kubeshark
metlo
kubeshark | metlo | |
---|---|---|
16 | 21 | |
10,562 | 1,567 | |
0.9% | 0.6% | |
9.4 | 6.0 | |
6 days ago | 11 days ago | |
Go | TypeScript | |
Apache License 2.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
kubeshark
-
Show HN: Alaz: Open-Source, Self-Hosted, eBPF-Based K8s Monitoring
The one similar product I had come across is Kubeshark (https://github.com/kubeshark/kubeshark). But admittedly the eBPF way seems more performant theoretically (given you can afford to have a modern-enough kernel). I'm really excited to see how this project develops out.
The eBPF-mode of innovation is pretty exciting, truly a fresh lens to building software. I'm also following Akita Software - the company building an eBPF paradigm of monitoring.
-
Top open source security devtools you need to know about
GitHub: https://github.com/kubeshark/kubeshark Website: https://kubeshark.co/
-
Can't make kubeshark work
Can you send us the logs using: `kubeshark logs` (you can also use the issues page or slack)
-
Diagnosing high Cloud NAT usage for a CI cluster
Yes there are, but Cloud NAT alone won't be able to help you with that. You can either use a standalone proxy or a 3rd party firewall appliance through which you can route your traffic, or use more modern approaches with tools such as Kubeshark or Cillium.
-
Monitoring service network traffic
https://github.com/kubeshark/kubeshark - somewhat like Wireshark for Kubernetes. LMK if you have any questions
-
Tips on enumerating unknown APIs in my environment?
For example, this open-source project gives instant visibility into API traffic in kubernetes environments: https://github.com/kubeshark/kubeshark
-
Kubeshark PCAP Export
Check out the GitHub repository: https://github.com/kubeshark/kubeshark
- Kubeshark: The API Traffic Viewer for Kubernetes
metlo
-
Using Metlo to Secure My Personal Finance App
So far, I’ve been using Metlo's protection features to initially test out its capabilities on my app, but there’s still a whole other Testing feature that it has that I'm starting to look into. Everything I’ve tried out has been pretty quick and easy so hopefully I can play around with the Testing more to help me catch any other authentication or authorization vulnerabilities that might exist in my app. If this is something that interests you, you can check it out at https://metlo.com .
- Top open source security devtools you need to know about
- Open Source API Security Tool
- OS API Inventory and Testing Tool
-
Show HN: Quickly Create Security Tests for All Your APIs (YC S21)
* Once you have the right templates you can build rules to apply these templates to many endpoints at once (https://docs.metlo.com/docs/test-rules). This makes it possible to write hundreds of tests against your API in just a few clicks :)
We have more info on our docs here: https://docs.metlo.com/docs/writing-a-test. And here's a demo video if you’d like a quick walk-through :) https://www.loom.com/share/f342f186e756489aa7a500be875a5539
We’d love to hear your thoughts!
[0] https://github.com/metlo-labs/metlo
-
Launch HN: Metlo (YC S21) – Open-source software for securing your APIs
Our website is at https://metlo.com, repo is at https://github.com/metlo-labs/metlo. There’s a demo video here: https://www.loom.com/share/2c38c731cf044288995e5ee2566528a7. Check out our sandbox at https://demo.metlo.com (no email required). You can get started with our hosted service (in Beta) for free at https://app.metlo.com/signup (there’s an always free tier, and paid tier is not enforced yet) , or you can self-host by following the instructions at https://docs.metlo.com/docs/deploy-to-aws.
- Metlo: Open-source API security platform
What are some alternatives?
kui - A hybrid command-line/UI development experience for cloud-native development
stepci - Automated API Testing and Quality Assurance
ksniff - Kubectl plugin to ease sniffing on kubernetes pods using tcpdump and wireshark
helmet - Help secure Express apps with various HTTP headers
cli - Snyk CLI scans and monitors your projects for security vulnerabilities.
Sentry - Developer-first error tracking and performance monitoring
kwok - Kubernetes WithOut Kubelet - Simulates thousands of Nodes and Clusters.
javascript-obfuscator - A powerful obfuscator for JavaScript and Node.js
fake-k8s - [Moved to https://github.com/kubernetes-sigs/kwok] fake-k8s is a tool for running Fake Kubernetes clusters, It can be used as an alternative to Kind in some scenarios where you don’t need to actually run the Pod
juice-shop - OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
alaz - Alaz: Advanced eBPF Agent for Kubernetes Observability – Effortlessly monitor K8s service interactions and performance metrics in your K8s environment. Gain in-depth insights with service maps, metrics, distributed tracing, and more, while staying alert to crucial system anomalies 🐝
sso-wall-of-shame - A list of vendors that treat single sign-on as a luxury feature, not a core security requirement.