A multi-platform CI/CD vulnerability detection and attack automation tool for identifying security weaknesses in pipeline configurations.
Comprehensive guide for configuring Role-Based Access Control (RBAC) in Jenkins using the Role Strategy Plugin.
CLI Vulnify - Faz o scan em seus projetos buscando por vulnerabilidades.
Jenkins plugin for Xygeni - End to end software development and delivery security
Offline Jenkins credential decryption tool for post-exploitation, red team operations, and CTFs. Decrypts credentials.xml using master.key and hudson.util.Secret without a running Jenkins instance. Supports legacy and modern encryption formats, with Docker and cross-platform support
Git-native secrets manager for teams and AI agents: age encryption, deterministic diffs, leak prevention, secure runtime injection. Dual-licensed MIT OR Apache-2.0.
Platform Security / DevSecOps reference: CVE scanning, CI/CD security gates, rollback automation, and audit trail for containerized production environments.
A production-style DevSecOps CI/CD pipeline demonstrating shift-left security with open-source tools. It performs SAST, secrets detection, dependency and container scanning, SBOM generation, and image signing before deploying to Kubernetes. The pipeline can run locally or via GitHub Actions and generates security reports for validation.
Scan CI/CD pipelines for security flaws to detect and validate software supply chain risks across major platforms.
An interactive pentesting tool to discover and test for CI/CD misconfigurations in GitHub Actions, with modes for safe testing and secret exfiltration.
🔍 Automate infrastructure security by implementing CVE scanning, CI/CD gates, secrets management, and auditability for safer production environments.
Add a description, image, and links to the ci-cd-security topic page so that developers can more easily learn about it.
To associate your repository with the ci-cd-security topic, visit your repo's landing page and select "manage topics."