Scan GitHub Actions Workflow logs for IOCs
☆16Mar 16, 2026Updated this week
Alternatives and similar repositories for ghscan
Users that are interested in ghscan are comparing it to the libraries listed below
Sorting:
- Undocumented Change Detector #supplychain #security☆18Jan 5, 2026Updated 2 months ago
- ☆22Mar 5, 2026Updated 2 weeks ago
- A GitHub App that acts like a Security Token Service (STS) for the Github API☆318Updated this week
- Helm Chart for deploying GUAC☆18Mar 9, 2026Updated last week
- A python script to create a fake GitHub runner and hijack pipeline jobs to leak CI/CD secrets.☆28Oct 13, 2024Updated last year
- Focused malicious code detection ruleset, with a high protection-to-noise ratio☆143Feb 24, 2025Updated last year
- #supply #chain #attack #detection☆646Updated this week
- A CLI used to work with the Wolfi OSS project☆71Updated this week
- Manage a uniform team of security managers for every organization in your enterprise☆24Feb 9, 2026Updated last month
- Security advisory data for Wolfi☆19Jan 7, 2026Updated 2 months ago
- Demos and resources of the Istio + Gatekeeper talks at IstioCon 2022 and GitOpsCon 2022☆14Sep 4, 2023Updated 2 years ago
- A repository containing example Minder rules and profiles☆24Updated this week
- CLI tool to validate CVE v5 JSON records.☆13May 14, 2025Updated 10 months ago
- ☆13Jul 1, 2025Updated 8 months ago
- ☆16Jul 14, 2023Updated 2 years ago
- ☆36Apr 29, 2025Updated 10 months ago
- ☆20Apr 10, 2025Updated 11 months ago
- ☆18Sep 10, 2025Updated 6 months ago
- boostsecurityio/bagel☆95Updated this week
- Throw a tag at it and it comes back with a checksum.☆159Mar 13, 2026Updated last week
- A tool for reading the SECURITY_CONTACTS file in a kubernetes repository.☆11Dec 5, 2025Updated 3 months ago
- A set of utilities and classes for working with Open Policy Agent based tools, including Gatekeeper and Conftest☆39Oct 31, 2024Updated last year
- PORTGPT: Towards Automated Backporting Using Large Language Models(IEEE S&P2026)☆34Feb 27, 2026Updated 3 weeks ago
- Kubernetes: OIDC Authn + Azure AD + RBAC Authz = <3☆11Mar 6, 2018Updated 8 years ago
- AI Bill of Materials through source code scanning☆36Mar 13, 2026Updated last week
- A menagerie of insecure and exploitable GitHub Actions workflows and action definitions☆19Oct 16, 2025Updated 5 months ago
- Run zizmor from GitHub Actions!☆51Updated this week
- AWS audits, without screenshots☆29Updated this week
- Simplify OpenSSF Scorecard tracking in your organization with automated markdown and JSON reports, plus optional GitHub issue alerts☆44Feb 28, 2026Updated 3 weeks ago
- Lightweight structured logging for Google Cloud using `slog`☆12Feb 9, 2024Updated 2 years ago
- Mattermost builder☆11Jan 1, 2022Updated 4 years ago
- PoC shadow SaaS and insecure credential detection system using a browser extension.☆42Feb 8, 2026Updated last month
- Centralized Reusable GitHub Actions☆19Mar 14, 2026Updated last week
- Proof-of-concept code for research into GitHub Actions Cache poisoning.☆21Mar 9, 2025Updated last year
- Supply-Chain Firewall (SCFW) is a tool for preventing the installation of malicious npm and PyPI packages☆218Mar 13, 2026Updated last week
- ☆20Updated this week
- OpenID Shared Signals and Events (SSE) / Continuous Access Evaluation Protocol (CAEP) / Risk Incident Sharing and Coordination (RISC) JSO…☆15Jun 7, 2024Updated last year
- Documentation site for GC Cloud One: Aurora☆14Updated this week
- Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows☆119Mar 15, 2026Updated last week