#supply #chain #attack #detection
☆646Updated this week
Alternatives and similar repositories for malcontent
Users that are interested in malcontent are comparing it to the libraries listed below
Sorting:
- Data about all known supply-chain attacks through history☆63May 28, 2025Updated 9 months ago
- Template Go app repo with local test/lint/build/vulnerability check workflow, and on tag image test/build/release pipelines, with ko gene…☆103Apr 23, 2024Updated last year
- Scan GitHub Actions Workflow logs for IOCs☆16Updated this week
- ☆86Feb 4, 2026Updated 3 weeks ago
- A CLI used to work with the Wolfi OSS project☆70Updated this week
- Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…☆517Updated this week
- build APKs from source code☆568Updated this week
- Throw a tag at it and it comes back with a checksum.☆155Feb 21, 2026Updated last week
- ## Auto-archived due to inactivity. ## Tooling to simulate runtime attacks and test default runtime detections from Datadog Cloud Securit…☆37Oct 17, 2024Updated last year
- Validate the isolation posture of your container environment.☆312Feb 11, 2026Updated 2 weeks ago
- Build OCI images from APK packages directly without Dockerfile☆1,555Updated this week
- A collection of reusable Github Actions workflows.☆159Updated this week
- (D)ocker(F)ile (C)onverter: CLI to convert Dockerfiles to use Chainguard Images and APKs in FROM and RUN lines etc.☆99Feb 11, 2026Updated 2 weeks ago
- Production-ready detection & response queries for osquery☆600Aug 13, 2025Updated 6 months ago
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.☆112Jan 2, 2025Updated last year
- Generate a score for your sbom to understand if it will actually be useful.☆238Aug 13, 2024Updated last year
- Supply-Chain Firewall (SCFW) is a tool for preventing the installation of malicious npm and PyPI packages☆215Updated this week
- Software Supply Chain Transparency Log☆1,088Updated this week
- OSV-SCALIBR: A library for Software Composition Analysis☆575Updated this week
- Awesome secure by default libraries to help you eliminate bug classes!☆700Dec 6, 2025Updated 2 months ago
- An SBOM query language and associated utilities☆55Jan 22, 2024Updated 2 years ago
- ☆27May 6, 2024Updated last year
- A GitHub App that acts like a Security Token Service (STS) for the Github API☆312Updated this week
- A sweet little formatter for YAML☆34Updated this week
- Tool for building Kubernetes attack paths☆942Feb 13, 2026Updated 2 weeks ago
- sigstore installation walkthrough, local☆62Dec 8, 2025Updated 2 months ago
- Proof-of-concept code for research into GitHub Actions Cache poisoning.☆21Mar 9, 2025Updated 11 months ago
- ☆22Dec 17, 2025Updated 2 months ago
- boostsecurityio/poutine☆367Updated this week
- ☆52Dec 13, 2025Updated 2 months ago
- OpenHashAPI provides a secure method of communicating hashes and enables lightweight workflows for security practitioners and enthusiasts…☆13Oct 27, 2024Updated last year
- GUAC aggregates software security metadata into a high fidelity graph database.☆1,450Updated this week
- A sandbox environment designed for loading, running and profiling a wide range of files, including machine learning models, ELFs, Pickle,…☆349Updated this week
- Menubar for smart GitHub pull request tracking & notifications☆31Feb 16, 2026Updated last week
- A tool to create, transform and attest VEX metadata☆176Updated this week
- A simple mitmproxy blueprint to intercept HTTPS traffic from app running on Kubernetes☆75Apr 14, 2025Updated 10 months ago
- Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows☆117Updated this week
- Examine Chrome extensions for security issues☆95Nov 16, 2025Updated 3 months ago
- Research on various techniques to bypass default falco ruleset (based on falco v0.28.1).☆88Jan 28, 2024Updated 2 years ago