Alternatives and similar repositories for malcontent:

Users that are interested in malcontent are comparing it to the libraries listed below

• edera-dev / am-i-isolated
  Validate the isolation posture of your container environment.
  ☆245Updated this week
• gittuf / gittuf
  A security layer for Git repositories
  ☆493Updated this week
• openvex / spec
  OpenVEX Specification
  ☆141Updated 7 months ago
• boostsecurityio / poutine
  boostsecurityio/poutine
  ☆254Updated last week
• in-toto / witness
  Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…
  ☆424Updated this week
• ossf / malicious-packages
  A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…
  ☆290Updated this week
• bomctl / bomctl
  Format agnostic SBOM tooling
  ☆100Updated this week
• cisagov / vulnrichment
  A repo to conduct vulnerability enrichment.
  ☆570Updated this week
• synacktiv / nord-stream
  Nord Stream is a tool that allows you to extract secrets stored inside CI/CD environments by deploying malicious pipelines. It currently …
  ☆270Updated 2 weeks ago
• jatrost / awesome-kubernetes-threat-detection
  A curated list of resources about detecting threats and defending Kubernetes systems.
  ☆373Updated last year
• DataDog / supply-chain-firewall
  A tool for preventing the installation of malicious PyPI and npm packages
  ☆124Updated last week
• owasp-dep-scan / blint
  BLint is a Binary Linter to check the security properties, and capabilities in your executables. Since v2, blint is also an SBOM generato…
  ☆356Updated this week
• krisnova / xpid
  Linux Process Discovery. C Library, Go bindings, Runtime.
  ☆219Updated 2 years ago
• trufflesecurity / how-to-rotate
  An open-source collection of API key rotation tutorials.
  ☆63Updated 2 months ago
• chainguard-dev / osquery-defense-kit
  Production-ready detection & response queries for osquery
  ☆543Updated this week
• quarkslab / kdigger
  Kubernetes focused container assessment and context discovery tool for penetration testing
  ☆448Updated 8 months ago
• praetorian-inc / gato
  GitHub Actions Pipeline Enumeration and Attack Tool
  ☆584Updated this week
• DataDog / KubeHound
  Tool for building Kubernetes attack paths
  ☆818Updated last week
• threatcl / threatcl
  Documenting your Threat Models with HCL
  ☆421Updated 5 months ago
• r0binak / MTKPI
  🧰 Multi Tool Kubernetes Pentest Image
  ☆223Updated 5 months ago
• snyk / parlay
  Enrich SBOMs with data from third party services
  ☆158Updated last week
• blackberry / Falco-bypasses
  Research on various techniques to bypass default falco ruleset (based on falco v0.28.1).
  ☆80Updated last year
• klarna-incubator / gram
  Gram is Klarna's own threat model diagramming tool
  ☆319Updated this week
• sigstore / fulcio
  Sigstore OIDC PKI
  ☆680Updated this week
• openvex / vexctl
  A tool to create, transform and attest VEX metadata
  ☆129Updated this week
• buildsec / frsca
  ☆232Updated this week
• tenable / cnappgoat
  CNAPPgoat is an open source project designed to modularly provision vulnerable-by-design components in cloud environments.
  ☆273Updated 5 months ago
• WithSecureLabs / IceKube
  ☆175Updated 3 months ago
• chainguard-dev / ssc-reading-list
  A reading list for software supply-chain security.
  ☆361Updated 2 years ago
• slsa-framework / slsa-verifier
  Verify provenance from SLSA compliant builders
  ☆245Updated last week