chainguard-dev / bincapz
detect malicious program behaviors
☆404Updated this week
Related projects: ⓘ
- boostsecurityio/poutine☆202Updated this week
- A security layer for Git repositories☆447Updated this week
- A reading list for software supply-chain security.☆359Updated last year
- Documenting your Threat Models with HCL☆397Updated 2 weeks ago
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆229Updated this week
- Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…☆403Updated this week
- OpenVEX Specification☆125Updated 2 months ago
- Kubernetes focused container assessment and context discovery tool for penetration testing☆428Updated 3 months ago
- Gram is Klarna's own threat model diagramming tool☆267Updated last week
- ☆225Updated this week
- ☆163Updated 3 months ago
- A curated list of resources about detecting threats and defending Kubernetes systems.☆355Updated last year
- Nord Stream is a tool that allows you to extract secrets stored inside CI/CD environments by deploying malicious pipelines. It currently …☆242Updated last month
- Tool for building Kubernetes attack paths☆747Updated this week
- Supporting code and demos for KubeCon EU 2023 talk "Malicious Compliance: Reflections on Trusting Container Image Scanners"☆64Updated 9 months ago
- A universal SBOM representation in protocol buffers☆247Updated this week
- 🧰 Multi Tool Kubernetes Pentest Image☆207Updated 3 weeks ago
- A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,…☆123Updated 7 months ago
- Threat-hunting tool for Linux☆356Updated this week
- BLint is a Binary Linter to check the security properties, and capabilities in your executables. Since v2, blint is also an SBOM generato…☆337Updated last month
- FlowAnalyzer is a tool to help in testing and analyzing OAuth 2.0 Flows, including OpenID Connect (OIDC).☆168Updated 2 months ago
- Generate a score for your sbom to understand if it will actually be useful.☆219Updated last month
- Format agnostic SBOM tooling☆63Updated this week
- Research on various techniques to bypass default falco ruleset (based on falco v0.28.1).☆78Updated 7 months ago
- A compilation of resources in the software supply chain security domain, with emphasis on open source☆277Updated last year
- CNAPPgoat is an open source project designed to modularly provision vulnerable-by-design components in cloud environments.☆264Updated 2 weeks ago
- Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.☆473Updated 3 weeks ago
- GitHub Actions Pipeline Enumeration and Attack Tool☆535Updated last month
- Generative and mutative fuzzer for Kubernetes admission controller chains by automatically parsing the cluster api specification.☆71Updated last year
- Scans Software Bill of Materials (SBOMs) for security vulnerabilities☆494Updated this week