praetorian-inc / snowcat
a tool to audit the istio service mesh
☆173Updated 3 years ago
Alternatives and similar repositories for snowcat:
Users that are interested in snowcat are comparing it to the libraries listed below
- ☆25Updated last year
- Kubernetes admission webhook that uses cosign verify to check the subject and issuer of the image matches what you expect☆23Updated 3 weeks ago
- Runtime security plug to protect user containers☆65Updated this week
- Security testing tool for Kubernetes, abusing kubelet credentials on public cloud providers.☆161Updated last year
- Open Source runtime scanner for k8s cluster and perform security audit checks based on CIS Kubernetes Benchmark specification☆66Updated 4 months ago
- The regolibrary package contains the controls Kubescape uses for detecting misconfigurations in Kubernetes manifests.☆125Updated 2 weeks ago
- ☆96Updated 2 months ago
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.☆82Updated 4 months ago
- ☆29Updated 3 months ago
- Kubernetes audit logging, when you don't control the control plane☆74Updated this week
- Dockerfile Security Checker using OPA Rego policies with Conftest☆60Updated 2 years ago
- Cloud Native Security Hub - Security Resources☆54Updated 5 years ago
- EKS NG AMI Updater is an open source project that can be used to update kubernetes node group images.☆27Updated last week
- A replacement for "kubectl exec" that works over WebSocket connections.☆38Updated last year
- K8s Network Policy Migrator is a tool to migrate Calico or Cilium custom network policies to Kubernetes native network policy. The tool o…☆30Updated last year
- Clean accounts over permissions in GCP infra at scale☆71Updated last year
- Kubernetes Native, Runtime Container Image Scanning☆39Updated 3 years ago
- Dynamic Application and API Security Testing☆192Updated 2 years ago
- ☆54Updated this week
- PEACH - a step-by-step framework for modeling and improving SaaS and PaaS tenant isolation, by managing the attack surface exposed by use…☆70Updated 2 years ago
- Research on various techniques to bypass default falco ruleset (based on falco v0.28.1).☆81Updated last year
- Kubernetes Admission Controller for Image Scanning using OPA☆50Updated last year
- Scans SBOMs for vulnerabilities with Grype☆80Updated last week
- This is just a proof-of-concept project that aims to sign and verify container images using cosign and OPA (Open Policy Agent)☆62Updated 3 years ago
- Attaché provides an emulation layer for Cloud Provider IMDS APIs☆52Updated 10 months ago
- An admission controller service and kubectl plugin to handle container drift in K8s clusters☆124Updated 3 years ago
- vexctl is a tool to attest VEX impact statements☆44Updated 2 years ago
- Discover vulnerabilities and container image misconfiguration in production environments.☆55Updated 2 months ago
- Kubernetes Common Configuration Scoring System☆124Updated 2 years ago
- book website☆68Updated 3 years ago