chen-keinan / kube-knarkLinks
Open Source runtime tool which help to detect malware code execution and run time mis-configuration change on a kubernetes cluster
☆36Updated 3 years ago
Alternatives and similar repositories for kube-knark
Users that are interested in kube-knark are comparing it to the libraries listed below
Sorting:
- Protect your Cloud Native Applications running on Kubernetes from malicious attacks with pre-registered source code, pre-registered runti…☆56Updated 6 months ago
- ☆41Updated last month
- Kubernetes offensive framework built in eBPF☆37Updated 2 years ago
- Red team tool that emulates the SolarWinds CI compromise attack vector.☆24Updated last year
- Aqua Enterprise scanner as a plug-in vulnerability scanner in the Harbor registry☆37Updated 8 months ago
- A replacement for "kubectl exec" that works over WebSocket connections.☆40Updated last year
- A repository to store Rad Fingerprinting data.☆24Updated 10 months ago
- ☆29Updated 4 months ago
- a tool to audit the istio service mesh☆173Updated 3 years ago
- An query language and interactive tooling to work with SBOM data.☆14Updated 8 months ago
- ☆20Updated last month
- Kit for building Falco drivers: kernel modules or eBPF probes☆65Updated this week
- Open Source runtime scanner for k8s cluster and perform security audit checks based on CIS Kubernetes Benchmark specification☆67Updated 6 months ago
- Use eBPF to inject chaos into local processes☆64Updated 9 months ago
- ☆11Updated 4 months ago
- Dynamic Outbound Firewall Authorizer☆22Updated 3 years ago
- Kubernetes admission webhook that uses cosign verify to check the subject and issuer of the image matches what you expect☆23Updated 3 weeks ago
- Inspect SSL/TLS traffic using eBPF☆19Updated 8 months ago
- A Golang library for interacting with the EPSS (Exploit Prediction Scoring System).☆28Updated 4 months ago
- insject is a tool for poking at containers. It enables you to run an arbitrary command in a container or any mix of Linux namespaces.☆50Updated 3 years ago
- egrets monitors egress☆46Updated 5 years ago
- Generate a variety of suspect actions that are detected by Falco rulesets☆105Updated last month
- Integrates Spiffe and Vault to have secretless authentication☆89Updated this week
- Publications from the eBPF foundation☆23Updated 7 months ago
- TACOS framework structural details☆20Updated last month
- INTERCEPT / Policy as Code Auditing & Compliance☆84Updated last month
- A lightweight CLI tool that finds system calls being called inside golang applications.☆31Updated 3 years ago
- agent for handling seccomp descriptors for container runtimes☆46Updated last year
- Clean up unused AWS resources☆13Updated 3 years ago
- Detect compiler names and versions from ELF files☆27Updated last month