slsa-github-generator
GptHidra
slsa-github-generator | GptHidra | |
---|---|---|
3 | 4 | |
378 | 296 | |
5.3% | - | |
9.0 | 5.5 | |
6 days ago | 8 months ago | |
Go | Python | |
Apache License 2.0 | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
slsa-github-generator
- SLSA up to v1.9.0 (latest) breaking GHA pipelines
-
UEFI Software Bill of Materials Proposal
https://github.com/slsa-framework/slsa-github-generator#gene... :
> Supply chain Levels for Software Artifacts, or SLSA (salsa), is a security framework, a check-list of standards and controls to prevent tampering, improve integrity, and secure packages and infrastructure in your projects, businesses or enterprises.
> SLSA defines an incrementally-adoptable set of levels which are defined in terms of increasing compliance and assurance. SLSA levels are like a common language to talk about how secure software, supply chains and their component parts really are.
- slsa-github-generator: Language-agnostic SLSA provenance generation for Github Actions
GptHidra
- UEFI Software Bill of Materials Proposal
- GptHidra – A Ghidra Plugin
-
Reverse engineer with ease using GptHIdra
Github: https://github.com/evyatar9/GptHidra
- GptHidra – Ghidra plugin that asks OpenAI Chat GPT to explain functions
What are some alternatives?
Open-Source-Security-Guide - Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.
GhidraChatGPT - Brings the power of ChatGPT to Ghidra!
slsa-provenance-action - Github Action implementation of SLSA Provenance Generation
ghidra_tools - A collection of Ghidra scripts, including the GPT-3 powered code analyser and annotator, G-3PO.
trivy - Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
slsa - Supply-chain Levels for Software Artifacts
appvm - Nix-based app VMs
in-toto - in-toto is a framework to protect supply chain integrity.
vuls - Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
trillian-examples - A place to store some examples which use Trillian APIs to build things.
gitleaks - Protect and discover secrets using Gitleaks 🔑
certificate-transparency-go - Auditing for TLS certificates (Go code)