FireCrackManager is a MicroVM management daemon for Firecracker.

The SPIFFE Project

Cybersecurity AI (CAI), the framework for AI Security

🚀2.3x faster than MinIO for 4KB object payloads. RustFS is an open-source, S3-compatible high-performance object storage system supporting migration and coexistence with other S3-compatible platfor…

some useful dialogs like a virtual keyboard or color picker for touchOSC

A cross-platform Rust CLI/daemon MITM proxy that anonymizes browser traffic

DSPy: The framework for programming—not prompting—language models

The missing utility in kubectl to help you inspect container images on your pods and nodes.

ClickGraph is an open-source graph query layer on top of ClickHouse, written in Rust, turning an existing ClickHouse database into a graph view in minutes.

A modern platform for visual, flexible, and extensible graph-based investigations. For cybersecurity analysts and investigators.

A restricted execution environment for Python to run untrusted code.

A GitHub Action that runs a command in a gVisor sandbox

Orchestrate end-to-end encryption, cryptographic identities, mutual authentication, and authorization policies between distributed applications – at massive scale.

Diagram as Code Tool Written in Rust with Draggable Editing

The best ChatGPT that $100 can buy.

An audio server, programming language, and IDE for sound synthesis and algorithmic composition.

Run Windows apps on 🐧 Linux with ✨ seamless integration

BPF-based packet filtering framework

Tokenex is a Go library that securely exchanges identity tokens for temporary cloud credentials, with built-in support for AWS, GCP, Azure, OCI, Kubernetes, and OAuth2.

A lightweight process isolation tool that utilizes Linux namespaces, cgroups, rlimits and seccomp-bpf syscall filters, leveraging the Kafel BPF language for enhanced security.

Low-level unprivileged sandboxing tool used by Flatpak and similar projects

An nsjail Docker image for CTF pwnables. Easily create secure, isolated xinetd/inetd-style services.

A next-generation HTTP stealth proxy which perfectly cloaks requests as the Chrome browser across all layers of the stack.

Userspace eBPF runtime for Observability, Network, GPU & General Extensions Framework

OSC to midi for the Raspberry Pi

Optimize your Linux system for low latency audio

Bring your .bashrc, .vimrc, etc. with you when you ssh

⚡ fast dns proxy that can run anywhere, built to black-hole internet advertisements and malware servers

Fast and lightweight DNS proxy as ad-blocker for local network with many features

Access, a centralized portal for employees to transparently discover, request, and manage their access for all internal systems needed to do their jobs