boostsecurityio/poutine
☆367Updated this week
Alternatives and similar repositories for poutine
Users that are interested in poutine are comparing it to the libraries listed below
Sorting:
- boostsecurityio/lotp☆139Updated this week
- Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows☆117Updated this week
- Proof-of-concept code for research into GitHub Actions Cache poisoning.☆21Mar 9, 2025Updated 11 months ago
- GitHub Actions Cache Native Malware - for Educational and Research Purposes only.☆97Jan 28, 2026Updated last month
- Example repository for GitHub Actions Time of Check to Time of Use (TOCTOU vulnerabilities)☆35Jan 25, 2026Updated last month
- Create tar/zip archives that try to exploit zipslip vulnerability.☆48Sep 20, 2024Updated last year
- Nord Stream is a tool that allows you to extract secrets stored inside CI/CD environments by deploying malicious pipelines. It currently …☆315Jan 25, 2026Updated last month
- Octoscan is a static vulnerability scanner for GitHub action workflows.☆244Dec 8, 2025Updated 2 months ago
- A PoC to Simulate Ransomware Attack on AWS Environment☆33Oct 14, 2024Updated last year
- Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets☆833Mar 28, 2025Updated 11 months ago
- boostsecurityio/bagel☆64Feb 12, 2026Updated 2 weeks ago
- Gram is Klarna's own threat model diagramming tool☆329Jan 26, 2026Updated last month
- Tricard - Malware Sandbox Fingerprinting☆23Dec 11, 2023Updated 2 years ago
- Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, an…☆966Updated this week
- Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.☆41Dec 12, 2023Updated 2 years ago
- Script to audit GitHub Action Workflow files for potential vulnerabilities.☆153Aug 28, 2024Updated last year
- This tool analyzes a given Gitlab repository and searches for dangling or force-pushed commits containing potential secret or interesting…☆47Aug 16, 2024Updated last year
- Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive files☆228Updated this week
- kntrl is an eBPF based runtime agent that monitors and prevents anomalous behaviour defined by you on your pipeline. kntrl achieves this …☆125Sep 23, 2025Updated 5 months ago
- This application was built to help reduce the amount of time it takes to review AWS Lambda code.☆61Nov 11, 2024Updated last year
- A GitHub Actions Supply Chain CTF / Goat☆27Jan 6, 2026Updated last month
- ☆13Jan 30, 2025Updated last year
- Scans your Github Actions for security issues☆89Updated this week
- Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.☆575Feb 12, 2026Updated 2 weeks ago
- Halberd : Multi-Cloud Agentic Attack Tool☆334Jan 12, 2026Updated last month
- Audit your GitHub Actions workflow runs to see exactly which Actions were downloaded☆80Feb 16, 2026Updated last week
- GitHub Actions Pipeline Enumeration and Attack Tool☆730Sep 17, 2025Updated 5 months ago
- An interactive CLI application for interacting with authenticated Jupyter instances.☆55May 7, 2025Updated 9 months ago
- ☆11Dec 19, 2024Updated last year
- ☆192Apr 16, 2025Updated 10 months ago
- How GitHub Actions workflows can be hacked☆176Aug 23, 2024Updated last year
- All-in-one auditing toolkit for identifying common security issues in managed Kubernetes environments. Currently supports Amazon EKS.☆370Feb 13, 2026Updated 2 weeks ago
- Awesome secure by default libraries to help you eliminate bug classes!☆700Dec 6, 2025Updated 2 months ago
- GuardDog is a CLI tool to Identify malicious PyPI and npm packages☆1,003Updated this week
- PII detection platform, leveraging human-in-the-loop AI☆54Nov 29, 2024Updated last year
- Unauthenticated enumeration of AWS, Azure, and GCP Principals☆283Nov 27, 2025Updated 3 months ago
- ☆46Nov 7, 2024Updated last year
- #supply #chain #attack #detection☆646Updated this week
- CLI to prevent malicious Terraform Providers from being executed. You can define the allow list of Terraform Providers and their versions…☆88Updated this week