woodruffw / zizmor
A tool for finding security issues in GitHub Actions setups.
☆371Updated this week
Related projects ⓘ
Alternatives and complementary repositories for zizmor
- A security layer for Git repositories☆465Updated this week
- Network egress filtering and runtime security for GitHub-hosted and self-hosted runners☆622Updated this week
- Validate the isolation posture of your container environment.☆162Updated this week
- The terminal for Kubernetes☆405Updated last month
- boostsecurityio/poutine☆234Updated this week
- Maelstrom is a fast Rust, Go, and Python test runner that runs every test in its own container. Tests are either run locally or distribut…☆599Updated this week
- #supply #chain #attack #detection☆453Updated this week
- Secure shell history commands by finding sensitive data☆219Updated last year
- Orchestrate GitHub Actions Security☆256Updated 2 months ago
- Embedded storage built for multiplexing. Smart machines don't need to read JSON, they only need protocol buffers. The world's first MODMS…☆291Updated 3 weeks ago
- Deploy and manage confidential containers on Kubernetes☆208Updated this week
- Throw a tag at it and it comes back with a checksum.☆87Updated last week
- A flexible threat detection platform that simplifies rule management and deployment using K8s CronJob and Helm, but can also run standalo…☆353Updated last month
- A scanner for end-of-life (EOL) software and dependencies in container images, filesystems, and SBOMs☆349Updated this week
- SecObserve is an open source vulnerability management system for software development and cloud environments. It supports a variety of op…☆97Updated this week
- Publish from GitHub Actions using multi-factor authentication☆276Updated last month
- CI/CD Security Analyzer☆626Updated last month
- Open-source best practices for protecting a secure, sensible cloud platform☆105Updated last month
- A safe and ergonomic alternative to rm☆373Updated last week
- A GitHub App that acts like a Security Token Service (STS) for the Github API☆139Updated this week
- An opensource incident management platform integrating with Slack.☆518Updated last month
- Keyless Git signing using Sigstore☆947Updated last week
- Interactive grep (for streaming)☆592Updated 3 months ago
- Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows☆79Updated last week
- Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets☆775Updated last week
- A de-minifier (formatter, exploder, beautifier) for shell one-liners☆468Updated 2 months ago
- GitHub Action to enable automated security updates and open a issue/PR in repos in an org that have dependency files but no dependabot.ya…☆185Updated this week
- Format agnostic SBOM tooling☆82Updated this week
- GitHub token permissions Monitor and Advisor actions☆258Updated this week
- A FOSS, cross-platform version of GitHub Actions and Gitlab CI☆575Updated 10 months ago