ybelMekk

ybelMekk's Stars

• aquasecurity/trivy

  Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

  Language:Go23.1k2.3k

• apple/pkl-go-examples

  Examples for using Pkl within Go applications

  Language:Go16011

• sigstore/helm-charts

  Helm charts for sigstore project

  Language:Smarty6593

• aquasecurity/trivy-operator

  Kubernetes-native security toolkit

  Language:Go1.2k202

• aquasecurity/trivy-action

  Runs Trivy as GitHub action to scan your Docker container image for vulnerabilities

  Language:Shell789228

• actions/attest-sbom

  Action for generating SBOM attestations for workflow artifacts

  Language:TypeScript194

• DependencyTrack/hyades

  Incubating project for decoupling responsibilities from Dependency-Track's monolithic API server into separate, scalable services.

  Language:Java5918

• DependencyTrack/helm-charts

  Helm Charts for Dependency-Track

  Language:Smarty2221

• DependencyTrack/dependency-track

  Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

  Language:Java2.6k552

• ossf/scorecard-action

  Official GitHub Action for OpenSSF Scorecard.

  Language:Go25470

• rapid7/metasploit-framework

  Metasploit Framework

  Language:Ruby33.9k13.9k

• slsa-framework/slsa-github-generator

  Language-agnostic SLSA provenance generation for Github Actions

  Language:Go417128

• nais/salsa-workshop

  SLSA Workshop

  Language:Go429

• navikt/mock-oauth2-server

  A scriptable/customizable web server for testing HTTP clients using OAuth2/OpenID Connect or applications with a dependency to a running OAuth2 server (i.e. APIs requiring signed JWTs from a known issuer)

  Language:Kotlin24057

• nais/azurerator

  Kubernetes Operator for automated registration of Azure AD applications

  Language:Go132

• sigstore/k8s-manifest-sigstore

  kubectl plugin for signing Kubernetes manifest YAML files with sigstore

  Language:Go7821

• nais/tokendings

  Service implementing some parts of OAuth 2.0 Token Exchange (https://www.rfc-editor.org/rfc/rfc8693.html)

  Language:Kotlin163

• sethvargo/ratchet

  A tool for securing CI/CD workflows with version pinning.

  Language:Go77132

• nais/salsa

  SLSA level 3 action

  Language:Go111

• sigstore/rekor-operator

  K8S Operator for Rekor

  Language:Go2010

• goreleaser/goreleaser

  Deliver Go binaries as fast and easily as possible

  Language:Go13.7k930

• philips-labs/slsa-provenance-action

  Github Action implementation of SLSA Provenance Generation

  Language:Go4718

• sigstore/cosign

  Code signing and transparency for containers and binaries

  Language:Go4.4k543

• nais/wonderwall

  openid connect relying party as a sidecar/service

  Language:Go213

• nais/hahaha

  the villain that eliminates helpless sidecars

  Language:Rust52

• slsa-framework/github-actions-demo

  Proof-of-concept SLSA provenance generator for GitHub Actions

  Language:Go9923

• sigstore/fulcio

  Sigstore OIDC PKI

  Language:Go648138

• slsa-framework/slsa

  Supply-chain Levels for Software Artifacts

  Language:Shell1.5k222

• in-toto/attestation

  in-toto Attestation Framework

  Language:Go23259

• nais/device

  naisdevice is a application suite that enables NAV developers to connect to internal resources in a secure and friendly manner.

  Language:Go176