accuknox / k8sthreatmodelingLinks
Threat Modeling (based on STRIDE approach) for Kubernetes systems.
☆21Updated 7 months ago
Alternatives and similar repositories for k8sthreatmodeling
Users that are interested in k8sthreatmodeling are comparing it to the libraries listed below
Sorting:
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.☆98Updated 5 months ago
- Tooling to simulate runtime attacks and test default runtime detections from Datadog Cloud Security Management.☆31Updated 7 months ago
- Capture The Flag Challenge for eBPF Summit 2022☆18Updated 2 years ago
- ☆72Updated 3 weeks ago
- Test & Compare different Kubernetes security offerings on EKS, GKE and AKS☆39Updated 9 months ago
- K8s API Honeypot with Active Defense Capabilities☆40Updated last year
- a tool to audit the istio service mesh☆173Updated 3 years ago
- Clean accounts over permissions in GCP infra at scale☆71Updated 2 years ago
- This terraform provider can be used to get remote code execution by injecting a dummy resource in a writeable state file.☆55Updated 4 months ago
- Container 📦 Security 🔐 Best Practices Checklist 📋 & Slides☆68Updated 4 years ago
- A replacement for "kubectl exec" that works over WebSocket connections.☆39Updated last year
- ☆21Updated 6 months ago
- PEACH - a step-by-step framework for modeling and improving SaaS and PaaS tenant isolation, by managing the attack surface exposed by use…☆71Updated 2 years ago
- Discover vulnerabilities and container image misconfiguration in production environments.☆56Updated last week
- Cloud Security Posture security policies☆31Updated 8 months ago
- Kubernetes audit logging, when you don't control the control plane☆81Updated this week
- Semgrep-based Policy Controller for Kubernetes☆47Updated 2 months ago
- ☆44Updated 7 months ago
- Curating Falco rules with MITRE ATT&CK Matrix☆80Updated last year
- Sniff and attack networks that use IP-in-IP or VXLAN encapsulation protocols.☆21Updated 9 months ago
- Protect your Cloud Native Applications running on Kubernetes from malicious attacks with pre-registered source code, pre-registered runti…☆55Updated 5 months ago
- Research on various techniques to bypass default falco ruleset (based on falco v0.28.1).☆81Updated last year
- ☆27Updated 3 weeks ago
- OWASP Kubernetes security and compliance tool [WIP]☆106Updated 2 years ago
- ☆96Updated 4 months ago
- HashiCorp-relevant rules for the Semgrep code analysis tool☆41Updated last year
- Attaché provides an emulation layer for Cloud Provider IMDS APIs☆57Updated 11 months ago
- EPSS(Exploit Prediction Scoring System) API client☆18Updated last week
- Tool for obfuscating and deobfuscating data.☆70Updated last year
- Intent driven security automation framework☆25Updated 2 months ago