Network egress filtering and runtime security for GitHub-hosted and self-hosted runners
created at Oct. 28, 2021, 4:58 p.m.
Keyscope is a key and secret workflow (validation, invalidation, etc.) tool built in Rust
created at Oct. 1, 2021, 12:01 p.m.
preflight helps you verify scripts and executables to mitigate chain of supply attacks such as the recent Codecov hack.
created at April 29, 2021, 10:37 a.m.
Discover internet-wide misconfigurations while drinking coffee
created at March 3, 2021, 6:47 p.m.
Vulnerable app with examples showing how to not use secrets
created at Aug. 19, 2020, 5:59 a.m.
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀
created at June 4, 2020, 5:11 p.m.
Cfngoat is Bridgecrew's "Vulnerable by Design" Cloudformation repository. Cfngoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
created at April 25, 2020, 12:47 a.m.
TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
created at March 27, 2020, 4:56 p.m.
Open Source Cloud Native Application Protection Platform (CNAPP)
created at Feb. 6, 2020, 10:30 a.m.
A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for learning Threat modeling and initial phases of security review.
created at Dec. 29, 2019, 6:30 a.m.
Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
created at Nov. 27, 2019, 8:55 a.m.
Imperva's customizable API attack tool takes an API specification as an input, generates and runs attacks that are based on it as an output.
created at Nov. 6, 2019, 7:53 a.m.