Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts
☆61May 15, 2023Updated 3 years ago
Alternatives and similar repositories for github-oidc-checker
Users that are interested in github-oidc-checker are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- An implementation of infrastructure-as-code scanning using dynamic tooling.☆56Jan 18, 2022Updated 4 years ago
- POC tool to create signed AWS API GET requests to bypass Guard Duty alerting of off-instance credential use via SSRF☆59Sep 20, 2023Updated 2 years ago
- Compares and analyzes GCP IAM roles.☆79Mar 9, 2025Updated last year
- This GitHub Action sends a reverse shell from a runner via Azure Storage Account blobs☆38Sep 25, 2024Updated last year
- ☆114Jun 8, 2023Updated 2 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝☆142May 3, 2026Updated 2 weeks ago
- ☆30Jan 13, 2026Updated 4 months ago
- ☆39Aug 2, 2024Updated last year
- An AWS IAM policy statement parser and query tool.☆199Feb 10, 2026Updated 3 months ago
- This application was built to help reduce the amount of time it takes to review AWS Lambda code.☆61Nov 11, 2024Updated last year
- Docs: Vulnerability management aggregation of AppSec & OpSec (Tools Listing)☆33Apr 21, 2023Updated 3 years ago
- CLI to prevent malicious Terraform Providers from being executed. You can define the allow list of Terraform Providers and their versions…☆87Updated this week
- Automated least-privilege enforcement for AWS IAM. Analyzes CloudTrail data to compute permission utilization metrics and generates polic…☆13Jan 12, 2026Updated 4 months ago
- Azure Activity Log Axe is a continually developing tool that simplifies the transactional log format provided by Microsoft. The tool leve…☆35Sep 6, 2024Updated last year
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- AWS SSO Reporter☆55May 7, 2025Updated last year
- debug IAM roles for service accounts☆65May 13, 2026Updated last week
- Research on various techniques to bypass default falco ruleset (based on falco v0.28.1).☆89Jan 28, 2024Updated 2 years ago
- Modron - Cloud security compliance☆34Dec 11, 2024Updated last year
- IAM-Deescalate helps mitigate privilege escalation risk in AWS identity and access management (IAM)☆97Sep 14, 2022Updated 3 years ago
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.☆114Jan 2, 2025Updated last year
- SCP management tool☆136Oct 23, 2023Updated 2 years ago
- Security tool against dependency typosquatting attacks☆56May 13, 2026Updated last week
- A GitHub Actions Supply Chain CTF / Goat☆27Apr 13, 2026Updated last month
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- ☆193Apr 16, 2025Updated last year
- 🖇️ equivalence table between OWASP ASVS standard and STRIDE threat modeling methodology.☆76Aug 22, 2024Updated last year
- A Golang program to rotate AWS & GCP account keys☆67May 5, 2026Updated 2 weeks ago
- YouShallNotPass brings an added level of execution security to mission-critical CI/CD Systems.☆37Jan 1, 2024Updated 2 years ago
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…☆101Jan 12, 2024Updated 2 years ago
- A simple script which implements different Cognito attacks such as Account Oracle or Priviledge Escalation☆110Feb 16, 2024Updated 2 years ago
- An easy to navigate list of unicode characters that have risky transformations 💥☆24Mar 22, 2022Updated 4 years ago
- Rego policies for enterprise-scale Compliance-as-Code with OPA Conftest.☆60Oct 19, 2023Updated 2 years ago
- ☆73May 13, 2025Updated last year
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Slack bot which promotes Defense in Depth/Zero Trust security practices☆25Jan 17, 2023Updated 3 years ago
- Useful scripts, Docker images, docker-compose apps, and Terraform modules.☆149May 15, 2026Updated last week
- Clean accounts over permissions in GCP infra at scale☆72May 9, 2023Updated 3 years ago
- Encode and Fuzz Custom Protobuf Messages in Burp Suite☆37Mar 4, 2025Updated last year
- ☆126May 4, 2026Updated 2 weeks ago
- ☆231Mar 27, 2026Updated last month
- K8s Network Policy Migrator is a tool to migrate Calico or Cilium custom network policies to Kubernetes native network policy. The tool o…☆32Aug 29, 2023Updated 2 years ago