☆423Jan 18, 2023Updated 3 years ago
Alternatives and similar repositories for top-10-cicd-security-risks
Users that are interested in top-10-cicd-security-risks are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A deliberately vulnerable CI/CD environment. Learn CI/CD security through multiple challenges.☆2,213Jul 14, 2024Updated last year
- OWASP Foundation Web Respository☆103Dec 22, 2025Updated 3 months ago
- Threat matrix for CI/CD Pipeline☆759Jul 8, 2024Updated last year
- Automating situational awareness for cloud penetration tests.☆2,320Mar 10, 2026Updated 2 weeks ago
- AWSGoat : A Damn Vulnerable AWS Infrastructure☆1,993May 20, 2025Updated 10 months ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- This is a step-by-step guide to implementing a DevSecOps program for any size organization☆2,038Dec 21, 2024Updated last year
- A PoC to Simulate Ransomware Attack on AWS Environment☆33Oct 14, 2024Updated last year
- Open-Source Unified Vulnerability Management, DevSecOps & ASPM☆4,596Updated this week
- GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment☆497Jun 27, 2025Updated 9 months ago
- Kubernetes Security Checklist and Requirements - All in One (authentication, authorization, logging, secrets, configuration, network, wor…☆486Dec 13, 2021Updated 4 years ago
- Granular, Actionable Adversary Emulation for the Cloud☆2,286Updated this week
- ☆569Updated this week
- The Security Champion Framework provides both a measuring stick and a roadmap generator for Champion Programs.☆110Jan 16, 2024Updated 2 years ago
- AWS SSO serverless phishing API.☆32Jun 30, 2021Updated 4 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Markdown Version of the DHS/CISA Secure Software Development Self Attestation Form.☆22May 4, 2023Updated 2 years ago
- The OWASP DevSecOps Guideline can help us to embedding security as a part of the development pipeline.☆1,042Jan 5, 2026Updated 2 months ago
- OWASP Foundation Web Respository☆603Updated this week
- This repo has been replaced by https://www.cloudvulndb.org☆727Jun 29, 2022Updated 3 years ago
- 🖇️ equivalence table between OWASP ASVS standard and STRIDE threat modeling methodology.☆76Aug 22, 2024Updated last year
- Checklist for container security - devsecops practices☆1,614Sep 15, 2025Updated 6 months ago
- Multi-Cloud Security Auditing Tool☆7,585Sep 23, 2025Updated 6 months ago
- GitGoat is an open source tool that was built to enable DevOps and Engineering teams to design and implement a sustainable misconfigurati…☆173Jan 24, 2025Updated last year
- GitHub Actions Pipeline Enumeration and Attack Tool☆739Updated this week
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by devel…☆722Nov 14, 2025Updated 4 months ago
- StartLeft is an automation tool for generating Threat Models written in the Open Threat Model (OTM) format from a variety of different so…☆54Mar 4, 2026Updated 3 weeks ago
- An encyclopedia for offensive and defensive security knowledge in cloud native technologies.☆2,602Updated this week
- The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.☆5,110Updated this week
- A repository of breaches of AWS customers☆798Mar 11, 2026Updated 2 weeks ago
- Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on p…☆5,458Updated this week
- CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool☆3,524Updated this week
- Ultimate DevSecOps library☆6,655Mar 5, 2026Updated 3 weeks ago
- This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage clou…☆2,808Sep 17, 2024Updated last year
- NordVPN Special Discount Offer • AdSave on top-rated NordVPN 1 or 2-year plans with secure browsing, privacy protection, and support for for all major platforms.
- Vulnerable app with examples showing how to not use secrets☆1,408Updated this week
- ☆229Dec 18, 2025Updated 3 months ago
- boostsecurityio/lotp☆147Mar 3, 2026Updated 3 weeks ago
- Application Security Verification Standard☆3,377Mar 17, 2026Updated last week
- Redis Security Map - Anti-hacking for Redis☆31Mar 11, 2022Updated 4 years ago
- A tool to check the security settings of Github Organizations.☆75Feb 9, 2026Updated last month
- A reading list for software supply-chain security.☆365Nov 21, 2022Updated 3 years ago