by andriejsazanowicz
GitLeaks is an open source tool used to detect and prevent secrets like passwords, api-keys, tokens be checked in to git repository. The main advantage of GitLeaks is that it not only scans your latest source code but also the entire git history identifying any secrets committed to your source code in the past as … Read more
CheckovĀ is a static code analysis tool for infrastructure as code (IaC) and also a software composition analysis (SCA) tool for images and open source packages. This is easy way to perform composition analysis any kind of cloud infrastructure. It supports AWS, Azure, GCP including Terraform, Terraform plan, AWS Cloudformation, Kubernetes, Helm charts, Dockerfile, Bicep, OpenAPI … Read more
Poisoned Pipeline Execution (PPE) is a pentesting methodology and attack vector abuses permissions against an SCM repository, in a way that causes a CI pipeline to execute malicious commands. Users that have permissions to manipulate the CI configuration files, or other files which the CI pipeline job relies on, can modify them to contain malicious … Read more