loicsikidi

mkcert

A simple zero-config tool to make locally trusted development certificates with any names you'd like.

vulhub

Pre-Built Vulnerable Environments Based on Docker-Compose

clair

Vulnerability Static Analysis for Containers

falco

Cloud Native Runtime Security

scorecard

OpenSSF Scorecard - Security health metrics for Open Source

arkade

Open Source Marketplace For Developer Tools

trillian

A transparent, highly scalable and cryptographically verifiable data store.

fireprox

AWS API Gateway management tool for creating on the fly HTTP pass-through proxies for unique IP rotation

dagda

a tool to perform static analysis of known vulnerabilities, trojans, viruses, malware & other malicious threats in docker images/containers and to monitor the docker daemon and running docker containers for detecting anomalous activities

gitsign

Keyless Git signing using Sigstore

repo-info

Extended information (especially license and layer details) about the published Official Images

awesome-container-tinkering

List of awesome tools to tinker with containers.

awesome-sbom

A curated list of SBOM (Software Bill Of Materials) related tools, frameworks, blogs, podcasts, and articles

community-operators

The canonical source for Kubernetes Operators that appear on OperatorHub.io, OpenShift Container Platform and OKD.

ssc-reading-list

A reading list for software supply-chain security.

specification

OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reduction. SBOM, SaaSBOM, HBOM, AI/ML-BOM, CBOM, OBOM, MBOM, VDR, and VEX

policy

CLI for building OPA policies into OCI images

terralist

Terraform Private Registry for modules and providers manageable from a REST API

sbom-operator

Catalogue all images of a Kubernetes cluster to multiple targets with Syft

workflows-demos

A collection of Workflows samples for various use cases

SCMKit

Source Code Management Attack Toolkit

terraform-google-secure-cicd

Builds a secure CI/CD pipeline on Google Cloud

granted-approvals

Automate permissions to your cloud and critical applications.

voucher

🎟 Voucher creates attestations for Binary Authorization

gtoken

Securely access AWS services from GKE cluster

cloud-analytics

Cloud Analytics helps defenders detect attacks to their cloud infrastructure by developing behavioral analytics for cloud platforms as well as a blueprint for how others can create and use cloud analytics effectively.

image-layer-provenance

Container image provenance spec that allows tracing CVEs detected in registry images back to a CVE's source of origin.

cyclonedx-bom-exchange-api

A standard API specification for exchanging CycloneDX BOMs

secure-cicd-maven

spiffe-connector

Using SPIFFE Verifiable Identity Documents to seamlessly authenticate to existing services.