kubeshark
ffuf
kubeshark | ffuf | |
---|---|---|
16 | 17 | |
10,562 | 11,417 | |
0.9% | 1.3% | |
9.4 | 5.7 | |
7 days ago | 25 days ago | |
Go | Go | |
Apache License 2.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
kubeshark
-
Show HN: Alaz: Open-Source, Self-Hosted, eBPF-Based K8s Monitoring
The one similar product I had come across is Kubeshark (https://github.com/kubeshark/kubeshark). But admittedly the eBPF way seems more performant theoretically (given you can afford to have a modern-enough kernel). I'm really excited to see how this project develops out.
The eBPF-mode of innovation is pretty exciting, truly a fresh lens to building software. I'm also following Akita Software - the company building an eBPF paradigm of monitoring.
-
Top open source security devtools you need to know about
GitHub: https://github.com/kubeshark/kubeshark Website: https://kubeshark.co/
-
Can't make kubeshark work
Can you send us the logs using: `kubeshark logs` (you can also use the issues page or slack)
-
Diagnosing high Cloud NAT usage for a CI cluster
Yes there are, but Cloud NAT alone won't be able to help you with that. You can either use a standalone proxy or a 3rd party firewall appliance through which you can route your traffic, or use more modern approaches with tools such as Kubeshark or Cillium.
-
Monitoring service network traffic
https://github.com/kubeshark/kubeshark - somewhat like Wireshark for Kubernetes. LMK if you have any questions
-
Tips on enumerating unknown APIs in my environment?
For example, this open-source project gives instant visibility into API traffic in kubernetes environments: https://github.com/kubeshark/kubeshark
-
Kubeshark PCAP Export
Check out the GitHub repository: https://github.com/kubeshark/kubeshark
- Kubeshark: The API Traffic Viewer for Kubernetes
ffuf
-
Show HN: Pfuzz, a web fuzzer following the Unix philosophy
It seems to me like "fuzzing" has a different meaning in web application penetration testing. Here, "fuzzer" is a term for tools that just generate different request using wordlists, without adding any mutations. For example, the two popular web fuzzers ffuf [1] and wfuzz [2] also call themselves fuzzers.
I see how reusing a term for a different concept is bothersome, but I feel like "fuzzer" is the term that people learning about bug bounty hunting are familiar with.
[1] https://github.com/ffuf/ffuf
[2] https://wfuzz.readthedocs.io/en/latest/
- Fast web fuzzer written in Go
-
The 36 tools that SaaS can use to keep their product and data safe from criminal hackers (manual research)
FFUF
-
Directory Discovery Tools
I've been using ffuf happily for the past couple of years however I remember seeing a post on reddit/twitter about a new "intelligent" discovery tool.
-
Pentesting Tools I Use Everyday
Learn more about ffuf here: https://github.com/ffuf/ffuf
-
Tips on enumerating unknown APIs in my environment?
Also, I see you mentioned using curl. You can checkout ffuf which is closely related but more geared towards what you're doing.
- Fastest webpath scanner out here?
-
Posodobitev orodja ffuf
git clone https://github.com/ffuf/ffuf ; cd ffuf ; go get ; go build
- ffuf - Fuzz Faster U Fool
-
Brute forcing a website link
So ffuf (https://github.com/ffuf/ffuf) or wfuzz (https://github.com/xmendez/wfuzz) are a better choice to enumerate GET/POST parameters/values.
What are some alternatives?
kui - A hybrid command-line/UI development experience for cloud-native development
gobuster - Directory/File, DNS and VHost busting tool written in Go
ksniff - Kubectl plugin to ease sniffing on kubernetes pods using tcpdump and wireshark
feroxbuster - A fast, simple, recursive content discovery tool written in Rust.
cli - Snyk CLI scans and monitors your projects for security vulnerabilities.
nuclei - Fast and customizable vulnerability scanner based on simple YAML based DSL.
kwok - Kubernetes WithOut Kubelet - Simulates thousands of Nodes and Clusters.
go-sql-driver/mysql - Go MySQL Driver is a MySQL driver for Go's (golang) database/sql package
fake-k8s - [Moved to https://github.com/kubernetes-sigs/kwok] fake-k8s is a tool for running Fake Kubernetes clusters, It can be used as an alternative to Kind in some scenarios where you donβt need to actually run the Pod
go - The Go programming language
alaz - Alaz: Advanced eBPF Agent for Kubernetes Observability β Effortlessly monitor K8s service interactions and performance metrics in your K8s environment. Gain in-depth insights with service maps, metrics, distributed tracing, and more, while staying alert to crucial system anomalies π
ksubdomain - ζ ηΆζεεεηη ΄ε·₯ε ·