A tool for exploring each layer in a docker image

An open source, self-hosted implementation of the Tailscale control server

The Single Sign-On Multi-Factor portal for web apps

Find, verify, and analyze leaked credentials

⬆️ ☠️ 🔥 Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock

ebpf-go is a pure-Go library to read, modify and load eBPF programs and attach them to various hooks in the Linux kernel.

Reconnaissance tool for GitHub organizations

Boundary enables identity-based access management for dynamic infrastructure.

Crash your app in style (Golang)

Generate an IAM policy from AWS, Azure, or Google Cloud (GCP) calls using client-side monitoring (CSM) or embedded proxy

Real-time HTTP Intrusion Detection

Write tests against structured configuration data using the Open Policy Agent Rego query language

Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start

A versatile and portable proxy for capturing, manipulating, and replaying HTTP/HTTPS traffic on the go.

A lightweight LDAP server for development, home use, or CI

sq data wrangler

A static analysis tool for securing Go code

A Kubernetes operator for running synthetic checks as pods. Works great with Prometheus!

Flow collector, enricher and visualizer

colorizes kubectl output

Superseded by https://github.com/aquasecurity/trivy-operator

Network address types

ChopChop is a CLI to help developers scanning endpoints and identifying exposition of sensitive services/files/folders.

prometheus mikrotik device(s) exporter

print x509 certificate info

gtm (go tail mongo) is a MongoDB event listener

PassiveDNS in Go

Package ipaddr provides basic functions for the manipulation of IP address prefixes and subsequent addresses as described in RFC 4632 and RFC 4291

Package ethtool allows control of the Linux ethtool generic netlink interface. MIT Licensed.

c-binding free API for golang to communicate with the log subsystem of netfilter