nccgroup/ConMachi

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/nccgroup/ConMachi)

nccgroup / ConMachi

Container Blackbox Security Auditing Tool: enumerates security configuration from within the target container

☆106

Alternatives and similar repositories for ConMachi

Users that are interested in ConMachi are comparing it to the libraries listed below

Sorting:

brompwnie / botb
View on GitHub
A container analysis and exploitation tool for pentesters and engineers.
☆675Sep 27, 2023Updated 2 years ago
antitree / keyctl-unmask
View on GitHub
Going Florida on container keyring masks. A tool to demonstrate the ineffectivity containers have on isolating Linux Kernel keyrings.
☆44Feb 10, 2026Updated 3 weeks ago
antitree / krew-net-forward
View on GitHub
Variety of kubectl krew tools usually security focused
☆34Jul 17, 2025Updated 7 months ago
nccgroup / kube-auto-analyzer
View on GitHub
Kubernetes Auto Analyzer
☆191Dec 11, 2019Updated 6 years ago
jbcayrou / ethRE
View on GitHub
Reverse Engineering tool for Ethereum EVM
☆20Jun 30, 2016Updated 9 years ago
google / gke-auditor
View on GitHub
☆74Sep 30, 2020Updated 5 years ago
suzuki-shunsuke / tfprovidercheck
View on GitHub
CLI to prevent malicious Terraform Providers from being executed. You can define the allow list of Terraform Providers and their versions…
☆88Feb 25, 2026Updated last week
nccgroup / SFPolDevChk
View on GitHub
Salesforce Policy Deviation Checker
☆30Sep 30, 2020Updated 5 years ago
genuinetools / amicontained
View on GitHub
Container introspection tool. Find out what container runtime is being used as well as features available.
☆1,073Dec 9, 2020Updated 5 years ago
nodyhub / zipslipper
View on GitHub
Create tar/zip archives that try to exploit zipslip vulnerability.
☆48Sep 20, 2024Updated last year
4ARMED / kubeletmein
View on GitHub
Security testing tool for Kubernetes, abusing kubelet credentials on public cloud providers.
☆164Nov 28, 2025Updated 3 months ago
jivoi / ansible-openvas
View on GitHub
openVAS with ansible
☆21Apr 22, 2015Updated 10 years ago
lightspin-tech / red-shadow
View on GitHub
Lightspin AWS IAM Vulnerability Scanner
☆94Mar 28, 2021Updated 4 years ago
target / attack-navigator-docker
View on GitHub
A simple Docker container that serves the MITRE ATT&CK Navigator web app
☆27Apr 23, 2023Updated 2 years ago
ReversecLabs / cloud-security-vm
View on GitHub
Ansible/Vagrant/Packer files to create a virtual machine with the tooling needed to perform cloud security assessments
☆142Jan 2, 2025Updated last year
ncc-erik-steringer / Aerides
View on GitHub
An implementation of infrastructure-as-code scanning using dynamic tooling.
☆56Jan 18, 2022Updated 4 years ago
DataDog / workload-security-evaluator
View on GitHub
## Auto-archived due to inactivity. ## Tooling to simulate runtime attacks and test default runtime detections from Datadog Cloud Securit…
☆37Oct 17, 2024Updated last year
mhausenblas / the-container-security-book
View on GitHub
The Container Security Book—a free book for practitioners
☆82Mar 27, 2020Updated 5 years ago
tomsteele / burpstaticscan
View on GitHub
Use burp's JS static code analysis on code from your local system.
☆43Dec 22, 2016Updated 9 years ago
disasmwinnie / proxbbe
View on GitHub
ProXBBE (Protocol eXtraction By Binary Execution)
☆31Sep 21, 2017Updated 8 years ago
ZSECURE / zDocker-cobaltstrike
View on GitHub
Docker container for running CobaltStrike 4.10
☆38Sep 18, 2024Updated last year
sixdub / DomainTrustExplorer
View on GitHub
Python script for analyis of the "Trust.csv" file generated by Veil PowerView. Provides graph based analysis and output.
☆121Aug 18, 2020Updated 5 years ago
cyberark / kubernetes-rbac-audit
View on GitHub
Tool for auditing RBACs in Kubernetes
☆225Feb 5, 2024Updated 2 years ago
AdnaneKhan / ActionsCacheBlasting
View on GitHub
Proof-of-concept code for research into GitHub Actions Cache poisoning.
☆21Mar 9, 2025Updated 11 months ago
nccgroup / go-pillage-registries
View on GitHub
Pentester-focused Docker registry tool to enumerate and pull images
☆114Jan 27, 2020Updated 6 years ago
ekristen / libnuke
View on GitHub
Common Golang Packages for use by the Various Cloud Nuke Tools
☆55Feb 26, 2026Updated last week
mzfr / go-gtfo
View on GitHub
gtfo, now with the speed of golang
☆62Jun 8, 2020Updated 5 years ago
lightspin-tech / red-bucket-gcp
View on GitHub
☆10May 12, 2022Updated 3 years ago
serializingme / gpo-bypass
View on GitHub
GPO Bypass is a tool / proof-of-concept that highlights how one can bypass Group Policy enforced policies. It uses Firefox as an example.
☆14Jan 28, 2023Updated 3 years ago
davehardy20 / PoSHBypass
View on GitHub
☆25Jul 5, 2018Updated 7 years ago
jdyke / gcp-iam-analyzer
View on GitHub
Compares and analyzes GCP IAM roles.
☆78Mar 9, 2025Updated 11 months ago
nixwizard / kube-alien
View on GitHub
☆25May 9, 2021Updated 4 years ago
epinna / codepaths
View on GitHub
Binary reversing tool to find all possible code paths between two functions.
☆28Apr 25, 2018Updated 7 years ago
guedou / ghidra-processor-mep
View on GitHub
Toshiba MeP-c4 for Ghidra
☆22May 29, 2019Updated 6 years ago
SmeegeSec / GitHub-Wiki-Auditor
View on GitHub
Python script to check GitHub accounts for world-editable wiki pages
☆21May 8, 2023Updated 2 years ago
jivoi / s5.go
View on GitHub
Socks5 proxy server by golang
☆11Oct 10, 2019Updated 6 years ago
rams3sh / cuw
View on GitHub
Tool to check for applicable windows updates for a given machine in offline without dependency on WSUS or WUA.
☆11Sep 23, 2020Updated 5 years ago
bugcrowd / ecs-service-image-updater
View on GitHub
Update an ECS service to use a new Docker image
☆13Feb 21, 2026Updated last week
jw-s / updatey
View on GitHub
Brings Semantic versioning constraints to Kubernetes resources!
☆13May 7, 2024Updated last year