cr0hn / dockerfile-security
Static security checker for Dockerfiles
☆92Updated 8 months ago
Related projects ⓘ
Alternatives and complementary repositories for dockerfile-security
- Bento Toolkit is a minimal fedora-based container for penetration tests and CTF with the sweet addition of GUI applications.☆76Updated 3 years ago
- Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.☆74Updated 2 years ago
- Monitoring GitHub for sensitive data shared publicly☆66Updated 2 years ago
- 🖇️ STRIDE vs. ASVS equivalence table☆75Updated 2 months ago
- A step-by-step walkthrough of CloudGoat 2.0 scenarios.☆133Updated 4 years ago
- Kubernetes Pwnage for all☆54Updated 4 years ago
- Corsair_scan is a security tool to test Cross-Origin Resource Sharing (CORS).☆122Updated last year
- IAMFinder enumerates and finds users and IAM roles in a target AWS account.☆109Updated 4 years ago
- Hayat is a script for report and analyze Google Cloud Platform resources.☆79Updated 4 years ago
- All-in-one tool for managing vulnerability reports from AppSec pipelines☆105Updated last year
- Discover vulnerabilities and container image misconfiguration in production environments.☆53Updated 2 months ago
- Burp with Friends☆99Updated last year
- DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raider☆138Updated 3 years ago
- Docs: Vulnerability management aggregation of AppSec & OpSec (Tools Listing)☆30Updated last year
- Orchestron is an Application Vulnerability Management and Correlation Tool.Orchestron helps you solve one key problem "Find and fix vulne…☆31Updated last year
- drHEADer helps with the audit of security headers received in response to a single request or a list of requests.☆105Updated 3 weeks ago
- Container Blackbox Security Auditing Tool: enumerates security configuration from within the target container☆102Updated 5 years ago
- Python API library for DefectDojo☆40Updated last year
- A Docker container for remote penetration testing.☆133Updated 3 years ago
- A small tool to help developers understand a huge set of security requirements from appsec teams☆45Updated 2 years ago
- Leverage the ability of Terraform and AWS or GCP to distribute large security scans across numerous cloud instances.☆91Updated last year
- Scans Slack for API tokens, credentials, passwords, and more using YARA rules☆38Updated 3 years ago
- Scan your EC2 instance to find its vulnerabilities using Vuls (https://vuls.io/en/)☆87Updated 2 years ago
- ☆61Updated last year
- truffleproc — hunt secrets in process memory (TruffleHog & gdb mashup)☆110Updated last year
- Route53/CloudFront Vulnerability Assessment Utility☆84Updated last year
- ☆110Updated last year
- Scan DockerHub images that match a keyword to find secrets.☆54Updated 3 years ago
- ☆36Updated 3 years ago
- ☆125Updated 4 months ago