Alternatives and similar repositories for supplychain-attack-data

Users that are interested in supplychain-attack-data are comparing it to the libraries listed below

• antitree / seccomp-diff
  ☆86Updated this week
• offensive-actions / terraform-provider-statefile-rce
  This terraform provider can be used to get remote code execution by injecting a dummy resource in a writeable state file.
  ☆61Updated last year
• RyanJarv / roles
  Unauthenticated enumeration of AWS IAM Roles.
  ☆26Updated 5 months ago
• mllamazares / vulncov
  🧪 Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.
  ☆42Updated last year
• semgr8ns / semgr8s
  Semgrep-based Policy Controller for Kubernetes
  ☆47Updated 10 months ago
• tenable / hidden-services-revealer
  ☆39Updated last year
• r3volved / CVEAggregate
  Build a CVE library with aggregated CISA, EPSS and CVSS data
  ☆29Updated 2 years ago
• boostsecurityio / lotp
  boostsecurityio/lotp
  ☆138Updated 2 weeks ago
• madhuakula / spotter
  Spotter is a comprehensive Kubernetes security scanner that uses CEL-based rules to identify security vulnerabilities, misconfigurations,…
  ☆70Updated 4 months ago
• kapilduraphe / mcp-watch
  A comprehensive security scanner for Model Context Protocol (MCP) servers that detects vulnerabilities and security issues in your MCP se…
  ☆121Updated last month
• Neuroengine-vulns / autokaker
  Automated vulnerability discovery and annotation
  ☆68Updated last year
• DataDog / IDE-SHEPHERD-extension
  A VS Code/Cursor extension capable of performing realtime security monitoring from inside the IDE
  ☆64Updated last week
• vishalgarg-sec / Software-Supply-Chain-Security
  A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,…
  ☆139Updated 2 years ago
• antitree / go-pillage-registries
  Pentester-focused Docker registry tool to enumerate and pull images
  ☆36Updated 3 months ago
• SEU-ProactiveSecurity-Group / LLM-PD
  Official code for the paper entitled "Toward Intelligent and Secure Cloud: Large Language Model Empowered Proactive Defense"
  ☆15Updated 10 months ago
• HarshVaragiya / aws-redteam-kit
  A PoC to Simulate Ransomware Attack on AWS Environment
  ☆32Updated last year
• wiz-sec-public / SITF
  A comprehensive framework for analyzing and defending against attacks targeting Software Development Life Cycle Infrastructure.
  ☆97Updated this week
• rotemreiss / MalifiScan
  A security tool that detects malicious packages from external vulnerability feeds and searches for them in your package registries or art…
  ☆70Updated 2 months ago
• Permiso-io-tools / SkyScalpel
  ☆46Updated last year
• DataDog / whoAMI-scanner
  Scan your account for the use of untrusted AMIs
  ☆31Updated 2 months ago
• kaansk / go-epss
  A Golang library for interacting with the EPSS (Exploit Prediction Scoring System).
  ☆30Updated 11 months ago
• messypoutine / gravy-overflow
  A GitHub Actions Supply Chain CTF / Goat
  ☆27Updated last month
• SecurityRunners / cloud-exposure-catalog
  A catalog of services that can be publicly exposed within different cloud providers.
  ☆14Updated last year
• PaloAltoNetworks / github-oidc-utils
  ☆36Updated 9 months ago
• offensive-actions / azure-storage-reverse-shell
  This GitHub Action sends a reverse shell from a runner via Azure Storage Account blobs
  ☆39Updated last year
• hazcod / shade
  PoC shadow SaaS and insecure credential detection system using a browser extension.
  ☆41Updated 2 months ago
• 0x4D31 / santamon
  Lightweight macOS detection agent built on Santa’s Endpoint Security telemetry.
  ☆105Updated 2 months ago
• Rezonate-io / github-oidc-checker
  Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts
  ☆61Updated 2 years ago
• telophasehq / go-ocsf
  ☆76Updated 3 months ago
• JosephTLucas / vger
  An interactive CLI application for interacting with authenticated Jupyter instances.
  ☆55Updated 9 months ago