A GitHub Actions Supply Chain CTF / Goat
☆26Jan 6, 2026Updated 2 months ago
Alternatives and similar repositories for gravy-overflow
Users that are interested in gravy-overflow are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A security-first linter for code that shouldn't need linting☆18Sep 12, 2023Updated 2 years ago
- ☆40Aug 2, 2024Updated last year
- ☆12Oct 17, 2023Updated 2 years ago
- This GitHub Action sends a reverse shell from a runner via Azure Storage Account blobs☆39Sep 25, 2024Updated last year
- ☆51Jun 13, 2024Updated last year
- Public repository to provide guidance and examples for people to start learning IaC. This repository also contains some open-hack style l…☆24Jun 14, 2023Updated 2 years ago
- Official code for the paper entitled "Toward Intelligent and Secure Cloud: Large Language Model Empowered Proactive Defense"☆16Apr 10, 2025Updated 11 months ago
- A Golang program to rotate AWS & GCP account keys☆67May 12, 2025Updated 10 months ago
- Tool for obfuscating and deobfuscating data.☆77Mar 20, 2024Updated 2 years ago
- RopstenCtf is an easy tool to interact with the ethereum ropsten network for ctf purpose and more.☆16Jul 18, 2022Updated 3 years ago
- Vulnerable by Design AWS Cloud Development Kit (CDK) Infrastructure☆49Dec 29, 2023Updated 2 years ago
- Threat model for Azure Storage - Library of all the attack scenarios on Azure Storage, and how to mitigate them following a risk-based ap…☆59Updated this week
- Generates runbooks for GuardDuty findings☆38Jun 24, 2024Updated last year
- AIGoat: A deliberately Vulnerable AI Infrastructure. Learn AI security through solving our challenges.☆269Sep 16, 2025Updated 6 months ago
- POC tool to create signed AWS API GET requests to bypass Guard Duty alerting of off-instance credential use via SSRF☆59Sep 20, 2023Updated 2 years ago
- This tool analyzes a given Github repository and searches for dangling or force-pushed commits containing potential secret or interesting…☆178Feb 28, 2025Updated last year
- ☆18Jul 30, 2024Updated last year
- To clean up your AWS AMIs: First, include AMIs by name or tag. Second, exclude AMIs in use, younger than N days, or the newest N images. …☆36Updated this week
- A boilerplate for developing, testing and deploying smart contracts using Hardhat and Ethers.js☆18Aug 31, 2022Updated 3 years ago
- Partially offline multi-language translator built upon Huggingface transformers.☆16Sep 12, 2022Updated 3 years ago
- Emulates the VirusTotal "vt" YARA module for livehunt rule debugging/testing☆24May 29, 2023Updated 2 years ago
- Deliberately vulnerable AWS resources for security assessment demos☆32Aug 20, 2022Updated 3 years ago
- Webshell agent in aspx and php☆27Dec 11, 2025Updated 3 months ago
- Bash and ZSH integration for Impacket☆72Nov 6, 2025Updated 4 months ago
- Freyja is a Golang, Purple Team agent that compiles into Windows, Linux and macOS x64 executables.☆41Oct 29, 2024Updated last year
- ☆30Jan 13, 2026Updated 2 months ago
- Recon scripts for Red Team and Web blackbox auditing☆25Mar 3, 2026Updated 3 weeks ago
- Proof-of-concept code for research into GitHub Actions Cache poisoning.☆21Mar 9, 2025Updated last year
- Execute a shell command within Cloud Run☆31Jul 7, 2022Updated 3 years ago
- ☆20Jul 24, 2022Updated 3 years ago
- Sniff and attack networks that use IP-in-IP or VXLAN encapsulation protocols.☆23Aug 30, 2024Updated last year
- ## Auto-archived due to inactivity. ## Tooling to simulate runtime attacks and test default runtime detections from Datadog Cloud Securit…☆37Oct 17, 2024Updated last year
- PII detection platform, leveraging human-in-the-loop AI☆54Nov 29, 2024Updated last year
- A silly project for free (maybe) egress from EC2 instances using Tailscale and Session Manager☆31Jun 6, 2023Updated 2 years ago
- This repository offers a detailed taxonomy of existing AI-driven security solutions tailored for DevSecOps, highlighting the current rese…☆19Jul 2, 2025Updated 8 months ago
- Security Alert Decoration☆27Jul 21, 2025Updated 8 months ago
- A tool to check the security settings of Github Organizations.☆75Feb 9, 2026Updated last month
- A Python Obfuscator through AST modification☆26Nov 15, 2019Updated 6 years ago
- A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.☆80Jan 6, 2026Updated 2 months ago