SDA-SE / cluster-image-scanner
Discover vulnerabilities and container image misconfiguration in production environments.
☆55Updated 2 months ago
Alternatives and similar repositories for cluster-image-scanner:
Users that are interested in cluster-image-scanner are comparing it to the libraries listed below
- Protect against subdomain takeover☆92Updated 11 months ago
- ☆96Updated 3 months ago
- a tool to audit the istio service mesh☆173Updated 3 years ago
- A utility to (re-)import findings and language data into DefectDojo☆43Updated 7 months ago
- An implementation of infrastructure-as-code scanning using dynamic tooling.☆56Updated 3 years ago
- Clean accounts over permissions in GCP infra at scale☆71Updated 2 years ago
- ☆177Updated 2 weeks ago
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.☆84Updated 4 months ago
- This Repository contains the stable beta preview of the next major secureCodeBox (SCB) release v2.0.0.☆24Updated 4 years ago
- OWASP Kubernetes Security Testing Guide☆37Updated 8 months ago
- Security testing tool for Kubernetes, abusing kubelet credentials on public cloud providers.☆161Updated last year
- Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts☆61Updated last year
- Curating Falco rules with MITRE ATT&CK Matrix☆79Updated last year
- Kubernetes Pwnage for all☆57Updated 4 years ago
- Dependency Combobulator☆93Updated last year
- OWASP Kubernetes security and compliance tool [WIP]☆106Updated last year
- PEACH - a step-by-step framework for modeling and improving SaaS and PaaS tenant isolation, by managing the attack surface exposed by use…☆70Updated 2 years ago
- Kubernetes Security Testing Guide☆26Updated last year
- A deliberately vulnerable Kubernetes cluster☆124Updated last year
- The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.☆172Updated 5 months ago
- OWASP Foundation Web Respository☆55Updated 2 years ago
- Supporting code and demos for KubeCon EU 2023 talk "Malicious Compliance: Reflections on Trusting Container Image Scanners"☆67Updated last year
- WAF bypass PoC☆47Updated last year
- ☆74Updated 4 years ago
- Static security checker for Dockerfiles☆94Updated last year
- OWASP Foundation Web Respository☆82Updated 3 months ago
- The security workflow engine!☆111Updated last week
- Dynamic Application and API Security Testing☆192Updated 2 years ago
- A comprehensive checklist and guide for organizations looking to implement a robust cybersecurity program☆15Updated last week
- ☆16Updated 9 months ago