SmokedMeat: Open-source tool shows what attackers do inside CI/CD pipelines - Help Net Security

Boost Security has released SmokedMeat, an open-source framework designed to simulate attacker chains against CI/CD infrastructure, demonstrating the real-world impact of vulnerabilities. This tool helps engineering and security teams visualize and prioritize remediation by executing live attack scenarios, from runner compromise to cloud pivoting, based on specific pipeline weaknesses.