Ecosyste.ms: Repos
An open API service providing repository metadata for many open source software ecosystems.
GitHub topics: container-security
appvia/cosign-keyless-admission-webhook
Kubernetes admission webhook that uses cosign verify to check the subject and issuer of the image matches what you expect
Language: JavaScript - Size: 153 KB - Last synced: about 9 hours ago - Pushed: about 14 hours ago - Stars: 22 - Forks: 1
project-copacetic/copacetic
🧵 CLI tool for directly patching container images using reports from vulnerability scanners
Language: Go - Size: 10.8 MB - Last synced: about 17 hours ago - Pushed: about 18 hours ago - Stars: 812 - Forks: 54
Metarget/metarget
Metarget is a framework providing automatic constructions of vulnerable infrastructures.
Language: Python - Size: 3.53 MB - Last synced: about 18 hours ago - Pushed: 26 days ago - Stars: 1,015 - Forks: 161
Metarget/k0otkit
k0otkit is a universal post-penetration technique which could be used in penetrations against Kubernetes clusters.
Language: Shell - Size: 4.64 MB - Last synced: about 18 hours ago - Pushed: over 2 years ago - Stars: 263 - Forks: 50
cdk-team/CDK
📦 Make security testing of K8s, Docker, and Containerd easier.
Language: Go - Size: 9.44 MB - Last synced: 4 days ago - Pushed: 4 days ago - Stars: 3,674 - Forks: 529
trendmicro/tmas-scan-action
Vision One Container Security Scan Action
Language: Shell - Size: 30.3 KB - Last synced: 5 days ago - Pushed: 3 months ago - Stars: 6 - Forks: 3
jetstack/paranoia
Inspect certificate authorities in container images
Language: Go - Size: 307 KB - Last synced: about 3 hours ago - Pushed: 10 days ago - Stars: 219 - Forks: 8
sysdiglabs/kube-psp-advisor
Help building an adaptive and fine-grained pod security policy
Language: Go - Size: 253 KB - Last synced: 3 days ago - Pushed: 7 months ago - Stars: 328 - Forks: 41
koslib/awesome-containerized-security
A collection of tools to improve your containerized apps security posture
Size: 51.8 KB - Last synced: 2 days ago - Pushed: about 1 month ago - Stars: 124 - Forks: 12
madhuakula/kubernetes-goat
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀
Language: HTML - Size: 122 MB - Last synced: 21 days ago - Pushed: about 2 months ago - Stars: 3,877 - Forks: 650
vchinnipilli/kubestriker
A Blazing fast Security Auditing tool for Kubernetes
Language: Python - Size: 22 MB - Last synced: 16 days ago - Pushed: about 2 months ago - Stars: 979 - Forks: 106
Code-Triarii/ccse-ccsne-cks-cka-road-to-container-expert-trainings-security
This repository contains useful resources for preparing and obtaining the CCSE (Certified Container Security Expert) certification of practical devsecops organizations.
Language: Shell - Size: 8.55 MB - Last synced: 27 days ago - Pushed: 27 days ago - Stars: 0 - Forks: 0
mathieu-benoit/kubernetes-security
WIP - List of best practices about Security with Kubernetes and containers
Size: 10.7 KB - Last synced: about 1 month ago - Pushed: about 1 year ago - Stars: 0 - Forks: 0
mathieu-benoit/cartservice 📦
My own cartservice coming from the GoogleCloudPlatform/microservices-demo repository
Language: C# - Size: 346 KB - Last synced: about 1 month ago - Pushed: over 1 year ago - Stars: 0 - Forks: 2
blues-man/vote-app-gitops
A demo of cloud-native Inner Loop and Outer Loop controlling a 2-tier app (Python + Go) with Red Hat OpenShift using Tekton Pipelines, Argo CD GitOps, Eclipse Che aka OpenShift DevSpaces and Quay.io registry
Language: Smarty - Size: 2.82 MB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 11 - Forks: 43
wazuh/wazuh
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
Language: C - Size: 356 MB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 9,056 - Forks: 1,425
Metarget/awesome-cloud-native-security
awesome resources about cloud native security 🐿
Size: 83 KB - Last synced: about 18 hours ago - Pushed: 7 months ago - Stars: 299 - Forks: 51
ErdemOzgen/DevSecOpsBuilder
Automatic DevSecOps builder
Language: Python - Size: 1.52 MB - Last synced: about 2 months ago - Pushed: about 2 months ago - Stars: 6 - Forks: 2
brant-ruan/awesome-container-escape
collections of container escape techniques 🐿
Size: 4.88 KB - Last synced: 21 days ago - Pushed: about 3 years ago - Stars: 64 - Forks: 11
pjbgf/zaz 📦
A command line tool to automatically generate seccomp profiles.
