hashicorp-forge / semgrep-rules
HashiCorp-relevant rules for the Semgrep code analysis tool
☆37Updated 11 months ago
Related projects: ⓘ
- Compares and analyzes GCP IAM roles.☆76Updated 3 months ago
- Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts☆56Updated last year
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.☆56Updated 6 months ago
- Tooling to simulate runtime attacks and test default runtime detections from Datadog Cloud Security Management.☆29Updated 5 months ago
- Independently deploy customized honeyservices in AWS to trigger alerts on unauthorized access. It utilizes a dedicated CloudTrail for pre…☆42Updated 4 months ago
- Vulnerable by Design AWS Cloud Development Kit (CDK) Infrastructure☆42Updated 8 months ago
- Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows☆76Updated this week
- Tool for obfuscating and deobfuscating data.☆60Updated 5 months ago
- ☆37Updated 3 weeks ago
- AWS honey token manager☆78Updated last month
- An AWS metadata enumeration tool by Plerion☆72Updated 7 months ago
- Protect against subdomain takeover☆92Updated 3 months ago
- Clean accounts over permissions in GCP infra at scale☆70Updated last year
- IMDSPOOF is a cyber deception tool that spoofs the AWS IMDS service to return HoneyTokens that can be alerted on.☆91Updated 9 months ago
- Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.☆38Updated 9 months ago
- ☆106Updated 3 months ago
- Convert cloudtrail data to MITRE ATT&CK Sightings☆77Updated 2 years ago
- Nextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrix☆55Updated last year
- truffleproc — hunt secrets in process memory (TruffleHog & gdb mashup)☆110Updated last year
- An implementation of infrastructure-as-code scanning using dynamic tooling.☆56Updated 2 years ago
- Generates runbooks for GuardDuty findings☆34Updated 2 months ago
- This tool analyzes a given Gitlab repository and searches for dangling or force-pushed commits containing potential secret or interesting…☆38Updated last month
- EZGHSA is a command-line tool for summarizing and filtering vulnerability alerts on Github repositories.☆35Updated 3 months ago
- Security scanning & static analysis tool - forked and rewritten from @thought-machine/dracon☆70Updated this week
- 🌐 Visualize and explore IaC ✒️ Create and share notes in VS Code 🤝 Sync notes and findings in real-time with friends☆68Updated 7 months ago
- A Terraform module that makes it a snap to opt out of all AWS AI/ML data harvesting.