select * from logs; Tailpipe is an open source SIEM for instant log insights, powered by DuckDB. Analyze millions of events in seconds, right from your terminal.

Modular malware development library in Go - shellcode injection, defense evasion (AMSI/ETW/unhook), process herpaderping, C2 transport, syscall bypass, MITRE ATT&CK mapped

Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and resources.

☁️ ⚡ Granular, Actionable Adversary Emulation for the Cloud

Tool for building Kubernetes attack paths

Metamorphic Code Engine -- Self-mutating binary that rewrites itself every execution. Instruction substitution, dead code, multi-layer AES-256 encryption. Pure Go.

Fileless Persistence Engine -- 7 techniques that survive reboot without writing a single file to disk. Pure Go.

Reference implementation of the Red Team Engineering Algorithm (RTE-A): typed tasking (Go), tamper-evident audit logging (Python), and ephemeral, TTL-enforced infrastructure (Terraform) for governed adversary simulation.

GO binary for C2 over Discord

Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.

The Security Automation Toolkit

Integrate Threat Intelligence into your Notion workspace with notion-stix 🛡️

A tool to run and validate telemetry for Atomic Red Team tests

A blueteam tool to simulate attacks using Atomic Red Team and other techniques.

Go based runner for atomic red team test cases.