johnbillion
Follow
Lists (2)
Stars
The most advanced data processing framework allowing to build scalable data processing pipelines and move data between various data sources and destinations.
🔎 Static code analysis engine to find security issues in code.
A multifaceted security tool which leverages Public GitHub REST APIs for OSINT, Forensics, Pentesting and more.
PHP Static Analysis Tool - discover bugs in your code without running it!
The web framework for content-driven websites. ⭐️ Star to support our work!
Script to audit GitHub Action Workflow files for potential vulnerabilities.
GitHub token permissions Monitor and Advisor actions
GitHub Actions Cache Native Malware - for Educational and Research Purposes only.
A GitHub Action used for publishing an Action to ghcr.io as an OCI container.
Nord Stream is a tool that allows you to extract secrets stored inside CI/CD environments by deploying malicious pipelines. It currently supports Azure DevOps, GitHub and GitLab.
Runtime Security Solution for your CI/CD Pipeline
Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets
SARIF Microsoft Visual Studio Code extension
Official GitHub Action for OpenSSF Scorecard.
A curated list of awesome things related to securing your GitHub Actions workflows.
Pin your GitHub actions to a specific hash
Guideline of best practices to follow to configure Github Enterprise Cloud self-hosted runners in a secure way.
A CLI that update GitHub Actions's `permissions` automatically
An Action shows timeline of a workflow in a run summary.
A GitHub action that performs static analysis for shell scripts using shellcheck, shfmt and checkbashisms.
A vulnerability scanner for container images and filesystems
GitHub Attack Toolkit - Extreme Edition - A static analysis and exploit toolkit for GitHub Actions.
Anchore container analysis and scan provided as a GitHub Action