build distroless images with alpine tools
☆130May 17, 2022Updated 3 years ago
Alternatives and similar repositories for witchery
Users that are interested in witchery are comparing it to the libraries listed below
Sorting:
- [Soft-deprecated] Reproducible apt/dnf/apk/pacman, with content-addressing☆112Dec 11, 2023Updated 2 years ago
- insject is a tool for poking at containers. It enables you to run an arbitrary command in a container or any mix of Linux namespaces.☆50Jan 6, 2022Updated 4 years ago
- Electron-Probe leverages the Node variant of the Chrome Debugging Protocol to execute JavaScript payloads inside of target Electron appli…☆31Jan 13, 2026Updated 2 months ago
- Build OCI images from APK packages directly without Dockerfile☆1,570Updated this week
- ☆30May 12, 2025Updated 10 months ago
- Knowledge Report Alert & Normalization Generator☆26Feb 11, 2026Updated last month
- Write controller-runtime based k8s controllers that read/write to git, not k8s☆48Jul 28, 2021Updated 4 years ago
- OCI transport plugin for apt-get (i.e., apt-get over ghcr.io)☆114Mar 16, 2026Updated last week
- Container image provenance spec that allows tracing CVEs detected in registry images back to a CVE's source of origin.☆45Oct 30, 2023Updated 2 years ago
- Demo app duplicated in 5 languages (Go/JavaScript/Python/Ruby/Rust) showing how to go from source code to container image using melange+a…☆37Dec 24, 2023Updated 2 years ago
- Keyless Git signing with cosign!☆11May 12, 2022Updated 3 years ago
- Modular Kubernetes lab which provides an easy and streamlined way to deploy a test cluster with support for different components.☆53Oct 2, 2025Updated 5 months ago
- A command line tool to automatically generate seccomp profiles.☆27Apr 29, 2021Updated 4 years ago
- build APKs from source code☆579Updated this week
- A Kubectl plugin that can detect if any of your workloads or manifest files are mounting the docker.sock volume☆177Nov 20, 2025Updated 4 months ago
- OCI hook to trace syscalls and generate a seccomp profile☆338Updated this week
- ☆17Mar 24, 2023Updated 2 years ago
- JSON Pointer (RFC 6901) for Go☆31Mar 28, 2024Updated last year
- python3 scripts to help with aws triage needs☆15Feb 11, 2022Updated 4 years ago
- Semgrep rules to identify GWT attack surface☆12Apr 28, 2022Updated 3 years ago
- A k3s packager and installer, primarily intended for airgapped deployments☆13Jan 25, 2021Updated 5 years ago
- OCI viewer☆19Mar 12, 2025Updated last year
- Template repository for testing CLI features of applications written in Go☆10Nov 14, 2021Updated 4 years ago
- Mattermost builder☆11Jan 1, 2022Updated 4 years ago
- Trust Dexter to ensure that all your images are pinned by digest for better security☆31Nov 8, 2023Updated 2 years ago
- Detect intrusions that happened in your Kubernetes cluster through audit logs using Falco☆63Jun 2, 2021Updated 4 years ago
- Demos for several kubernetes security features☆64Jan 9, 2025Updated last year
- Sniff and attack networks that use IP-in-IP or VXLAN encapsulation protocols.☆23Aug 30, 2024Updated last year
- 🔍 Rekor transparency log monitoring and alerting☆27Oct 2, 2023Updated 2 years ago
- CloudSplaining on AWS Managed Policies☆44Sep 8, 2025Updated 6 months ago
- ☆108Nov 15, 2025Updated 4 months ago
- Compares and analyzes GCP IAM roles.☆78Mar 9, 2025Updated last year
- ☆15Updated this week
- Kubernetes Application Archive☆152May 4, 2022Updated 3 years ago
- Nix derivations as Dockerfiles (`docker build -f default.nix .`)☆185Sep 13, 2023Updated 2 years ago
- Virtual-kubelet provider running pods in cloud instances☆232Feb 25, 2023Updated 3 years ago
- My personal site. Contains my blog and other useful sections☆14Mar 13, 2026Updated last week
- Simple tool that allows you to detect imposter commits in GitHub Actions workflows.☆27Dec 17, 2024Updated last year
- ☆73May 13, 2025Updated 10 months ago