bullfrogsec/bullfrog external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

bullfrogsec/bullfrog

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/bullfrogsec/bullfrog)

Close

bullfrogsec / bullfrogView on GitHubMore

• External links
• Readme badge

Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows

☆118Mar 3, 2026Updated this week

Alternatives and similar repositories for bullfrog

Users that are interested in bullfrog are comparing it to the libraries listed below

• kondukto-io / kntrl

  View on GitHub
  kntrl is an eBPF based runtime agent that monitors and prevents anomalous behaviour defined by you on your pipeline. kntrl achieves this …
  ☆125Sep 23, 2025Updated 5 months ago
• offensive-actions / azure-storage-reverse-shell

  View on GitHub
  This GitHub Action sends a reverse shell from a runner via Azure Storage Account blobs
  ☆39Sep 25, 2024Updated last year
• ofirc / k8s-sniff-https

  View on GitHub
  A simple mitmproxy blueprint to intercept HTTPS traffic from app running on Kubernetes
  ☆75Apr 14, 2025Updated 10 months ago
• boostsecurityio / poutine

  View on GitHub
  boostsecurityio/poutine
  ☆373Feb 23, 2026Updated last week
• trufflesecurity / WhoAmISlack

  View on GitHub
  Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.
  ☆41Dec 12, 2023Updated 2 years ago
• semgr8ns / semgr8s

  View on GitHub
  Semgrep-based Policy Controller for Kubernetes
  ☆47Apr 4, 2025Updated 11 months ago
• lirlia / prel

  View on GitHub
  prel(iminary) is an application that temporarily assigns Google Cloud IAM Roles and includes an approval process.
  ☆46Updated this week
• ReversecLabs / cloud-security-vm

  View on GitHub
  Ansible/Vagrant/Packer files to create a virtual machine with the tooling needed to perform cloud security assessments
  ☆142Jan 2, 2025Updated last year
• GoogleCloudPlatform / assured-workloads-terraform

  View on GitHub
  ☆18Jul 30, 2024Updated last year
• chains-project / ghasum

  View on GitHub
  Checksums for GitHub Actions.
  ☆18Feb 27, 2026Updated last week
• ReversecLabs / encap-attack

  View on GitHub
  Sniff and attack networks that use IP-in-IP or VXLAN encapsulation protocols.
  ☆23Aug 30, 2024Updated last year
• tenable / hidden-services-revealer

  View on GitHub
  ☆40Aug 2, 2024Updated last year
• DataDog / undocumented-aws-api-hunter

  View on GitHub
  A tool to uncover undocumented APIs from the AWS Console.
  ☆116Apr 29, 2025Updated 10 months ago
• zmallen / cloudtrail2sightings

  View on GitHub
  Convert cloudtrail data to MITRE ATT&CK Sightings
  ☆82Jul 25, 2022Updated 3 years ago
• singe / tidcli

  View on GitHub
  A simple touchID prompt'er for use in shell scripts.
  ☆99Jun 18, 2024Updated last year
• latiotech / github-actions-log-checker

  View on GitHub
  Used to check Github actions logs for secrets - specifically tj-actions and reviewdog
  ☆22Mar 18, 2025Updated 11 months ago
• nodyhub / zipslipper

  View on GitHub
  Create tar/zip archives that try to exploit zipslip vulnerability.
  ☆48Sep 20, 2024Updated last year
• gyrospectre / squyre

  View on GitHub
  Security Alert Decoration
  ☆27Jul 21, 2025Updated 7 months ago
• Permiso-io-tools / LogLicker

  View on GitHub
  Tool for obfuscating and deobfuscating data.
  ☆76Mar 20, 2024Updated last year
• adanalvarez / TrailDiscover

  View on GitHub
  An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and secur…
  ☆174Feb 22, 2026Updated last week
• StevenSmiley / aws-mine

  View on GitHub
  AWS honey token manager
  ☆89Aug 1, 2024Updated last year
• github / audit-actions-workflow-runs

  View on GitHub
  Audit your GitHub Actions workflow runs to see exactly which Actions were downloaded
  ☆80Feb 23, 2026Updated last week
• primeharbor / sensitive_iam_actions

  View on GitHub
  Crowdsourced list of sensitive IAM Actions
  ☆159Oct 29, 2024Updated last year
• SecurityRunners / CloudCommotion

  View on GitHub
  Cloud Commotion intends to cause chaos to simulate security incidents
  ☆146Jun 18, 2024Updated last year
• boostsecurityio / lotp

  View on GitHub
  boostsecurityio/lotp
  ☆139Updated this week
• noperator / chromedb

  View on GitHub
  Read Chromium data (namely, cookies and local storage) straight from disk, without spinning up the browser.
  ☆137May 7, 2025Updated 9 months ago
• jstawinski / GitHub-Actions-Attack-Diagram

  View on GitHub
  ☆192Apr 16, 2025Updated 10 months ago
• TupleType / awesome-cicd-attacks

  View on GitHub
  Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.
  ☆574Feb 12, 2026Updated 3 weeks ago
• vectra-ai-research / Halberd

  View on GitHub
  Halberd : Multi-Cloud Agentic Attack Tool
  ☆334Jan 12, 2026Updated last month
• piraces / kube-score-ga

  View on GitHub
  Github action to execute kube-score with selected manifests (YAML, Helm or Kustomize)
  ☆11May 23, 2024Updated last year
• scribe-public / gitgat

  View on GitHub
  Evaluate source control (GitHub) security posture
  ☆251Mar 8, 2023Updated 2 years ago
• orcasecurity-research / kte

  View on GitHub
  Test & Compare different Kubernetes security offerings on EKS, GKE and AKS
  ☆40Aug 29, 2024Updated last year
• dorkamotorka / ebpf-github-actions

  View on GitHub
  Demo repository for running eBPF in GitHub Actions
  ☆23Mar 27, 2025Updated 11 months ago
• houey / awesome-service-control-policies

  View on GitHub
  Listing of resources for example AWS Service Control Policies (SCPs)
  ☆17Jan 10, 2024Updated 2 years ago
• saw-your-packet / CloudShovel

  View on GitHub
  A tool for scanning public or private AMIs for sensitive files and secrets. The tool follows the research made on AWS CloudQuarry where w…
  ☆113Nov 13, 2024Updated last year
• DataDog / grimoire

  View on GitHub
  Generate datasets of cloud audit logs for common attacks
  ☆234Feb 13, 2026Updated 3 weeks ago
• google / ctrdac

  View on GitHub
  ☆13Jan 30, 2025Updated last year
• KatTraxler / gcpdocs

  View on GitHub
  Repository to archive GCP Documentation for local use
  ☆16Feb 11, 2025Updated last year
• ManuelBerrueta / FlowAnalyzer

  View on GitHub
  FlowAnalyzer is a tool to help in testing and analyzing OAuth 2.0 Flows, including OpenID Connect (OIDC).
  ☆181Jul 8, 2024Updated last year