Show HN: SmokedMeat, like Metasploit, but for CI/CD (open-source)

Category: security

Tags: security-testing, ci-cd, red-teaming, supply-chain-security, pentesting

Score: 7.3/10 (Innovation: 7, Technical: 8, Documentation: 8, Utility: 6)

SmokedMeat is a post-exploitation red team framework specifically designed for CI/CD pipelines, enabling security teams to test and demonstrate supply chain attack techniques. It's interesting because it applies Metasploit-like offensive security concepts to the under-secured CI/CD domain, featuring automated workflow analysis, implant deployment, secret extraction, and cloud pivoting capabilities.

Target audience: security engineers, pentesters, devops, red teams

Repository: https://github.com/boostsecurityio/smokedmeat · Go · AGPL-3.0 · 33 stars

View on Hacker News