Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts
☆61May 15, 2023Updated 2 years ago
Alternatives and similar repositories for github-oidc-checker
Users that are interested in github-oidc-checker are comparing it to the libraries listed below
Sorting:
- An implementation of infrastructure-as-code scanning using dynamic tooling.☆56Jan 18, 2022Updated 4 years ago
- POC tool to create signed AWS API GET requests to bypass Guard Duty alerting of off-instance credential use via SSRF☆59Sep 20, 2023Updated 2 years ago
- Compares and analyzes GCP IAM roles.☆78Mar 9, 2025Updated last year
- This GitHub Action sends a reverse shell from a runner via Azure Storage Account blobs☆39Sep 25, 2024Updated last year
- ☆114Jun 8, 2023Updated 2 years ago
- Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝☆142Feb 26, 2026Updated 3 weeks ago
- ☆30Jan 13, 2026Updated 2 months ago
- ☆40Aug 2, 2024Updated last year
- An AWS IAM policy statement parser and query tool.☆199Feb 10, 2026Updated last month
- This application was built to help reduce the amount of time it takes to review AWS Lambda code.☆61Nov 11, 2024Updated last year
- Docs: Vulnerability management aggregation of AppSec & OpSec (Tools Listing)☆32Apr 21, 2023Updated 2 years ago
- Automated least-privilege enforcement for AWS IAM. Analyzes CloudTrail data to compute permission utilization metrics and generates polic…☆13Jan 12, 2026Updated 2 months ago
- CLI to prevent malicious Terraform Providers from being executed. You can define the allow list of Terraform Providers and their versions…☆88Updated this week
- Azure Activity Log Axe is a continually developing tool that simplifies the transactional log format provided by Microsoft. The tool leve…☆35Sep 6, 2024Updated last year
- AWS SSO Reporter☆55May 7, 2025Updated 10 months ago
- debug IAM roles for service accounts☆65Updated this week
- Research on various techniques to bypass default falco ruleset (based on falco v0.28.1).☆89Jan 28, 2024Updated 2 years ago
- Modron - Cloud security compliance☆34Dec 11, 2024Updated last year
- IAM-Deescalate helps mitigate privilege escalation risk in AWS identity and access management (IAM)☆98Sep 14, 2022Updated 3 years ago
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.☆113Jan 2, 2025Updated last year
- SCP management tool☆135Oct 23, 2023Updated 2 years ago
- Security tool against dependency typosquatting attacks☆55Updated this week
- A GitHub Actions Supply Chain CTF / Goat☆26Jan 6, 2026Updated 2 months ago
- ☆192Apr 16, 2025Updated 11 months ago
- 🖇️ equivalence table between OWASP ASVS standard and STRIDE threat modeling methodology.☆76Aug 22, 2024Updated last year
- A Golang program to rotate AWS & GCP account keys☆67May 12, 2025Updated 10 months ago
- YouShallNotPass brings an added level of execution security to mission-critical CI/CD Systems.☆37Jan 1, 2024Updated 2 years ago
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…☆101Jan 12, 2024Updated 2 years ago
- A simple script which implements different Cognito attacks such as Account Oracle or Priviledge Escalation☆109Feb 16, 2024Updated 2 years ago
- An easy to navigate list of unicode characters that have risky transformations 💥☆25Mar 22, 2022Updated 4 years ago
- Rego policies for enterprise-scale Compliance-as-Code with OPA Conftest.☆60Oct 19, 2023Updated 2 years ago
- ☆73May 13, 2025Updated 10 months ago
- Slack bot which promotes Defense in Depth/Zero Trust security practices☆24Jan 17, 2023Updated 3 years ago
- Useful scripts, Docker images, docker-compose apps, and Terraform modules.☆149Mar 15, 2026Updated last week
- Clean accounts over permissions in GCP infra at scale☆71May 9, 2023Updated 2 years ago
- Another Instagram Bot☆12Jan 21, 2018Updated 8 years ago
- Encode and Fuzz Custom Protobuf Messages in Burp Suite☆37Mar 4, 2025Updated last year
- ☆124May 26, 2025Updated 9 months ago
- ☆229Mar 10, 2026Updated last week