Cloudsplaining Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized HTML report. Cloudsplaining identifies violations of least privilege in AWS IAM policies and generates a...
grapheneX In computing, hardening is usually the process of securing a system by reducing its surface of vulnerability, which is larger when a system performs more functions; in principle a single-function system is more...
The Auditor app uses hardware-based security features to validate the identity of a device, along with the authenticity and integrity of the operating system. It ensures the device is running a verified operating system with a...
NamedPipeMaster NamedPipeMaster is a versatile tool for analyzing and monitoring in named pipes. It includes Ring3NamedPipeConsumer for direct server interaction, Ring3NamedPipeMonitor for DLL-based API hooking and data collection, and Ring0NamedPipeFilter for comprehensive system-wide monitoring....
osctrl osctrl is a fast and efficient osquery management solution, implementing its remote API as a TLS endpoint. With osctrl, you can monitor all your systems running osquery, distribute its configuration fast, collect all the status and result logs,...
NetAlertX – Network scanner & notification framework Get visibility of what’s going on on your WIFI/LAN network. Schedule scans for devices, port changes and get alerts if unknown devices or changes are found. Write...
BotKube BotKube integration with Slack, Mattermost, or Microsoft Teams helps you monitor your Kubernetes cluster, debug critical deployments, and gives recommendations for standard practices by running checks on the Kubernetes resources. You can also ask BotKube to execute...
The Bastion Bastions are a cluster of machines used as the unique entry point by operational teams (such as sysadmins, developers, database admins, …) to securely connect to devices (servers, virtual machines, cloud instances,...
cilium: eBPF-based Networking, Security, and Observability Cilium is open source software for providing and transparently securing network connectivity and load-balancing between application workloads such as application containers or processes. Cilium operates at Layer 3/4...
pmacct pmacct is a small set of multi-purpose passive network monitoring tools. It can account, classify, aggregate, replicate and export forwarding-plane data, ie. IPv4 and IPv6 traffic; collect and correlate control-plane data via BGP...
Open Source API Firewall API Firewall is a high-performance proxy with API request and response validation based on OpenAPI/Swagger schema. It is designed to protect REST API endpoints in cloud-native environments. It provides API...
Attack Flow The Attack Flow project helps defenders move from tracking adversary behaviors individually to the sequence of techniques adversaries use to achieve their goals. Understanding the context within those sequences, as well as...
Nightingale Nightingale is an enterprise-level cloud-native monitoring system, which can be used as a drop-in replacement for Prometheus for alerting and management. Nightingale is a cloud-native monitoring system by All-In-On design, that supports enterprise-class...
Stealth Guardian Performing adversary simulation exercises is a time-consuming task, especially when developing new attack mechanisms and testing those against defence systems that have been deployed to the target. With this tool, we have...
logdata-anomaly-miner This tool parses log data and allows to definition of analysis pipelines for anomaly detection. It was designed to run the analysis with limited resources and the lowest possible permissions to make it...
Hubble Hubble is a fully distributed networking and security observability platform for cloud-native workloads. It is built on top of Cilium and eBPF to enable deep visibility into the communication and behavior of services as well as...
