🕵️‍♂️ Offensive Google framework.

Code signing and transparency for containers and binaries

An open-source UI-first Identity and Access Management (IAM) / Single-Sign-On (SSO) platform with web UI supporting OAuth 2.0, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, RADIUS, Goo…

Helm chart to install Vault and other associated components.

Kubernetes Connection Manager CLI

Keycloak-Clustered extends quay.io/keycloak/keycloak official Keycloak Docker image by adding JDBC_PING discovery protocol.

The easiest way to access AWS.

k8spacket - collects TCP traffic and TLS connection metadata in the Kubernetes cluster using eBPF and visualizes in Grafana

Connect your devices into a secure WireGuard®-based overlay network with SSO, MFA and granular access controls.

An open source, self-hosted implementation of the Tailscale control server

Community guide to using YubiKey for GnuPG and SSH - protect secrets with hardware crypto.

Single realm, multi-tenancy for SaaS apps

Cloudflare Tunnel client

delegated, decentralized, capabilities based authorization token

Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

Constellation is a Kubernetes distribution for confidential computing, securing entire clusters on untrusted infrastructure. Constellation is in maintenance mode. New development continues in Contr…

All-in-one Kubernetes access manager. User-level credentials, RBAC, SSO, audit logs.

RedEye is a visual analytic tool supporting Red & Blue Team operations

[Deprecated] Key Encryption Server

External Secrets Operator reads information from a third-party service like AWS Secrets Manager and automatically injects the values as Kubernetes Secrets.

An easy to set up and use SSH honeypot, a fake SSH server that lets anyone in and logs their activity

The Havoc Framework

CoreDNS external plugin to provide in-process policies as well as external policy services

An open source, cloud-native security to protect everything from build to runtime

Prevent Kubernetes misconfigurations from reaching production (again 😤 )! From code to cloud, Datree provides an E2E policy enforcement solution to run automatic checks for rule violations. See our…

Comfortably monitor your Internet traffic 🕵️‍♂️

An open-source authorization as a service inspired by Google Zanzibar, designed to build and manage fine-grained and scalable authorization systems for any application. — Permify is now part of Fus…

Open Source, Google Zanzibar-inspired database for scalably storing and querying fine-grained authorization data

Open Cyber Threat Intelligence Platform

OWASP Coraza WAF is a golang modsecurity compatible web application firewall library