environments. Currently supports Amazon EKS.☆330Updated last year
- Rapid7 | insightCloudSec | Kubernetes RBAC Power Toys - Visualize, Analyze, Generate & Query☆983Updated last month
- Response Engine for managing threats in your Kubernetes☆147Updated this week
- Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets☆790Updated last week
- Kubernetes exploitation tool☆361Updated 6 months ago
- ☆171Updated 2 months ago
- GitGoat is an open source tool that was built to enable DevOps and Engineering teams to design and implement a sustainable misconfigurati…☆169Updated last week
- Chaos snake for Kubernetes. Chaos engineering combined with a classic snake game.☆172Updated 2 weeks ago