preflight helps you verify scripts and executables to mitigate chain of supply attacks such as the recent Codecov hack.
created at April 29, 2021, 10:37 a.m.
Network egress filtering and runtime security for GitHub-hosted and self-hosted runners
created at Oct. 28, 2021, 4:58 p.m.
Presentations, training modules, and other education materials from Duo Security's Application Security team.
created at Oct. 22, 2019, 4:40 p.m.
Cfngoat is Bridgecrew's "Vulnerable by Design" Cloudformation repository. Cfngoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
created at April 25, 2020, 12:47 a.m.
Discover internet-wide misconfigurations while drinking coffee
created at March 3, 2021, 6:47 p.m.
Imperva's customizable API attack tool takes an API specification as an input, generates and runs attacks that are based on it as an output.
created at Nov. 6, 2019, 7:53 a.m.
a static analysis tool for finding vulnerabilities in C/C++ source code
created at Nov. 12, 2018, 5:23 p.m.
Keyscope is a key and secret workflow (validation, invalidation, etc.) tool built in Rust
created at Oct. 1, 2021, 12:01 p.m.
A project security/vulnerability/risk scanning tool
created at March 18, 2017, 3:24 p.m.
TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
created at March 27, 2020, 4:56 p.m.
Kubernetes object analysis with recommendations for improved reliability and security. kube-score actively prevents downtime and bugs in your Kubernetes YAML and Charts. Static code analysis for Kubernetes.
created at Sept. 16, 2018, 1:19 p.m.
Security risk analysis for Kubernetes resources
created at May 8, 2018, 8:52 a.m.
Write tests against structured configuration data using the Open Policy Agent Rego query language
created at March 28, 2019, 5:12 p.m.