Monrava / bsidesnyc2023
This repository contains the code used during my demo at BSidesNYC 2023 where I presented a new method for analysing volatile memory in Google Kubernetes Engine (GKE).
☆1Updated 3 months ago
Alternatives and similar repositories for bsidesnyc2023:
Users that are interested in bsidesnyc2023 are comparing it to the libraries listed below
- Trust Dexter to ensure that all your images are pinned by digest for better security☆29Updated last year
- ☆19Updated 4 months ago
- K8s Network Policy Migrator is a tool to migrate Calico or Cilium custom network policies to Kubernetes native network policy. The tool o…☆30Updated last year
- Kubernetes audit logging, when you don't control the control plane☆67Updated this week
- Creates PolicyReports based on the different Trivy Operator CRDs like VulnerabilityReports☆57Updated this week
- This projects contains pre-made policies for Kubernetes Validating Admission Policies. This policy library is based on Kubescape controls…☆50Updated last month
- An admission controller service and kubectl plugin to handle container drift in K8s clusters☆124Updated 3 years ago
- ☆20Updated 8 months ago
- vexctl is a tool to attest VEX impact statements☆44Updated last year
- ☆16Updated last year
- etcd-k8s-extract takes in an etcd data directory or db file used in kubernetes, extracts the kubernetes resources and then writes the res…☆27Updated 2 weeks ago
- Kubernetes admission webhook that uses cosign verify to check the subject and issuer of the image matches what you expect☆22Updated last week
- Private Terraform Registry Manager☆43Updated 7 months ago
- ☆74Updated last month
- kubectl plugin for signing Kubernetes manifest YAML files with sigstore☆79Updated last month
- Rego policies for enterprise-scale Compliance-as-Code with OPA Conftest.☆58Updated last year
- This tool allows using a SPIFFE JWT to authenticate to AWS APIs☆34Updated 7 months ago
- Cedar for Kubernetes brings the power of Cedar to Kubernetes authorization and admission validation, showing how cluster administrators c…☆102Updated last week
- ☆40Updated 2 years ago
- An SBOM query language and associated utilities☆54Updated 11 months ago
- Simple tool that allows you to detect imposter commits in GitHub Actions workflows.☆23Updated last month
- Threat-informed defense for cloudnative: Reference Implementation of a so-called Honeycluster - for kind (and GKE, RKE2, AKS)☆27Updated this week
- Kubernetes Admission Controller for Image Scanning using OPA☆50Updated last year
- ☆47Updated 2 years ago
- Open Source runtime scanner for k8s cluster and perform security audit checks based on CIS Kubernetes Benchmark specification☆65Updated 3 weeks ago
- Sharable Config Presets for Renovatebot, especially useful for DevOps folks☆47Updated this week
- A pane of glass between you and your Kubernetes clusters.☆45Updated last year
- sigstore the hard way!☆110Updated 8 months ago
- Github Action to automatically update digests for container images.☆52Updated 2 months ago