Alternatives and similar repositories for malcontent

Users that are interested in malcontent are comparing it to the libraries listed below

• edera-dev / am-i-isolated
  Validate the isolation posture of your container environment.
  ☆287Updated this week
• in-toto / witness
  Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…
  ☆486Updated last week
• boostsecurityio / poutine
  boostsecurityio/poutine
  ☆301Updated 2 weeks ago
• klarna-incubator / gram
  Gram is Klarna's own threat model diagramming tool
  ☆320Updated last month
• praetorian-inc / gato
  GitHub Actions Pipeline Enumeration and Attack Tool
  ☆668Updated last week
• DataDog / supply-chain-firewall
  A tool for preventing the installation of malicious PyPI and npm packages
  ☆148Updated this week
• gittuf / gittuf
  A security layer for Git repositories
  ☆534Updated last week
• ossf / malicious-packages
  A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…
  ☆314Updated this week
• threatcl / threatcl
  Documenting your Threat Models with HCL
  ☆431Updated 3 weeks ago
• chainguard-dev / ssc-reading-list
  A reading list for software supply-chain security.
  ☆363Updated 2 years ago
• jatrost / awesome-kubernetes-threat-detection
  A curated list of resources about detecting threats and defending Kubernetes systems.
  ☆383Updated last year
• chainguard-dev / osquery-defense-kit
  Production-ready detection & response queries for osquery
  ☆574Updated this week
• DataDog / KubeHound
  Tool for building Kubernetes attack paths
  ☆884Updated last month
• buildsec / frsca
  ☆237Updated last week
• openvex / spec
  OpenVEX Specification
  ☆151Updated 3 weeks ago
• TupleType / awesome-cicd-attacks
  Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.
  ☆522Updated 4 months ago
• quarkslab / kdigger
  Kubernetes focused container assessment and context discovery tool for penetration testing
  ☆461Updated last year
• kondukto-io / kntrl
  kntrl is an eBPF based runtime agent that monitors and prevents anomalous behaviour defined by you on your pipeline. kntrl achieves this …
  ☆116Updated last month
• owasp-dep-scan / blint
  BLint is a Binary Linter to check the security properties, and capabilities in your executables. Since v2, blint is also an SBOM generato…
  ☆380Updated last week
• tenable / cnappgoat
  CNAPPgoat is an open source project designed to modularly provision vulnerable-by-design components in cloud environments.
  ☆285Updated 9 months ago
• aquasecurity / traceeshark
  Deep Linux runtime visibility meets Wireshark
  ☆291Updated last week
• facebookincubator / TTPForge
  The TTPForge is a Cybersecurity Framework for developing, automating, and executing attacker Tactics, Techniques, and Procedures (TTPs).
  ☆382Updated 2 weeks ago
• nianticlabs / venator
  A flexible threat detection platform that simplifies rule management and deployment using K8s CronJob and Helm, but can also run standalo…
  ☆378Updated 8 months ago
• Addepar / RedFlag
  RedFlag uses AI to identify high-risk code changes. Run it in batch mode for release candidate testing or in CI pipelines to flag PRs and…
  ☆149Updated 7 months ago
• CycodeLabs / raven
  CI/CD Security Analyzer
  ☆659Updated 4 months ago
• krisnova / xpid
  Linux Process Discovery. C Library, Go bindings, Runtime.
  ☆222Updated 2 years ago
• DataDog / threatest
  Threatest is a CLI and Go framework for end-to-end testing threat detection rules.
  ☆330Updated last month
• ReversecLabs / IceKube
  ☆179Updated 2 months ago
• blackberry / Falco-bypasses
  Research on various techniques to bypass default falco ruleset (based on falco v0.28.1).
  ☆81Updated last year
• DataDog / grimoire
  Generate datasets of cloud audit logs for common attacks
  ☆216Updated 10 months ago