Securing open-source package ecosystems by originating, validating, and augmenting build attestations.

Crypto is a collection of packages used by Smallstep products

Fast and efficient osquery management

Raster to Vector Graphics Converter

Open-source platform for IT, security, and infrastructure teams. (Linux, macOS, Chrome, Windows, cloud, data center)

macOS Security Compliance Project

A Secure Enclave Token Driver Smartcard Extension

Code signing and transparency for containers and binaries

Go language API for ecobee

HIBA is a system built on top of regular OpenSSH certificate-based authentication that allows to manage flexible authorization of principals on pools of target hosts without the need to push custom…

Tink is a multi-language, cross-platform, open source library that provides cryptographic APIs that are secure, easy to use correctly, and hard(er) to misuse.

Software Supply Chain Transparency Log

⬆️ ☠️ 🔥 Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock

Feed parsing for language package manager updates

🔤 A list of all the public package names on npm. Updated daily.

A command-line tool to get valuable information out of AWS CloudTrail

The Go Cloud Development Kit (Go CDK): A library and tools for open cloud development in Go.

OpenSSF Scorecard - Security health metrics for Open Source

The purpose of the Metrics & Metadata (formerly Identifying Security Threats) working group is to enable stakeholders to have informed confidence in the security of open source projects. We do this…

The AWS Secure Environment Accelerator is a tool designed to help deploy and operate secure multi-account, multi-region AWS environments on an ongoing basis. The power of the solution is the config…

Boundary enables identity-based access management for dynamic infrastructure.

A vault for securely storing and accessing AWS credentials in development environments

A Go library for implementing command-line interfaces.

Parsing HTML at the command line

Safety checks Python dependencies for known security vulnerabilities and suggests the proper remediations for vulnerabilities detected.

Performant type-checking for python.

Official open source SVG icon library for Bootstrap.

Hallow is a SSH Certificate Authority designed for use with AWS native environments

Make your Markdown sparkle!