twilio-labs / deadshotLinks
Deadshot is a Github pull request scanner to identify sensitive data being committed to a repository
☆190Updated last year
Alternatives and similar repositories for deadshot
Users that are interested in deadshot are comparing it to the libraries listed below
Sorting:
- A crowdsourced Google Cloud IAM permissions reference.☆25Updated 5 months ago
- Open source compliance tool for development platforms.☆288Updated 2 years ago
- GitGoat is an open source tool that was built to enable DevOps and Engineering teams to design and implement a sustainable misconfigurati…☆170Updated 10 months ago
- Prevent SSRF attacks on AWS EC2 via automated upgrades to the more secure Instance Metadata Service v2 (IMDSv2).☆143Updated 7 months ago
- Add comments to pull requests where tfsec checks have failed☆168Updated 2 years ago
- Is your AWS perimeter secure? Use Powerpipe and Steampipe to check your AWS accounts for public resources, resources shared with untrust…☆113Updated 3 months ago
- An AWS Pentesting tool that lets you use one-liner commands to backdoor an AWS account's resources with a rogue AWS account - or share th…☆204Updated 4 years ago
- all paths lead to clouds☆638Updated 2 years ago
- Threatest is a CLI and Go framework for end-to-end testing threat detection rules.☆335Updated 7 months ago
- Evaluate source control (GitHub) security posture☆251Updated 2 years ago
- sgCheckup generates nmap output based on scanning your AWS Security Groups for unexpected open ports.☆81Updated 4 years ago
- Static analysis for CloudFormation templates to identify common misconfiguration☆56Updated 3 years ago
- Offensive Terraform Website☆45Updated 5 years ago
- Audit your GitHub Actions workflow runs to see exactly which Actions were downloaded☆78Updated last week
- Scans your Github Actions for security issues☆87Updated 3 weeks ago
- Compares and analyzes GCP IAM roles.☆77Updated 9 months ago
- Script to audit GitHub Action Workflow files for potential vulnerabilities.☆156Updated last year
- Trivy's misconfiguration scanning engine☆215Updated 10 months ago
- KaiMonkey provides vulnerable infrastructure as code (IaC) to help explore and understand common cloud security threats exposed via IaC.☆105Updated last year
- Python script for collecting and visualising Google Cloud Platform IAM permissions☆50Updated 8 years ago
- A tool to check the security settings of Github Organizations.☆72Updated 2 years ago
- A curated list of policy-as-code resources like blogs, videos, and tools to practice on for learning Policy-as-Code.☆199Updated 2 years ago
- Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts☆61Updated 2 years ago
- Monitor the internet attack surface of various public cloud environments. Currently supports AWS, GCP, Azure, DigitalOcean and Oracle Clo…☆128Updated 3 weeks ago
- Scans every git push to your Github organisations to find unwanted secrets.☆87Updated 7 months ago
- A honey token manager and alert system for AWS.☆321Updated 3 years ago
- Threat matrix for CI/CD Pipeline☆759Updated last year
- IAM-Deescalate helps mitigate privilege escalation risk in AWS identity and access management (IAM)☆98Updated 3 years ago
- Clean accounts over permissions in GCP infra at scale☆71Updated 2 years ago
- ☆66Updated 6 years ago