Alternatives and similar repositories for GitGoat:

Users that are interested in GitGoat are comparing it to the libraries listed below

• scribe-public / gitgat
  Evaluate source control (GitHub) security posture
  ☆249Updated 2 years ago
• boostsecurityio / poutine
  boostsecurityio/poutine
  ☆263Updated last week
• DataDog / supply-chain-firewall
  A tool for preventing the installation of malicious PyPI and npm packages
  ☆133Updated last week
• reposaur / reposaur
  Open source compliance tool for development platforms.
  ☆286Updated last year
• bullfrogsec / bullfrog
  Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows
  ☆91Updated last week
• marco-lancini / utils
  Useful scripts, Docker images, docker-compose apps, and Terraform modules.
  ☆142Updated last week
• jetstack / paranoia
  Inspect certificate authorities in container images
  ☆232Updated 2 weeks ago
• jdyke / gcp-iam-analyzer
  Compares and analyzes GCP IAM roles.
  ☆77Updated last month
• OWASP / www-project-top-10-ci-cd-security-risks
  OWASP Foundation Web Respository
  ☆82Updated 2 months ago
• tenable / cnappgoat
  CNAPPgoat is an open source project designed to modularly provision vulnerable-by-design components in cloud environments.
  ☆276Updated 7 months ago
• latiotech / insecure-kubernetes-deployments
  A full insecure kubernetes application for testing security tools
  ☆70Updated last week
• fwdcloudsec / known_aws_accounts
  List of known AWS accounts
  ☆191Updated last week
• owenrumney / lazytrivy
  Vulnerability scanning just got lazier
  ☆286Updated 2 weeks ago
• lightspin-tech / eks-creation-engine
  The Amazon Elastic Kubernetes Service (EKS) Creation Engine (ECE) is a Python command-line program created by the Lightspin Office of the…
  ☆40Updated 2 years ago
• iriusrisk / OpenThreatModel
  The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.
  ☆171Updated 4 months ago
• suzuki-shunsuke / tfprovidercheck
  CLI to prevent malicious Terraform Providers from being executed. You can define the allow list of Terraform Providers and their versions…
  ☆85Updated last week
• wiz-sec-public / namespacehound
  NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.
  ☆82Updated 3 months ago
• crashappsec / github-analyzer
  A tool to check the security settings of Github Organizations.
  ☆71Updated last year
• orcasecurity / orca-toolbox
  ☆116Updated 3 weeks ago
• tenable / KaiMonkey
  KaiMonkey provides vulnerable infrastructure as code (IaC) to help explore and understand common cloud security threats exposed via IaC.
  ☆99Updated last year
• jstawinski / GitHub-Actions-Attack-Diagram
  ☆165Updated 7 months ago
• controlplaneio / badrobot
  BadRobot - Operator Security Audit Tool
  ☆218Updated last week
• hysnsec / awesome-policy-as-code
  A curated list of policy-as-code resources like blogs, videos, and tools to practice on for learning Policy-as-Code.
  ☆188Updated last year
• raesene / container-security-site
  ☆94Updated 2 months ago
• bgeesaman / malicious-compliance
  Supporting code and demos for KubeCon EU 2023 talk "Malicious Compliance: Reflections on Trusting Container Image Scanners"
  ☆67Updated last year
• SDA-SE / cluster-image-scanner
  Discover vulnerabilities and container image misconfiguration in production environments.
  ☆55Updated last month
• advanced-security / gh-sbom
  Generate SBOMs with gh CLI
  ☆179Updated 6 months ago
• StevenSmiley / aws-mine
  AWS honey token manager
  ☆87Updated 8 months ago
• google / localtoast
  ☆112Updated 3 months ago
• Rezonate-io / github-oidc-checker
  Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts
  ☆61Updated last year