Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts
☆61May 15, 2023Updated 2 years ago
Alternatives and similar repositories for github-oidc-checker
Users that are interested in github-oidc-checker are comparing it to the libraries listed below
Sorting:
- An implementation of infrastructure-as-code scanning using dynamic tooling.☆56Jan 18, 2022Updated 4 years ago
- POC tool to create signed AWS API GET requests to bypass Guard Duty alerting of off-instance credential use via SSRF☆59Sep 20, 2023Updated 2 years ago
- Compares and analyzes GCP IAM roles.☆78Mar 9, 2025Updated 11 months ago
- ☆30Jan 13, 2026Updated last month
- Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝☆142Updated this week
- CLI to prevent malicious Terraform Providers from being executed. You can define the allow list of Terraform Providers and their versions…☆88Updated this week
- ☆114Jun 8, 2023Updated 2 years ago
- This GitHub Action sends a reverse shell from a runner via Azure Storage Account blobs☆39Sep 25, 2024Updated last year
- ☆40Aug 2, 2024Updated last year
- A GitHub Actions Supply Chain CTF / Goat☆27Jan 6, 2026Updated last month
- A Golang program to rotate AWS & GCP account keys☆67May 12, 2025Updated 9 months ago
- A simple script which implements different Cognito attacks such as Account Oracle or Priviledge Escalation☆109Feb 16, 2024Updated 2 years ago
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.☆112Jan 2, 2025Updated last year
- ☆73May 13, 2025Updated 9 months ago
- ☆29May 12, 2025Updated 9 months ago
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…☆101Jan 12, 2024Updated 2 years ago
- Another Instagram Bot☆12Jan 21, 2018Updated 8 years ago
- An AWS IAM policy statement parser and query tool.☆198Feb 10, 2026Updated 2 weeks ago
- IAM-Deescalate helps mitigate privilege escalation risk in AWS identity and access management (IAM)☆98Sep 14, 2022Updated 3 years ago
- Azure Activity Log Axe is a continually developing tool that simplifies the transactional log format provided by Microsoft. The tool leve…☆35Sep 6, 2024Updated last year
- Slack bot which promotes Defense in Depth/Zero Trust security practices☆24Jan 17, 2023Updated 3 years ago
- Useful scripts, Docker images, docker-compose apps, and Terraform modules.☆149Feb 15, 2026Updated 2 weeks ago
- Crowdsourced list of sensitive IAM Actions☆159Oct 29, 2024Updated last year
- EKS NG AMI Updater is an open source project that can be used to update kubernetes node group images.☆28Feb 20, 2026Updated last week
- A PoC to Simulate Ransomware Attack on AWS Environment☆33Oct 14, 2024Updated last year
- Provides an overview of the inner file structure of a PDF☆24Sep 26, 2022Updated 3 years ago
- Security tool against dependency typosquatting attacks☆54Updated this week
- Simple tool to identify and remediate the use of the AWS EC2 IMDSv1.☆15Aug 12, 2021Updated 4 years ago
- Ruby bindings for Simple Tiles☆25Dec 17, 2018Updated 7 years ago
- ☆16Jul 17, 2024Updated last year
- 🖇️ equivalence table between OWASP ASVS standard and STRIDE threat modeling methodology.☆76Aug 22, 2024Updated last year
- This application was built to help reduce the amount of time it takes to review AWS Lambda code.☆61Nov 11, 2024Updated last year
- ☆117Feb 11, 2026Updated 2 weeks ago
- ☆124May 26, 2025Updated 9 months ago
- Docs: Vulnerability management aggregation of AppSec & OpSec (Tools Listing)☆32Apr 21, 2023Updated 2 years ago
- K8s Network Policy Migrator is a tool to migrate Calico or Cilium custom network policies to Kubernetes native network policy. The tool o…☆32Aug 29, 2023Updated 2 years ago
- An Evil OIDC Server☆53Oct 19, 2022Updated 3 years ago
- ☆229Updated this week
- Research on various techniques to bypass default falco ruleset (based on falco v0.28.1).☆88Jan 28, 2024Updated 2 years ago