A multi-platform CI/CD vulnerability detection and attack automation tool for identifying security weaknesses in pipeline configurations.
CLI Vulnify - Faz o scan em seus projetos buscando por vulnerabilidades.
Comprehensive guide for configuring Role-Based Access Control (RBAC) in Jenkins using the Role Strategy Plugin.
Jenkins plugin for Xygeni - End to end software development and delivery security
Offline Jenkins credential decryption tool for post-exploitation, red team operations, and CTFs. Decrypts credentials.xml using master.key and hudson.util.Secret without a running Jenkins instance. Supports legacy and modern encryption formats, with Docker and cross-platform support
Git-native secrets manager for teams and AI agents: age encryption, deterministic diffs, leak prevention, secure runtime injection. Dual-licensed MIT OR Apache-2.0.
Python CLI that scans repositories for insecure CI/CD and GitHub Actions patterns, including excessive permissions, unpinned actions, and risky workflow triggers.
Platform Security / DevSecOps reference: CVE scanning, CI/CD security gates, rollback automation, and audit trail for containerized production environments.
A production-style DevSecOps CI/CD pipeline demonstrating shift-left security with open-source tools. It performs SAST, secrets detection, dependency and container scanning, SBOM generation, and image signing before deploying to Kubernetes. The pipeline can run locally or via GitHub Actions and generates security reports for validation.
An interactive pentesting tool to discover and test for CI/CD misconfigurations in GitHub Actions, with modes for safe testing and secret exfiltration.
π Automate infrastructure security by implementing CVE scanning, CI/CD gates, secrets management, and auditability for safer production environments.
Add a description, image, and links to the ci-cd-security topic page so that developers can more easily learn about it.
To associate your repository with the ci-cd-security topic, visit your repo's landing page and select "manage topics."