gchq / nix-bootstrap

Related projects ⓘ

Alternatives and complementary repositories for nix-bootstrap

• mchmarny / vimp
  Compare data from multiple vulnerability scanners to get a more complete picture of potential exposures.
  ☆59Updated last year
• avolens / kubefuzz
  Generative and mutative fuzzer for Kubernetes admission controller chains by automatically parsing the cluster api specification.
  ☆70Updated last year
• WithSecureLabs / encap-attack
  Sniff and attack networks that use IP-in-IP or VXLAN encapsulation protocols.
  ☆21Updated 2 months ago
• chainguard-dev / github-audit-alerter
  Slack alert bot for matching Github Audit Events
  ☆10Updated last week
• kube-tarian / tarian
  Protect your Cloud Native Applications running on Kubernetes from malicious attacks with pre-registered source code, pre-registered runti…
  ☆54Updated 6 months ago
• redcanaryco / ebpfmon
  ☆84Updated 4 months ago
• google / ctrdac
  ☆9Updated 7 months ago
• sHesl / amazon-where-services
  Automated determination of which AWS services run where
  ☆20Updated this week
• google / oss-rebuild
  Securing open-source package ecosystems by originating, validating, and augmenting build attestations.
  ☆32Updated last week
• jp-gouin / multi-cluster-supply-chain
  ☆15Updated 4 months ago
• testifysec / solarsploit
  Red team tool that emulates the SolarWinds CI compromise attack vector.
  ☆22Updated 8 months ago
• NodyHub / docker-k8s-resources
  A collection of Docker and Kubernetes resources
  ☆18Updated 2 years ago
• KatTraxler / gcpdocs
  Repository to archive GCP Documentation for local use
  ☆13Updated 2 weeks ago
• ofirc / k8s-sniff-https
  A simple mitmproxy blueprint to intercept HTTPS traffic from app running on Kubernetes
  ☆64Updated 4 months ago
• wiz-sec-public / namespacehound
  NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.
  ☆59Updated 8 months ago
• raesene / teisteanas
  ☆20Updated 6 months ago
• cilium / certgen
  A convenience tool to generate and store certificates for Hubble Relay mTLS
  ☆21Updated 3 weeks ago
• ramimac / breach-list-database
  A meta-database collecting resources that compile lists of breaches
  ☆18Updated 2 weeks ago
• ProfessorManhattan / packer-windows-desktop
  An automated Windows 11 Desktop Packer project that sets up SSH, WinRM, and virtualization additions
  ☆15Updated last year
• google / containerdbg
  ☆74Updated 3 months ago
• slashben / beat-ac-cosign-verifier
  This is a POC repository showing how a Kubernetes Admission Controller can be made irrelevant when verifying container image signatures
  ☆12Updated last year
• tarsal-oss / kflowd
  Kernel-based Process Monitoring on Linux Endpoints for File System, TCP and UDP Networking Events and optionally DNS, HTTP and SYSLOG App…
  ☆49Updated this week
• latacora / remediate-AWS-IMDSv1
  Simple tool to identify and remediate the use of the AWS EC2 IMDSv1.
  ☆16Updated 3 years ago
• raesene / eathar
  ☆24Updated 6 months ago
• k8sstormcenter / honeycluster
  Threat-informed defense for cloudnative: Reference Implementation of a so-called Honeycluster - for kind (and GKE, RKE2, AKS)
  ☆22Updated 2 weeks ago
• nccgroup / insject
  insject is a tool for poking at containers. It enables you to run an arbitrary command in a container or any mix of Linux namespaces.
  ☆49Updated 2 years ago
• anchore / yardstick
  Compare vulnerability scanners results (to make them better!)
  ☆15Updated this week
• vulnersCom / trivy-plugin-vulners-db
  ☆42Updated last year
• isovalent / eBPF-Summit-2022-CTF
  Capture The Flag Challenge for eBPF Summit 2022
  ☆18Updated 2 years ago
• mellow-hype / santa-linux
  A proof-of-concept Linux clone of Santa, Google's binary authorization system for macOS
  ☆30Updated last year