dynatrace-oss / invadium
Invadium runs exploit playbooks against vulnerable target applications in an intuitive, reproducible, and well-defined manner.
☆11Updated last year
Related projects ⓘ
Alternatives and complementary repositories for invadium
- A curated list of resources about detecting threats and defending Kubernetes systems.☆364Updated last year
- Unguard is an insecure cloud-native microservices demo application.☆46Updated last week
- A compilation of resources in the software supply chain security domain, with emphasis on open source☆291Updated last year
- CNAPPgoat is an open source project designed to modularly provision vulnerable-by-design components in cloud environments.☆267Updated 2 months ago
- ☆228Updated this week
- Macaron is an extensible supply-chain security analysis framework from Oracle Labs that supports a wide range of build systems and CI/CD …☆138Updated this week
- Scans Software Bill of Materials (SBOMs) for security vulnerabilities☆516Updated this week
- App that simplifies building decision trees to model adverse scenarios☆181Updated 4 months ago
- Collection of tools for analyzing open source packages.☆317Updated this week
- A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,…☆126Updated 9 months ago
- A reading list for software supply-chain security.☆361Updated 2 years ago
- The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.☆169Updated this week
- A curated list of Awesome Security Challenges.☆175Updated 2 weeks ago
- Agile Threat Modeling Toolkit☆621Updated this week
- Supporting code and demos for KubeCon EU 2023 talk "Malicious Compliance: Reflections on Trusting Container Image Scanners"☆66Updated 11 months ago
- An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchm…☆729Updated 4 months ago
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆255Updated this week
- Gram is Klarna's own threat model diagramming tool☆282Updated this week
- A Risk-Based Prioritization Taxonomy for prioritizing CVEs (Common Vulnerabilities and Exposures).☆68Updated 6 months ago
- Threatest is a CLI and Go framework for end-to-end testing threat detection rules.☆319Updated 11 months ago
- Generative and mutative fuzzer for Kubernetes admission controller chains by automatically parsing the cluster api specification.☆70Updated last year
- A tool to automatically build a dependency graph and Software Bill of Materials (SBOM) for packages and arbitrary source code repositorie…☆331Updated 8 months ago
- Evaluate the RBAC permissions of Kubernetes identities through policies written in Rego☆338Updated 11 months ago
- Kubernetes focused container assessment and context discovery tool for penetration testing☆439Updated 5 months ago
- This repository contains a list of papers about software supply chain☆25Updated 6 months ago
- Solutions for the AoC 2020, written in 25 different programming languages☆12Updated 3 years ago
- KaiMonkey provides vulnerable infrastructure as code (IaC) to help explore and understand common cloud security threats exposed via IaC.☆96Updated 11 months ago
- Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.☆491Updated 3 weeks ago
- ☆16Updated last year