#supply #chain #attack #detection
☆646Mar 19, 2026Updated this week
Alternatives and similar repositories for malcontent
Users that are interested in malcontent are comparing it to the libraries listed below
Sorting:
- A CLI used to work with the Wolfi OSS project☆71Updated this week
- Scan GitHub Actions Workflow logs for IOCs☆16Updated this week
- Data about all known supply-chain attacks through history☆64May 28, 2025Updated 9 months ago
- build APKs from source code☆579Updated this week
- Build OCI images from APK packages directly without Dockerfile☆1,570Updated this week
- Template Go app repo with local test/lint/build/vulnerability check workflow, and on tag image test/build/release pipelines, with ko gene…☆103Apr 23, 2024Updated last year
- ☆86Feb 4, 2026Updated last month
- (D)ocker(F)ile (C)onverter: CLI to convert Dockerfiles to use Chainguard Images and APKs in FROM and RUN lines etc.☆99Feb 11, 2026Updated last month
- Validate the isolation posture of your container environment.☆314Feb 11, 2026Updated last month
- A collection of reusable Github Actions workflows.☆159Updated this week
- Menubar for smart GitHub pull request tracking & notifications☆33Mar 2, 2026Updated 2 weeks ago
- A sweet little formatter for YAML☆34Updated this week
- Production-ready detection & response queries for osquery☆601Aug 13, 2025Updated 7 months ago
- Software Supply Chain Transparency Log☆1,100Updated this week
- Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…☆519Updated this week
- sigstore installation walkthrough, local☆62Dec 8, 2025Updated 3 months ago
- ☆20Feb 5, 2026Updated last month
- Generate a score for your sbom to understand if it will actually be useful.☆239Aug 13, 2024Updated last year
- A GitHub App that acts like a Security Token Service (STS) for the Github API☆318Updated this week
- Supply-Chain Firewall (SCFW) is a tool for preventing the installation of malicious npm and PyPI packages☆218Mar 13, 2026Updated last week
- Throw a tag at it and it comes back with a checksum.☆159Mar 13, 2026Updated last week
- ☆22Mar 5, 2026Updated 2 weeks ago
- ## Auto-archived due to inactivity. ## Tooling to simulate runtime attacks and test default runtime detections from Datadog Cloud Securit…☆37Oct 17, 2024Updated last year
- An SBOM query language and associated utilities☆55Jan 22, 2024Updated 2 years ago
- Proof-of-concept code for research into GitHub Actions Cache poisoning.☆21Mar 9, 2025Updated last year
- OSV-SCALIBR: A library for Software Composition Analysis☆578Updated this week
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.☆113Jan 2, 2025Updated last year
- Awesome secure by default libraries to help you eliminate bug classes!☆701Dec 6, 2025Updated 3 months ago
- Keyless Git signing with cosign!☆11May 12, 2022Updated 3 years ago
- Various tools, images, etc. to support the Wolfi OSS project☆27Updated this week
- Research on various techniques to bypass default falco ruleset (based on falco v0.28.1).☆89Jan 28, 2024Updated 2 years ago
- Tool for building Kubernetes attack paths☆950Mar 9, 2026Updated last week
- Resources to help vulnerability scanners☆11Updated this week
- Main package repository for production Wolfi images☆1,178Mar 3, 2026Updated 2 weeks ago
- A place to systematically store software bill of materials (SBOM) documents.☆50Jun 1, 2023Updated 2 years ago
- GUAC aggregates software security metadata into a high fidelity graph database.☆1,454Updated this week
- Code signing and transparency for containers and binaries☆5,734Updated this week
- Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows☆119Updated this week
- Examine Chrome extensions for security issues☆96Nov 16, 2025Updated 4 months ago