awesome-cicd-security
github.com/myugan/awesome-cicd-security ↗:books: A curated list of awesome CI CD security resources
Use this list with your AI agent
Add the Context Awesome MCP server to Claude, Cursor, or any MCP client, then ask:
"Show me gitlab resources from awesome-cicd-security"
Installation instructions →What's inside
Cases
- 10 real-world stories of how we’ve compromised CI/CD pipelines
- Argo CD Security Bug Opens Kubernetes Cloud Apps to Attackers
- CI/CD pipeline attacks: A growing threat to enterprise security
- Compromising CI/CD Pipelines with Leaked Credentials
- Critical vulnerability discovered in popular CI/CD framework
- GitHub Actions being actively abused to mine cryptocurrency on GitHub servers
Blogs
Tools
- actionlint
A static checker for GitHub Actions workflow files.
- Cimon
Runtime security solution for your CI/CD pipeline.
- Gato
A tool that helps blue teamers and offensive security practitioners find weaknesses in GitHub organization's public and private repositories.
- gh-hijack-runner
A python script to create a fake GitHub runner and hijack pipeline jobs to leak CI/CD secrets.
- Harden-Runner
Network egress filtering and runtime security for GitHub-hosted and self-hosted runners.
- nord-stream
Nord Stream is a tool that allows you extract secrets stored inside CI/CD environments by deploying malicious pipelines.
Videos
- Attacking Argo CD with Argo CD (and then Defending) - Michael Crenshaw, Intuit
Michael Crenshaw, Intuit
- Attacking Development Pipelines For Actual Profit
- Challenges to Securing CI/CD Pipelines
- Continuous Intrusion: Why CI Tools Are An Attacker's Best Friends
- Exploiting Continuous Integration (CI) and Automated Build systems
- How to Build a Compromise Resilient CI/CD
Playground
Showing a sample of 94 resources. View the full list on GitHub →