boostsecurityio / poutineLinks
boostsecurityio/poutine
☆308Updated this week
Alternatives and similar repositories for poutine
Users that are interested in poutine are comparing it to the libraries listed below
Sorting:
- Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows☆110Updated 2 weeks ago
- A tool for preventing the installation of malicious npm and PyPI packages☆153Updated this week
- ☆79Updated 6 months ago
- Gram is Klarna's own threat model diagramming tool☆322Updated last week
- The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.☆174Updated 8 months ago
- RedFlag uses AI to identify high-risk code changes. Run it in batch mode for release candidate testing or in CI pipelines to flag PRs and…☆152Updated 8 months ago
- Documenting your Threat Models with HCL☆432Updated 2 months ago
- ☆187Updated 3 months ago
- The security workflow engine!☆119Updated last week
- A full insecure kubernetes application for testing security tools☆89Updated 3 months ago
- Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets☆813Updated 4 months ago
- App that simplifies building decision trees to model adverse scenarios☆215Updated last year
- GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment☆478Updated last month
- boostsecurityio/lotp☆130Updated 3 months ago
- A tool to check the security settings of Github Organizations.☆72Updated 2 years ago
- Cloud Commotion intends to cause chaos to simulate security incidents☆143Updated last year
- Nord Stream is a tool that allows you to extract secrets stored inside CI/CD environments by deploying malicious pipelines. It currently …☆294Updated last week
- Validate the isolation posture of your container environment.☆296Updated this week
- Script to audit GitHub Action Workflow files for potential vulnerabilities.☆155Updated 11 months ago
- HashiCorp-relevant rules for the Semgrep code analysis tool☆41Updated last year
- GitHub Attack Toolkit - Extreme Edition - A static analysis and exploit toolkit for GitHub Actions.☆382Updated 2 weeks ago
- An open-source collection of API key rotation tutorials.☆70Updated last month
- Enriching the NVD CVSS scores to include Temporal & Threat Metrics☆209Updated this week
- Focused malicious code detection ruleset, with a high protection-to-noise ratio☆123Updated 5 months ago
- kntrl is an eBPF based runtime agent that monitors and prevents anomalous behaviour defined by you on your pipeline. kntrl achieves this …☆116Updated 2 months ago
- Octoscan is a static vulnerability scanner for GitHub action workflows.☆218Updated 3 months ago
- ☆119Updated this week
- OWASP Foundation Web Respository☆97Updated 6 months ago
- Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.☆534Updated 5 months ago
- Protect against subdomain takeover☆92Updated 2 weeks ago