Language: Go - Size: 2.16 MB - Last synced: about 1 month ago - Pushed: about 3 years ago - Stars: 24 - Forks: 4
CanonicalLtd/canonical-kubernetes-third-party-integrations 📦
Official repository for Canonical Kubernetes Third Party Integration Documentation
Size: 3.59 MB - Last synced: about 1 month ago - Pushed: over 5 years ago - Stars: 10 - Forks: 4
slimdevops/slim-containers
Tutorials, examples, and streaming notes
Language: Python - Size: 140 MB - Last synced: 22 days ago - Pushed: about 1 year ago - Stars: 21 - Forks: 8
chaitin/veinmind-tools
veinmind-tools 是由长亭科技自研,基于 veinmind-sdk 打造的容器安全工具集
Language: Go - Size: 20.1 MB - Last synced: 2 months ago - Pushed: 4 months ago - Stars: 1,452 - Forks: 172
r0binak/MTKPI
🧰 Multi Tool Kubernetes Pentest Image
Language: Shell - Size: 8.36 MB - Last synced: 2 months ago - Pushed: 7 months ago - Stars: 189 - Forks: 13
CloudDefenseAI/falco_extended_rules
Curating Falco rules with MITRE ATT&CK Matrix
Language: Python - Size: 102 KB - Last synced: 3 months ago - Pushed: 3 months ago - Stars: 62 - Forks: 9
chaitin/libveinmind
一个由长亭自研,直观而可扩展的容器安全 SDK
Language: Go - Size: 277 KB - Last synced: 27 days ago - Pushed: 12 months ago - Stars: 115 - Forks: 19
syn-4ck/fafnir-sec
fafnir-sec is an open-source tool that allows for the complete automation of launching different security tools detecting vulnerabilities in the application's code.
Language: Python - Size: 14.3 MB - Last synced: 3 months ago - Pushed: 3 months ago - Stars: 2 - Forks: 0
falcosecurity-retire/falco-security-workshop 📦
Container Security Workshop covering using Falco on Kubernetes.
Language: Python - Size: 4.59 MB - Last synced: 3 months ago - Pushed: about 3 years ago - Stars: 104 - Forks: 41
Vinum-Security/kubernetes-security-checklist
Kubernetes Security Checklist and Requirements - All in One (authentication, authorization, logging, secrets, configuration, network, workloads, dockerfile)
Size: 111 KB - Last synced: 3 months ago - Pushed: over 2 years ago - Stars: 450 - Forks: 88
twistlock/whoc
A container image that exfiltrates the underlying container runtime to a remote server
Language: C - Size: 206 KB - Last synced: 2 months ago - Pushed: over 1 year ago - Stars: 125 - Forks: 11
mikeroyal/OpenShift-Guide
OpenShift Guide. Learn about the Red Hat OpenShift Container Platform, Data Science, Code Ready Containers, Podman, Buildah, and Kubernetes.
Language: Python - Size: 247 KB - Last synced: 5 months ago - Pushed: 5 months ago - Stars: 130 - Forks: 28
0xN3utr0n/Kanis
Advanced threat detection solution for Linux.
Language: Go - Size: 151 KB - Last synced: 3 months ago - Pushed: over 3 years ago - Stars: 33 - Forks: 4
mathieu-benoit/mathieu-benoit.github.io
The content of my blog hosted at: https://mathieu-benoit.github.io/
Language: HTML - Size: 3.9 MB - Last synced: 27 days ago - Pushed: 27 days ago - Stars: 2 - Forks: 3
grantseltzer/karn
Simplifying Seccomp enforcement in containerized or non-containerized apps
Language: Go - Size: 3.49 MB - Last synced: 7 months ago - Pushed: over 3 years ago - Stars: 110 - Forks: 13
ellerbrock/docker-security-images
:closed_lock_with_key: Docker Container for Penetration Testing & Security
Size: 5.86 KB - Last synced: 7 months ago - Pushed: over 5 years ago - Stars: 206 - Forks: 34
AkihiroSuda/cni-isolation 📦
CNI Bridge Isolation Plugin (Merged into the firewall plugin v1.1.0)
Language: Go - Size: 69.3 KB - Last synced: about 1 month ago - Pushed: about 2 years ago - Stars: 9 - Forks: 1
paulveillard/cybersecurity-container-security
An ongoing & curated collection of awesome frameworks, and most important libraries, videos, learning tutorials , tools and and cool stuff about containers.
Language: Shell - Size: 3.57 MB - Last synced: 9 months ago - Pushed: over 1 year ago - Stars: 27 - Forks: 3
onzack/kube-scout
Vulnerability Management Tool for Kubernetes and Containers
Language: Vue - Size: 111 KB - Last synced: 9 months ago - Pushed: over 1 year ago - Stars: 6 - Forks: 1
HoussemDellai/kubernetes-allowed-registries-policy
Demoing whitelisting Container Registries in Kubernetes using OPA/Gatekeeper policy.
