Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts
☆61May 15, 2023Updated 2 years ago
Alternatives and similar repositories for github-oidc-checker
Users that are interested in github-oidc-checker are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- An implementation of infrastructure-as-code scanning using dynamic tooling.☆56Jan 18, 2022Updated 4 years ago
- POC tool to create signed AWS API GET requests to bypass Guard Duty alerting of off-instance credential use via SSRF☆59Sep 20, 2023Updated 2 years ago
- Compares and analyzes GCP IAM roles.☆79Mar 9, 2025Updated last year
- This GitHub Action sends a reverse shell from a runner via Azure Storage Account blobs☆39Sep 25, 2024Updated last year
- ☆114Jun 8, 2023Updated 2 years ago
- Wordpress hosting with auto-scaling on Cloudways • AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝☆142Feb 26, 2026Updated last month
- ☆30Jan 13, 2026Updated 2 months ago
- ☆40Aug 2, 2024Updated last year
- An AWS IAM policy statement parser and query tool.☆199Feb 10, 2026Updated 2 months ago
- This application was built to help reduce the amount of time it takes to review AWS Lambda code.☆61Nov 11, 2024Updated last year
- Docs: Vulnerability management aggregation of AppSec & OpSec (Tools Listing)☆32Apr 21, 2023Updated 2 years ago
- CLI to prevent malicious Terraform Providers from being executed. You can define the allow list of Terraform Providers and their versions…☆88Updated this week
- Automated least-privilege enforcement for AWS IAM. Analyzes CloudTrail data to compute permission utilization metrics and generates polic…☆13Jan 12, 2026Updated 3 months ago
- AWS SSO Reporter☆55May 7, 2025Updated 11 months ago
- End-to-end encrypted cloud storage - Proton Drive • AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- Azure Activity Log Axe is a continually developing tool that simplifies the transactional log format provided by Microsoft. The tool leve…☆35Sep 6, 2024Updated last year
- debug IAM roles for service accounts☆65Updated this week
- Research on various techniques to bypass default falco ruleset (based on falco v0.28.1).☆89Jan 28, 2024Updated 2 years ago
- Modron - Cloud security compliance☆34Dec 11, 2024Updated last year
- IAM-Deescalate helps mitigate privilege escalation risk in AWS identity and access management (IAM)☆98Sep 14, 2022Updated 3 years ago
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.☆115Jan 2, 2025Updated last year
- SCP management tool☆136Oct 23, 2023Updated 2 years ago
- Security tool against dependency typosquatting attacks☆55Updated this week
- A GitHub Actions Supply Chain CTF / Goat☆27Jan 6, 2026Updated 3 months ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- ☆192Apr 16, 2025Updated 11 months ago
- 🖇️ equivalence table between OWASP ASVS standard and STRIDE threat modeling methodology.☆76Aug 22, 2024Updated last year
- A Golang program to rotate AWS & GCP account keys☆67May 12, 2025Updated 11 months ago
- YouShallNotPass brings an added level of execution security to mission-critical CI/CD Systems.☆37Jan 1, 2024Updated 2 years ago
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…☆101Jan 12, 2024Updated 2 years ago
- A simple script which implements different Cognito attacks such as Account Oracle or Priviledge Escalation☆110Feb 16, 2024Updated 2 years ago
- An easy to navigate list of unicode characters that have risky transformations 💥☆25Mar 22, 2022Updated 4 years ago
- Rego policies for enterprise-scale Compliance-as-Code with OPA Conftest.☆60Oct 19, 2023Updated 2 years ago
- ☆73May 13, 2025Updated 10 months ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Slack bot which promotes Defense in Depth/Zero Trust security practices☆24Jan 17, 2023Updated 3 years ago
- Useful scripts, Docker images, docker-compose apps, and Terraform modules.☆149Mar 15, 2026Updated 3 weeks ago
- Clean accounts over permissions in GCP infra at scale☆71May 9, 2023Updated 2 years ago
- Another Instagram Bot☆12Jan 21, 2018Updated 8 years ago
- Encode and Fuzz Custom Protobuf Messages in Burp Suite☆37Mar 4, 2025Updated last year
- ☆124May 26, 2025Updated 10 months ago
- ☆230Mar 27, 2026Updated 2 weeks ago