Magier / RanLinks
Ran is an experimental offensive tool for Kubernetes clusters with the goal to enable quick emulation of adversary techniques and a collection for known attack vectors.
☆29Updated 2 weeks ago
Alternatives and similar repositories for Ran
Users that are interested in Ran are comparing it to the libraries listed below
Sorting:
- Supporting code and demos for KubeCon EU 2023 talk "Malicious Compliance: Reflections on Trusting Container Image Scanners"☆67Updated 2 years ago
- kntrl is an eBPF based runtime agent that monitors and prevents anomalous behaviour defined by you on your pipeline. kntrl achieves this …☆125Updated 4 months ago
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.☆111Updated last year
- Response Engine for managing threats in your Kubernetes☆189Updated 2 months ago
- 🧰 Multi Tool Kubernetes Pentest Image☆252Updated 5 months ago
- ☆22Updated 6 months ago
- Runtime Security Solution for your CI/CD Pipeline☆112Updated last week
- Community curated list of System and Network policy templates for the KubeArmor and Cilium☆50Updated last month
- Research on various techniques to bypass default falco ruleset (based on falco v0.28.1).☆88Updated 2 years ago
- micromize is a security hardening tool designed to detect and break the post-exploit kill chain for containerized applications, leveragin…☆43Updated last month
- KBOM - Kubernetes Bill of Materials☆323Updated 6 months ago
- Threat-informed defense for cloudnative: Reference Implementation of a so-called Honeycluster - The detection capabilities can also be us…☆55Updated last month
- Runtime detection and response for malicious events in Kubernetes workloads☆46Updated last year
- ☆86Updated this week
- This repository contains the container image scanning tool ORCA☆42Updated 5 months ago
- Software Bill of Behaviour: A vendor-supplied profile of runtime behaviors for software, designed to be distributed directly within OCI a…☆46Updated last week
- A tool to create, transform and attest VEX metadata☆172Updated last week
- Generate a variety of suspect actions that are detected by Falco rulesets☆115Updated 8 months ago
- Kubernetes audit logging, when you don't control the control plane☆90Updated this week
- Run Falco in a GitHub Actions to detect suspicious behavior in your CI/CD☆45Updated this week
- Sneefer is a PoC project showing how to filter out irrelevent vulnerabilities from container image vulnerability scan results. It is base…☆26Updated 2 years ago
- Takes a software bill of materials and outputs provenance, and activity data from trustypkg.dev☆10Updated 8 months ago
- ☆106Updated 2 months ago
- Template Go app repo with local test/lint/build/vulnerability check workflow, and on tag image test/build/release pipelines, with ko gene…☆103Updated last year
- BadRobot - Operator Security Audit Tool☆223Updated last week
- Koney is a Kubernetes operator that enables you to define so-called deception policies for your cluster. Koney automates the setup, rotat…☆84Updated last week
- Scans SBOMs for vulnerabilities with Grype☆85Updated last week
- kubernetes-for-soc aims to fast-track the learning curve for SOC analysts by enabling them to swiftly grasp the essential concepts and kn…☆57Updated 2 years ago
- Intent driven security automation framework☆27Updated 5 months ago
- Test & Compare different Kubernetes security offerings on EKS, GKE and AKS☆40Updated last year