dynatrace-oss / invadium
Invadium runs exploit playbooks against vulnerable target applications in an intuitive, reproducible, and well-defined manner.
☆11Updated last year
Alternatives and similar repositories for invadium:
Users that are interested in invadium are comparing it to the libraries listed below
- Unguard is an insecure cloud-native microservices demo application.☆49Updated this week
- Cumulus. Threat modeling the Clouds.☆38Updated 7 months ago
- ☆21Updated 4 months ago
- Enriching the NVD CVSS scores to include Temporal & Threat Metrics☆191Updated this week
- A Risk-Based Prioritization Taxonomy for prioritizing CVEs (Common Vulnerabilities and Exposures).☆73Updated 11 months ago
- Takes a software bill of materials and outputs provenance, and activity data from trustypkg.dev☆11Updated 6 months ago
- A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,…☆132Updated last year
- A reading list for software supply-chain security.☆362Updated 2 years ago
- Cloud Commotion intends to cause chaos to simulate security incidents☆145Updated 9 months ago
- A full insecure kubernetes application for testing security tools☆70Updated last week
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…☆91Updated last year
- Evaluate the RBAC permissions of Kubernetes identities through policies written in Rego☆343Updated 2 weeks ago
- ☆234Updated this week
- #supply #chain #attack #detection☆511Updated this week
- Macaron is an extensible supply-chain security analysis framework from Oracle Labs that supports a wide range of build systems and CI/CD …☆149Updated this week
- ☆60Updated 2 months ago
- A deliberately vulnerable Kubernetes cluster☆124Updated last year
- Test & Compare different Kubernetes security offerings on EKS, GKE and AKS☆39Updated 7 months ago
- CNAPPgoat is an open source project designed to modularly provision vulnerable-by-design components in cloud environments.☆274Updated 7 months ago
- Adaptive AWS Zero Trust Policy made easy: Auto-generate least-privilege policies based on user activity in real time! Accelerate the adop…☆77Updated 11 months ago
- Threat-informed defense for cloudnative: Reference Implementation of a so-called Honeycluster - for kind (and GKE, RKE2, AKS)☆36Updated 2 weeks ago
- ☆116Updated 3 weeks ago
- Koney is a Kubernetes operator that enables you to define so-called deception policies for your cluster. Koney automates the setup, rotat…☆18Updated this week
- Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.☆884Updated this week
- An online multiplayer version of the threat modeling card games: Elevation of Privilege (EoP), OWASP Cornucopia, OWASP Cumulus, and Eleva…☆69Updated this week
- The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.☆171Updated 4 months ago
- ☆16Updated 10 months ago
- An extensive list of resources related to threat modelling. Gotta catch ’em all!☆33Updated last month
- SysFlow edge processing pipeline☆16Updated 2 months ago
- Discover vulnerabilities and container image misconfiguration in production environments.☆55Updated last month