Alternatives and similar repositories for github-actions-goat:

Users that are interested in github-actions-goat are comparing it to the libraries listed below

• step-security / harden-runner
  Harden-Runner secures CI/CD workflows by controlling network access and monitoring activities on GitHub-hosted and self-hosted runners
  ☆647Updated this week
• Legit-Labs / legitify
  Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets
  ☆789Updated 2 weeks ago
• CycodeLabs / raven
  CI/CD Security Analyzer
  ☆641Updated 2 months ago
• TupleType / awesome-cicd-attacks
  Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.
  ☆502Updated 2 months ago
• openai / openai-security-bots
  ☆360Updated 9 months ago
• tenable / cnappgoat
  CNAPPgoat is an open source project designed to modularly provision vulnerable-by-design components in cloud environments.
  ☆271Updated 4 months ago
• wiz-sec / open-cvdb
  An open project to list all publicly known cloud vulnerabilities and CSP security issues
  ☆313Updated this week
• boostsecurityio / poutine
  boostsecurityio/poutine
  ☆243Updated last week
• SecurityRunners / CloudCommotion
  Cloud Commotion intends to cause chaos to simulate security incidents
  ☆141Updated 7 months ago
• edgeroute / security-champion-framework
  The Security Champion Framework provides both a measuring stick and a roadmap generator for Champion Programs.
  ☆105Updated last year
• TinderSec / gh-workflow-auditor
  Script to audit GitHub Action Workflow files for potential vulnerabilities.
  ☆153Updated 4 months ago
• latiotech / LAST
  Use AI to Scan Your Code from the Command Line for security and code smells. Bring your own keys. Supports OpenAI and Gemini
  ☆154Updated 10 months ago
• klarna-incubator / gram
  Gram is Klarna's own threat model diagramming tool
  ☆291Updated this week
• rung / threat-matrix-cicd
  Threat matrix for CI/CD Pipeline
  ☆743Updated 6 months ago
• cider-security-research / top-10-cicd-security-risks
  ☆404Updated last year
• vishalgarg-sec / Software-Supply-Chain-Security
  A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,…
  ☆130Updated 11 months ago
• devops-kung-fu / bomber
  Scans Software Bill of Materials (SBOMs) for security vulnerabilities
  ☆536Updated last week
• BishopFox / cloudfoxable
  Create your own vulnerable by design AWS penetration testing playground
  ☆345Updated 7 months ago
• DataDog / threatest
  Threatest is a CLI and Go framework for end-to-end testing threat detection rules.
  ☆323Updated last year
• threatcl / threatcl
  Documenting your Threat Models with HCL
  ☆412Updated 4 months ago
• domain-protect / domain-protect
  OWASP Domain Protect - prevent subdomain takeover
  ☆401Updated 3 weeks ago
• ine-labs / GCPGoat
  GCPGoat : A Damn Vulnerable GCP Infrastructure
  ☆365Updated 2 months ago
• tadwhitaker / Security_Architect_and_Principal_Security_Engineer_Interview_Questions
  This is a companion to the Security Engineer Questions
  ☆201Updated last year
• dcodx / gitarmor
  GitArmor is a handy tool that makes it easy to assess the secure setup of your DevOps platform.
  ☆12Updated last month
• latiotech / insecure-kubernetes-deployments
  A full insecure kubernetes application for testing security tools
  ☆64Updated last week
• jstawinski / GitHub-Actions-Attack-Diagram
  ☆161Updated 4 months ago
• tldrsec / awesome-secure-defaults
  Awesome secure by default libraries to help you eliminate bug classes!
  ☆674Updated 2 months ago
• iriusrisk / OpenThreatModel
  The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.
  ☆170Updated last month
• x1trap / websec-answers
  Websec interview questions by tib3rius answered
  ☆305Updated last year
• unknownhad / CloudIntel
  This repo contains IOC, malware and malware analysis associated with Public cloud
  ☆246Updated 2 months ago