Size: 364 KB - Last synced: 9 months ago - Pushed: over 3 years ago - Stars: 5 - Forks: 7
sysdiglabs/security-playground
This is a sample application which runs an HTTP web server and allows to read and write files and exec commands
Language: Python - Size: 23.4 KB - Last synced: 10 months ago - Pushed: about 1 year ago - Stars: 2 - Forks: 8
litneet64/containerized-bomb-disposal
Set of dockerfiles meant for throw-away instances that achieve a singular purpose: to "safely" interact (run, play, unzip, etc) with programs or files without the need of a full VM to avoid compromise of the host machine. Think of it as a bomb disposal device for files you don't trust that much but still need to run, unzip or play.
Language: Dockerfile - Size: 41 KB - Last synced: 10 months ago - Pushed: over 3 years ago - Stars: 0 - Forks: 0
kube-tarian/sigrun
Sign your artifacts, source code or container images using Sigstore tools, Save the Signatures you want to use, and Validate & Control the deployments to allow only the known Sources based on Signatures, Maintainers & other payloads automatically.
Language: Go - Size: 702 KB - Last synced: 10 months ago - Pushed: 10 months ago - Stars: 11 - Forks: 3
null-open-security-community/Cloud-Project
Size: 6.84 KB - Last synced: 3 days ago - Pushed: over 3 years ago - Stars: 7 - Forks: 2
darkwizard242/ansible-role-trivy
Ansible role for Trivy. Available on Ansible Galaxy.
Language: Python - Size: 43.9 KB - Last synced: about 1 year ago - Pushed: about 1 year ago - Stars: 3 - Forks: 0
lawndoc/seccomp-ci-demo
Automate seccomp filter generation in your CI pipeline
Language: Python - Size: 24.4 KB - Last synced: 21 days ago - Pushed: about 1 year ago - Stars: 0 - Forks: 2
felipecosta09/c1cs
Trend Micro Cloud One Container Security Scan Action
Language: Shell - Size: 38.1 KB - Last synced: about 1 year ago - Pushed: about 1 year ago - Stars: 1 - Forks: 1
fortify/fortify-ssc-parser-tenable-io-cs
Fortify SSC Parser Plugin for Tenable.io Container Security results
Language: Java - Size: 146 KB - Last synced: 29 days ago - Pushed: about 1 year ago - Stars: 1 - Forks: 0
mmadil/pwnage
Sample container image to demonstrate attack scenarios in containerized cluster environments.
Language: Dockerfile - Size: 2.93 KB - Last synced: about 1 month ago - Pushed: almost 3 years ago - Stars: 2 - Forks: 0
anchore/ci-tools 📦
Contains scripts for running anchore engine in CI pipelines
Language: Shell - Size: 373 KB - Last synced: about 1 year ago - Pushed: almost 2 years ago - Stars: 35 - Forks: 33
lightspin-tech/eks-creation-engine
The Amazon Elastic Kubernetes Service (EKS) Creation Engine (ECE) is a Python command-line program created by the Lightspin Office of the CISO to facilitate the creation and enablement of secure EKS Clusters.
Language: Python - Size: 85.9 KB - Last synced: about 1 year ago - Pushed: over 1 year ago - Stars: 39 - Forks: 12
nikhilnayak98/csvs
Security for Virtualization Systems Project
Language: Shell - Size: 118 KB - Last synced: about 1 year ago - Pushed: almost 2 years ago - Stars: 0 - Forks: 0
bsteen/cloud-covert-channels 📦
Creating covert channels in Linux-based cloud container environments
Language: C - Size: 2.45 MB - Last synced: about 1 year ago - Pushed: about 2 years ago - Stars: 1 - Forks: 2
veilair/docker-development
An ongoing curated list of awesome frameworks, important books, articles, talks, libraries, learning tutorials, best practices and technical resources about Docke
Size: 375 KB - Last synced: 4 months ago - Pushed: over 2 years ago - Stars: 1 - Forks: 0
anchore/circleci-orbs
Repo for all Anchore circleci orb source code
Language: JavaScript - Size: 84 KB - Last synced: about 1 year ago - Pushed: over 2 years ago - Stars: 0 - Forks: 5
rahulroy1/oc-container-runtime-security
Implementing Container Runtime security monitoring in Redhat Openshift using Falco
Size: 987 KB - Last synced: about 1 year ago - Pushed: almost 3 years ago - Stars: 2 - Forks: 0
stelligent/aws-anchore-engine-scanner
This guide details steps and procedures you can follow to create, launch and implement your own standalone container scanning solution within AWS ecosystem. This approach uses an opensource container scanning tool called Anchore Engine as a proof-of-concept and provides examples of how Anchore integrates with your favorite CI/CD systems orchestration platforms.
Language: Python - Size: 961 KB - Last synced: about 1 year ago - Pushed: over 4 years ago - Stars: 8 - Forks: 3
sysdiglabs/secure-image-scanning
Image scanning with Sysdig Secure
Language: Shell - Size: 13.7 KB - Last synced: about 1 year ago - Pushed: about 4 years ago - Stars: 0 - Forks: 3