Category: Defense

Kubernetes policy engine

Polaris v8.5.1 releases: open source policy engine for Kubernetes

Polaris Securing workloads in Kubernetes is an important part of overall cluster security. The overall goal should be to ensure that containers are running with as minimal privileges as possible. This includes avoiding privilege...

active deception

mimicry: active deception in exploitation and post-exploitation

Mimicry Mimicry is a security tool developed by Chaitin Technology for active deception in exploitation and post-exploitation. Active deception can live to migrate the attacker to the honeypot without awareness. We can achieve a...

API security platform

metlo v1.0.1 releases: open-source API security platform

Metlo Metlo is an open-source API security platform Create an Inventory of all your API Endpoints. Proactively test your APIs before they go into production. Detect API attacks in real-time. Features   Endpoint Discovery –...

prevent subdomain takeover

domain-protect v0.4.4 releases: prevent subdomain takeover

domain-protect scan Amazon Route53 across an AWS Organization for domain records vulnerable to takeover scan Cloudflare for vulnerable DNS records take over vulnerable subdomains yourself before attackers and bug bounty researchers automatically create known issues in Bugcrowd or HackerOne...

Linux Kernel Runtime Integrity

krie: Linux Kernel Runtime Integrity with eBPF

KRIe KRIe is a research project that aims to detect Linux Kernel exploits with eBPF. KRIe is far from being a bulletproof strategy: from eBPF-related limitations to post exploitation detections that might rely on...