A vulnerability scanner for container images and filesystems
A vulnerability scanner for container images and filesystems.
A secrets management tool for developers built in Go
Never leave your terminal to use secrets while developing, testing, and building your apps.
A free and open-source password manager for the command-line
Kure is a free and open-source password manager for the command-line.
Real-time HTTP Intrusion Detection in golang
Real-time HTTP Intrusion Detection.
Automatically exploit low-hanging fruit to pop a root shell
Automatically exploit low-hanging fruit to pop a root shell. Linux privilege escalation made easy!
Linux Runtime Security and Forensics using eBPF
Tracee is a Runtime Security and forensics tool for Linux.
Define and run pattern-based custom linting rules
analysis-based Go linter that runs dynamically loaded rules.
Cloudflare Interoperable Reusable Cryptographic Library
CIRCL (Cloudflare Interoperable, Reusable Cryptographic Library) is a collection of cryptographic primitives written in Go.
A hackable malware sandbox for the 21st Century
Saferwall is an open source malware analysis platform.
OSS Security Scorecards with golang
OSS Security Scorecards with golang.
Go Library for safe type conversion to prevent integer overflow
Library for safe type conversion in Go.
Find GitHub secrets in real time
Shhgit finds secrets and sensitive files across GitHub code and Gists committed in near real time by listening to the GitHub Events API.
Performing security tests inside your CI
huskyCI is an open-source tool that performs security tests inside CI pipelines of multiple projects and centralizes all results into a database for further analysis and metrics.
Cameradar hacks its way into RTSP videosurveillance cameras
An RTSP stream access tool that comes with its library.
An in-memory application driven jailer built in the spirit of fail2ban
BadActor is an in-memory, application driven jailer built in the spirit of fail2ban.
Argon2 password hash generation with constant-time password comparison
Argon2 password hashing package with constant time hash comparison.
Database protection suite with selective encryption and intrusion detection
Database encryption proxy for data-driven apps: strong selective encryption, SQL injections prevention, intrusion detection, honeypots.
An automatic certificate acquisition tool for ACME
acmetool is an easy-to-use command line tool for automatically acquiring certificates from ACME servers (such as Let's Encrypt).
Related tools for secure automated certificate management
An online certificate authority and related tools for secure automated certificate management, so you can use TLS everywhere.