Alternatives and similar repositories for upload-secure-artifact

Users that are interested in upload-secure-artifact are comparing it to the libraries listed below

• tstromberg / supplychain-attack-data
  Data about all known supply-chain attacks through history
  ☆63Updated 7 months ago
• DataDog / whoAMI-scanner
  Scan your account for the use of untrusted AMIs
  ☆30Updated last month
• Rezonate-io / github-oidc-checker
  Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts
  ☆61Updated 2 years ago
• PaloAltoNetworks / github-oidc-utils
  ☆37Updated 8 months ago
• devops-kung-fu / lucha
  A CLI that scans for sensitive data in source code
  ☆14Updated 2 years ago
• tenable / hidden-services-revealer
  ☆39Updated last year
• lukesudom / revelio-scan
  A powerful containerized tool that automatically downloads, extracts, and scans packages from PyPI and npm for embedded secrets, API keys…
  ☆18Updated 5 months ago
• boostsecurityio / lotp
  boostsecurityio/lotp
  ☆138Updated 2 months ago
• semgr8ns / semgr8s
  Semgrep-based Policy Controller for Kubernetes
  ☆47Updated 9 months ago
• DataDog / supply-chain-firewall
  Supply-Chain Firewall (SCFW) is a tool for preventing the installation of malicious npm and PyPI packages
  ☆210Updated this week
• AdnaneKhan / ActionsCacheBlasting
  Proof-of-concept code for research into GitHub Actions Cache poisoning.
  ☆21Updated 10 months ago
• Aqua-Nautilus / TrailShark
  ☆53Updated last year
• Checkmarx / 2ms
  Too many secrets (2MS) helps people protect their secrets on any file or on systems like CMS, chats and git
  ☆138Updated last week
• jeremylong / malicious-dependencies
  Demonstrates how a malicious dependency could negatively impact the build output.
  ☆25Updated 2 years ago
• AdnaneKhan / ActionsTOCTOU
  Example repository for GitHub Actions Time of Check to Time of Use (TOCTOU vulnerabilities)
  ☆34Updated 8 months ago
• marklechner / priscope
  A security tool designed to help review merged code changes to open source maintained repositories via LLM assisted review to safeguard a…
  ☆32Updated last year
• bullfrogsec / bullfrog
  Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows
  ☆114Updated this week
• boostsecurityio / poutine
  boostsecurityio/poutine
  ☆354Updated last month
• trufflesecurity / how-to-rotate
  An open-source collection of API key rotation tutorials.
  ☆76Updated 4 months ago
• shehackspurple / TTT-Security-Is-Everybodys-Job
  This repository will teach you got to present my talk "Security is everybody's job", a talk about DevSecOps.
  ☆27Updated 3 years ago
• crashappsec / github-analyzer
  A tool to check the security settings of Github Organizations.
  ☆75Updated 2 years ago
• DuneGroup / ice-axe
  ☆23Updated last year
• Betterment / claws
  💅🏽 analyzes your github actions
  ☆97Updated last week
• ncc-erik-steringer / Aerides
  An implementation of infrastructure-as-code scanning using dynamic tooling.
  ☆56Updated 3 years ago
• jstawinski / GitHub-Actions-Attack-Diagram
  ☆193Updated 8 months ago
• adanalvarez / TrailAlerts
  TrailAlerts is a AWS-native, serverless cloud-detection tool that lets you define simple rules as code and get rich alerts about events i…
  ☆51Updated 2 months ago
• Permiso-io-tools / SkyScalpel
  ☆47Updated last year
• carta / krang
  Knowledge Report Alert & Normalization Generator
  ☆26Updated 3 weeks ago
• r3volved / CVEAggregate
  Build a CVE library with aggregated CISA, EPSS and CVSS data
  ☆29Updated 2 years ago
• adanalvarez / HoneyTrail
  Independently deploy customized honeyservices in AWS to trigger alerts on unauthorized access. It utilizes a dedicated CloudTrail for pre…
  ☆51Updated last year