bullfrogsec / bullfrog
Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows
☆82Updated this week
Alternatives and similar repositories for bullfrog:
Users that are interested in bullfrog are comparing it to the libraries listed below
- Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts☆60Updated last year
- A tool for preventing the installation of malicious PyPI and npm packages☆127Updated this week
- AWS honey token manager☆87Updated 7 months ago
- Compares and analyzes GCP IAM roles.☆77Updated this week
- HashiCorp-relevant rules for the Semgrep code analysis tool☆39Updated last year
- Semgrep-based Policy Controller for Kubernetes☆47Updated this week
- ☆47Updated 4 months ago
- ☆163Updated 6 months ago
- Tooling to simulate runtime attacks and test default runtime detections from Datadog Cloud Security Management.☆30Updated 4 months ago
- This terraform provider can be used to get remote code execution by injecting a dummy resource in a writeable state file.☆52Updated last month
- Nextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrix☆58Updated last year
- Test & Compare different Kubernetes security offerings on EKS, GKE and AKS☆38Updated 6 months ago
- Convert cloudtrail data to MITRE ATT&CK Sightings☆79Updated 2 years ago
- ☆67Updated last month
- Ansible/Vagrant/Packer files to create a virtual machine with the tooling needed to perform cloud security assessments☆138Updated 2 months ago
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.☆80Updated 2 months ago
- Protect against subdomain takeover☆93Updated 9 months ago
- ☆111Updated 2 months ago
- A tool to uncover undocumented APIs from the AWS Console.☆98Updated 3 months ago
- ☆53Updated 2 weeks ago
- Cloud Commotion intends to cause chaos to simulate security incidents☆145Updated 8 months ago
- An SBOM query language and associated utilities☆54Updated last year
- Audit log wall of shame.☆41Updated 4 months ago
- An IAM Simulator that outputs detailed explains of how a request was evaluated.☆71Updated last week
- boostsecurityio/lotp☆112Updated this week
- ☆28Updated 4 months ago
- Security tool against dependency typosquatting attacks☆39Updated this week
- A full insecure kubernetes application for testing security tools☆68Updated last week