bullfrogsec/bullfrog external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

bullfrogsec/bullfrog

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/bullfrogsec/bullfrog)

Close

bullfrogsec / bullfrogView on GitHubMore

• External links
• Readme badge

Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows

☆120Mar 26, 2026Updated this week

Alternatives and similar repositories for bullfrog

Users that are interested in bullfrog are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• kondukto-io / kntrl

  View on GitHub
  kntrl is an eBPF based runtime agent that monitors and prevents anomalous behaviour defined by you on your pipeline. kntrl achieves this …
  ☆125Mar 19, 2026Updated last week
• offensive-actions / azure-storage-reverse-shell

  View on GitHub
  This GitHub Action sends a reverse shell from a runner via Azure Storage Account blobs
  ☆39Sep 25, 2024Updated last year
• boostsecurityio / poutine

  View on GitHub
  boostsecurityio/poutine
  ☆392Updated this week
• ofirc / k8s-sniff-https

  View on GitHub
  A simple mitmproxy blueprint to intercept HTTPS traffic from app running on Kubernetes
  ☆75Apr 14, 2025Updated 11 months ago
• trufflesecurity / WhoAmISlack

  View on GitHub
  Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.
  ☆41Dec 12, 2023Updated 2 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
• semgr8ns / semgr8s

  View on GitHub
  Semgrep-based Policy Controller for Kubernetes
  ☆47Apr 4, 2025Updated 11 months ago
• nodyhub / zipslipper

  View on GitHub
  Create tar/zip archives that try to exploit zipslip vulnerability.
  ☆48Sep 20, 2024Updated last year
• tenable / hidden-services-revealer

  View on GitHub
  ☆40Aug 2, 2024Updated last year
• singe / tidcli

  View on GitHub
  A simple touchID prompt'er for use in shell scripts.
  ☆99Jun 18, 2024Updated last year
• GoogleCloudPlatform / assured-workloads-terraform

  View on GitHub
  ☆18Jul 30, 2024Updated last year
• ReversecLabs / cloud-security-vm

  View on GitHub
  Ansible/Vagrant/Packer files to create a virtual machine with the tooling needed to perform cloud security assessments
  ☆142Jan 2, 2025Updated last year
• chains-project / ghasum

  View on GitHub
  Checksums for GitHub Actions.
  ☆18Mar 20, 2026Updated last week
• latiotech / github-actions-log-checker

  View on GitHub
  Used to check Github actions logs for secrets - specifically tj-actions and reviewdog
  ☆22Mar 18, 2025Updated last year
• ReversecLabs / encap-attack

  View on GitHub
  Sniff and attack networks that use IP-in-IP or VXLAN encapsulation protocols.
  ☆23Aug 30, 2024Updated last year
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• lirlia / prel

  View on GitHub
  prel(iminary) is an application that temporarily assigns Google Cloud IAM Roles and includes an approval process.
  ☆46Updated this week
• DataDog / undocumented-aws-api-hunter

  View on GitHub
  A tool to uncover undocumented APIs from the AWS Console.
  ☆120Mar 16, 2026Updated last week
• github / audit-actions-workflow-runs

  View on GitHub
  Audit your GitHub Actions workflow runs to see exactly which Actions were downloaded
  ☆82Updated this week
• jstawinski / GitHub-Actions-Attack-Diagram

  View on GitHub
  ☆192Apr 16, 2025Updated 11 months ago
• StevenSmiley / aws-mine

  View on GitHub
  AWS honey token manager
  ☆90Aug 1, 2024Updated last year
• adanalvarez / TrailDiscover

  View on GitHub
  An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and secur…
  ☆174Mar 11, 2026Updated 2 weeks ago
• boostsecurityio / lotp

  View on GitHub
  boostsecurityio/lotp
  ☆147Mar 3, 2026Updated 3 weeks ago
• vectra-ai-research / Halberd

  View on GitHub
  Halberd : Multi-Cloud Agentic Attack Tool
  ☆335Jan 12, 2026Updated 2 months ago
• step-security / harden-runner

  View on GitHub
  Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, an…
  ☆1,021Mar 18, 2026Updated last week
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
• gyrospectre / squyre

  View on GitHub
  Security Alert Decoration
  ☆27Jul 21, 2025Updated 8 months ago
• piraces / kube-score-ga

  View on GitHub
  Github action to execute kube-score with selected manifests (YAML, Helm or Kustomize)
  ☆11May 23, 2024Updated last year
• AdnaneKhan / gato-x

  View on GitHub
  GitHub Attack Toolkit - Extreme Edition - A static analysis and exploit toolkit for GitHub Actions.
  ☆495Mar 6, 2026Updated 2 weeks ago
• SecurityRunners / CloudCommotion

  View on GitHub
  Cloud Commotion intends to cause chaos to simulate security incidents
  ☆146Jun 18, 2024Updated last year
• scribe-public / gitgat

  View on GitHub
  Evaluate source control (GitHub) security posture
  ☆251Mar 8, 2023Updated 3 years ago
• zmallen / cloudtrail2sightings

  View on GitHub
  Convert cloudtrail data to MITRE ATT&CK Sightings
  ☆82Jul 25, 2022Updated 3 years ago
• github-community-projects / cleanowners

  View on GitHub
  A GitHub Action to suggest removal of non-organization members from CODEOWNERS files
  ☆138Mar 19, 2026Updated last week
• wiz-sec-public / namespacehound

  View on GitHub
  NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.
  ☆113Jan 2, 2025Updated last year
• saw-your-packet / CloudShovel

  View on GitHub
  A tool for scanning public or private AMIs for sensitive files and secrets. The tool follows the research made on AWS CloudQuarry where w…
  ☆113Nov 13, 2024Updated last year
• Bare Metal GPUs on DigitalOcean Gradient AI • Ad
  Purpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
• chainguard-dev / ghscan

  View on GitHub
  Scan GitHub Actions Workflow logs for IOCs
  ☆16Mar 16, 2026Updated last week
• ManuelBerrueta / FlowAnalyzer

  View on GitHub
  FlowAnalyzer is a tool to help in testing and analyzing OAuth 2.0 Flows, including OpenID Connect (OIDC).
  ☆181Jul 8, 2024Updated last year
• TupleType / awesome-cicd-attacks

  View on GitHub
  Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.
  ☆578Feb 12, 2026Updated last month
• klarna-incubator / gram

  View on GitHub
  Gram is Klarna's own threat model diagramming tool
  ☆331Updated this week
• DataDog / grimoire

  View on GitHub
  Generate datasets of cloud audit logs for common attacks
  ☆235Mar 17, 2026Updated last week
• noperator / chromedb

  View on GitHub
  Read Chromium data (namely, cookies and local storage) straight from disk, without spinning up the browser.
  ☆137May 7, 2025Updated 10 months ago
• PaloAltoNetworks / pan-mcp-relay

  View on GitHub
  Palo Alto Networks AI Runtime Security Model Context Protocol (MCP) Relay Server
  ☆32Jan 27, 2026Updated 2 months ago