kondukto-io / kntrlLinks
kntrl is an eBPF based runtime agent that monitors and prevents anomalous behaviour defined by you on your pipeline. kntrl achieves this by monitoring kernel calls, and denying access as soon as your defined behaviour is detected. For more: https://kntrl.dev
☆115Updated 3 weeks ago
Alternatives and similar repositories for kntrl
Users that are interested in kntrl are comparing it to the libraries listed below
Sorting:
- Template Go app repo with local test/lint/build/vulnerability check workflow, and on tag image test/build/release pipelines, with ko gene…☆104Updated last year
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.☆98Updated 5 months ago
- A tool for preventing the installation of malicious PyPI and npm packages☆145Updated this week
- Runtime Security Solution for your CI/CD Pipeline☆104Updated 2 months ago
- Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows☆110Updated 2 weeks ago
- Supporting code and demos for KubeCon EU 2023 talk "Malicious Compliance: Reflections on Trusting Container Image Scanners"☆67Updated last year
- ☆72Updated 3 weeks ago
- Test & Compare different Kubernetes security offerings on EKS, GKE and AKS☆39Updated 9 months ago
- This terraform provider can be used to get remote code execution by injecting a dummy resource in a writeable state file.☆55Updated 4 months ago
- ☆178Updated last month
- ☆183Updated last month
- The security workflow engine!☆115Updated this week
- Attaché provides an emulation layer for Cloud Provider IMDS APIs☆57Updated 11 months ago
- Tooling to simulate runtime attacks and test default runtime detections from Datadog Cloud Security Management.☆31Updated 7 months ago
- ☆54Updated this week
- This repo. is archived. The utility is now at: https://github.com/CycloneDX/sbom-utility☆60Updated 2 years ago
- A full insecure kubernetes application for testing security tools☆87Updated last month
- Audit your GitHub Actions workflow runs to see exactly which Actions were downloaded☆68Updated last month
- Research on various techniques to bypass default falco ruleset (based on falco v0.28.1).☆81Updated last year
- A tool to check the security settings of Github Organizations.☆71Updated last year
- Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts☆61Updated 2 years ago
- Curating Falco rules with MITRE ATT&CK Matrix☆80Updated last year
- ☆68Updated 4 months ago
- Nord Stream is a tool that allows you to extract secrets stored inside CI/CD environments by deploying malicious pipelines. It currently …☆280Updated 4 months ago
- Script to audit GitHub Action Workflow files for potential vulnerabilities.☆156Updated 9 months ago
- ☆112Updated last week
- Damn Vulnerable Kubernetes App (DVKA) is a series of apps deployed on Kubernetes that are damn vulnerable.☆140Updated 2 months ago
- A tool to create, transform and attest VEX metadata☆139Updated 2 weeks ago
- ☆68Updated 3 weeks ago
- Protect against subdomain takeover☆92Updated last year