chainguard-dev / malcontentLinks
#supply #chain #attack #detection
☆519Updated this week
Alternatives and similar repositories for malcontent
Users that are interested in malcontent are comparing it to the libraries listed below
Sorting:
- Validate the isolation posture of your container environment.☆279Updated 2 weeks ago
- boostsecurityio/poutine☆279Updated this week
- Documenting your Threat Models with HCL☆430Updated this week
- A tool for preventing the installation of malicious PyPI and npm packages☆145Updated this week
- A security layer for Git repositories☆525Updated this week
- BLint is a Binary Linter to check the security properties, and capabilities in your executables. Since v2, blint is also an SBOM generato…☆370Updated last month
- A curated list of resources about detecting threats and defending Kubernetes systems.☆383Updated last year
- Production-ready detection & response queries for osquery☆573Updated this week
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆310Updated this week
- Gram is Klarna's own threat model diagramming tool☆319Updated 2 weeks ago
- Nord Stream is a tool that allows you to extract secrets stored inside CI/CD environments by deploying malicious pipelines. It currently …☆280Updated 3 months ago
- Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…☆482Updated this week
- Deep Linux runtime visibility meets Wireshark☆291Updated 3 weeks ago
- Generate datasets of cloud audit logs for common attacks☆215Updated 9 months ago
- GitHub Actions Pipeline Enumeration and Attack Tool☆647Updated last month
- App that simplifies building decision trees to model adverse scenarios☆212Updated 10 months ago
- Awesome secure by default libraries to help you eliminate bug classes!☆691Updated last month
- GuardDog is a CLI tool to Identify malicious PyPI and npm packages☆742Updated last week
- RedFlag uses AI to identify high-risk code changes. Run it in batch mode for release candidate testing or in CI pipelines to flag PRs and…☆149Updated 6 months ago
- GitHub Attack Toolkit - Extreme Edition - A static analysis and exploit toolkit for GitHub Actions.☆358Updated last week
- A universal SBOM representation in protocol buffers☆288Updated this week
- Tool for building Kubernetes attack paths☆873Updated 2 weeks ago
- cloudgrep is grep for cloud storage☆325Updated 3 months ago
- Linux Process Discovery. C Library, Go bindings, Runtime.☆221Updated 2 years ago
- A reading list for software supply-chain security.☆364Updated 2 years ago
- Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows☆110Updated 2 weeks ago
- ☆178Updated last month
- Tool for collecting vulnerability data from various sources (used to build the grype database)☆96Updated last week
- A rewrite of YARA in Rust.☆769Updated this week
- A tool to create, transform and attest VEX metadata☆138Updated last week