Alternatives and similar repositories for how-to-rotate

Users that are interested in how-to-rotate are comparing it to the libraries listed below

• DataDog / supply-chain-firewall
  A tool for preventing the installation of malicious PyPI and npm packages
  ☆148Updated this week
• elementsinteractive / twyn
  Security tool against dependency typosquatting attacks
  ☆52Updated this week
• bullfrogsec / bullfrog
  Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows
  ☆110Updated this week
• ossf / oss-vulnerability-guide
  A guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disc…
  ☆122Updated 5 months ago
• opengrep / opengrep-rules
  ☆71Updated 4 months ago
• hashicorp-forge / semgrep-rules
  HashiCorp-relevant rules for the Semgrep code analysis tool
  ☆41Updated last year
• OWASP / OpenCRE
  ☆110Updated this week
• orcasecurity-research / kte
  Test & Compare different Kubernetes security offerings on EKS, GKE and AKS
  ☆40Updated 9 months ago
• google / localtoast
  ☆113Updated last week
• Santiago-Labs / go-ocsf
  ☆69Updated 2 weeks ago
• jstawinski / GitHub-Actions-Attack-Diagram
  ☆184Updated 2 months ago
• DataDog / attache
  Attaché provides an emulation layer for Cloud Provider IMDS APIs
  ☆57Updated last year
• offensive-actions / terraform-provider-statefile-rce
  This terraform provider can be used to get remote code execution by injecting a dummy resource in a writeable state file.
  ☆55Updated 4 months ago
• boostsecurityio / lotp
  boostsecurityio/lotp
  ☆126Updated 2 months ago
• apiiro / malicious-code-ruleset
  Focused malicious code detection ruleset, with a high protection-to-noise ratio
  ☆120Updated 4 months ago
• boostsecurityio / poutine
  boostsecurityio/poutine
  ☆301Updated 2 weeks ago
• kudelskisecurity / youshallnotpass
  YouShallNotPass brings an added level of execution security to mission-critical CI/CD Systems.
  ☆36Updated last year
• domain-protect / domain-protect-gcp
  Protect against subdomain takeover
  ☆92Updated last year
• primeharbor / breaches.cloud
  https://breaches.cloud
  ☆40Updated 8 months ago
• hashicorp-forge / grove
  A Software as a Service (SaaS) log collection framework.
  ☆173Updated this week
• openvex / spec
  OpenVEX Specification
  ☆151Updated 3 weeks ago
• elastic / SWAT
  Simple Workspace Attack Tool (SWAT) is a tool for simulating malicious behavior against Google Workspace in reference to the MITRE ATT&CK…
  ☆165Updated 8 months ago
• StevenSmiley / aws-mine
  AWS honey token manager
  ☆87Updated 10 months ago
• DataDog / HASH
  HASH (HTTP Agnostic Software Honeypot)
  ☆138Updated last year
• anchore / vunnel
  Tool for collecting vulnerability data from various sources (used to build the grype database)
  ☆99Updated this week
• SecureStackCo / visualizing-software-supply-chain
  A project to visualize the software supply chain
  ☆51Updated last year
• SygniaLabs / Mirage
  ☆73Updated 3 months ago
• SecurityRunners / CloudCommotion
  Cloud Commotion intends to cause chaos to simulate security incidents
  ☆143Updated last year
• ossf / security-baseline
  ☆90Updated this week
• Addepar / RedFlag
  RedFlag uses AI to identify high-risk code changes. Run it in batch mode for release candidate testing or in CI pipelines to flag PRs and…
  ☆149Updated 7 months ago