build distroless images with alpine tools
☆130May 17, 2022Updated 3 years ago
Alternatives and similar repositories for witchery
Users that are interested in witchery are comparing it to the libraries listed below
Sorting:
- ☆29May 12, 2025Updated 9 months ago
- [Soft-deprecated] Reproducible apt/dnf/apk/pacman, with content-addressing☆112Dec 11, 2023Updated 2 years ago
- insject is a tool for poking at containers. It enables you to run an arbitrary command in a container or any mix of Linux namespaces.☆50Jan 6, 2022Updated 4 years ago
- A k3s packager and installer, primarily intended for airgapped deployments☆13Jan 25, 2021Updated 5 years ago
- Electron-Probe leverages the Node variant of the Chrome Debugging Protocol to execute JavaScript payloads inside of target Electron appli…☆31Jan 13, 2026Updated last month
- Semgrep rules to identify GWT attack surface☆12Apr 28, 2022Updated 3 years ago
- A Kubectl plugin that can detect if any of your workloads or manifest files are mounting the docker.sock volume☆177Nov 20, 2025Updated 3 months ago
- Knowledge Report Alert & Normalization Generator☆26Feb 11, 2026Updated 2 weeks ago
- Modular Kubernetes lab which provides an easy and streamlined way to deploy a test cluster with support for different components.☆53Oct 2, 2025Updated 5 months ago
- Write controller-runtime based k8s controllers that read/write to git, not k8s☆48Jul 28, 2021Updated 4 years ago
- OCI transport plugin for apt-get (i.e., apt-get over ghcr.io)☆113Feb 2, 2026Updated last month
- A Helm plugin for running commands with the security privileges of another user☆15Mar 9, 2022Updated 3 years ago
- OCI hook to trace syscalls and generate a seccomp profile☆338Feb 12, 2026Updated 2 weeks ago
- Container image provenance spec that allows tracing CVEs detected in registry images back to a CVE's source of origin.☆45Oct 30, 2023Updated 2 years ago
- Build OCI images from APK packages directly without Dockerfile☆1,555Updated this week
- Detect intrusions that happened in your Kubernetes cluster through audit logs using Falco☆63Jun 2, 2021Updated 4 years ago
- python3 scripts to help with aws triage needs☆15Feb 11, 2022Updated 4 years ago
- ☆27Feb 19, 2026Updated last week
- Kubernetes Application Archive☆152May 4, 2022Updated 3 years ago
- Trust Dexter to ensure that all your images are pinned by digest for better security☆31Nov 8, 2023Updated 2 years ago
- Virtual-kubelet provider running pods in cloud instances☆232Feb 25, 2023Updated 3 years ago
- Sniff and attack networks that use IP-in-IP or VXLAN encapsulation protocols.☆23Aug 30, 2024Updated last year
- Compares and analyzes GCP IAM roles.☆78Mar 9, 2025Updated 11 months ago
- Gordon is status check Github app to enforce and validate about.yaml file specifications in a repository during pull requests to drive co…☆20Feb 4, 2025Updated last year
- ☆73May 13, 2025Updated 9 months ago
- Demos for several kubernetes security features☆64Jan 9, 2025Updated last year
- depstat is a dependency analyzer for Go modules enabled projects. It runs as part of the Kubernetes CI pipeline to help evaluate dependen…☆38Feb 11, 2026Updated 2 weeks ago
- ☸️ Cloud native API Gateway powered with in-redis cache☆77Mar 16, 2023Updated 2 years ago
- GKE CIS 1.1.0 Benchmark InSpec Profile☆25Sep 7, 2021Updated 4 years ago
- Kubernetes offensive framework built in eBPF☆39Mar 14, 2023Updated 2 years ago
- An implementation of infrastructure-as-code scanning using dynamic tooling.☆56Jan 18, 2022Updated 4 years ago
- OCI viewer☆19Mar 12, 2025Updated 11 months ago
- ☆24Mar 7, 2022Updated 3 years ago
- build APKs from source code☆568Updated this week
- An access-limiting stateless GitHub API Proxy☆150Sep 4, 2022Updated 3 years ago
- This repository contains examples of Kyverno policies for controlling the creation of Cilium Network policies☆22Nov 2, 2023Updated 2 years ago
- ☆25Jun 27, 2024Updated last year
- Burp Extension for AWS Signing☆90Jan 10, 2025Updated last year
- Audit your Kubernetes pods attached volumes and report any stale items.☆18Feb 6, 2023Updated 3 years ago