Zero-ETL, infinite possibilities. Live query APIs, code & more with SQL. No DB required.

Data pipelines for cloud config and security data. Build cloud asset inventory, CSPM, FinOps, and vulnerability management solutions. Extract from AWS, Azure, GCP, and 70+ cloud and SaaS sources.

Open Source, Google Zanzibar-inspired database for scalably storing and querying fine-grained authorization data

Open device management

wazero: the zero dependency WebAssembly runtime for Go developers

Build powerful pipelines in any programming language.

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

Linux Runtime Security and Forensics using eBPF

Go assembly and source viewer

Digging Deeper....

notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)

Main repository for Datadog Agent

KubeLinter is a static analysis tool that checks Kubernetes YAML files and Helm charts to ensure the applications represented in them adhere to best practices.

Generate an IAM policy from AWS, Azure, or Google Cloud (GCP) calls using client-side monitoring (CSM) or embedded proxy

IPv4 and IPv6 userland network stack

Real-time HTTP Intrusion Detection

Write tests against structured configuration data using the Open Policy Agent Rego query language

Hardentools simply reduces the attack surface on Microsoft Windows computers by disabling low-hanging fruit risky features.

The production-scale datacenter profiler (C/C++, Go, Rust, Python, Java, NodeJS, .NET, PHP, Ruby, Perl, ...)

The Unikernel & MicroVM Compilation and Deployment Platform

Software sandbox for storage of sensitive information in memory.

A crazy fast analytical database, built on bitmaps. Perfect for ML applications. Learn more at: http://docs.featurebase.com/. Start a Docker instance: https://hub.docker.com/r/featurebasedb/feature…

Six Degrees of Domain Admin

Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.

Copy/paste anything over the network.

Lightweight service virtualization/ API simulation / API mocking tool for developers and testers

Prometheus exporter for custom eBPF metrics

Adversary tradecraft detection, protection, and hunting

A Go unikernel running on x86 bare metal

☁️ ⚡ Granular, Actionable Adversary Emulation for the Cloud