Skip to content
View hibare's full-sized avatar
13 followers · 38 following

Achievements

Achievement: Pull Sharkx4Achievement: Pair Extraordinairex4Achievement: QuickdrawAchievement: YOLOAchievement: Arctic Code Vault Contributor

Achievements

Achievement: Pull Sharkx4Achievement: Pair Extraordinairex4Achievement: QuickdrawAchievement: YOLOAchievement: Arctic Code Vault Contributor

Block or report hibare

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
hibare/README.md

Shubham Hibare

Security Engineer β€’ Software Supply Chain Security

πŸ“ Bengaluru, India β€’ βœ‰οΈ github@hibare.in

LinkedIn β€’ Twitter β€’ Website


🌟 Open Source Contributions

Headscale

Self-hosted Tailscale control server

Contributed Go client library β€” accepted upstream as official standalone library

TruffleHog

Secret detection engine

Hardened supply chain security with checksum signing & verification

Anchore Grype

Vulnerability scanner

Added signature verification for release artifacts

SPIFFE/SPIRE

Identity attestation framework

Identity attestation improvements across SPIRE and Helm Charts

πŸ—οΈ Enterprise Security Platforms

Software Supply Chain Security

  • Provenance attestation system
  • SLSA β€’ Sigstore β€’ SPIFFE integration
  • Lead developer

Security Scanning Orchestration

  • Multi-scanner platform
  • SBOM generation
  • Serving 1,000+ dev teams

Secret Detection

  • Organization-wide scanning
  • Real-time PR feedback
  • Automated remediation

Zero-Trust Credential Management

  • OIDC token exchange
  • Eliminated long-lived credentials
  • Security-first architecture

πŸš€ Personal Projects

headscale-client-go

Official Go client for Headscale API β€” listed in project documentation

Waypoint

GeoIP REST API with MaxMind and IPInfo integration

AbuseIPDB Reporter

Automated threat intelligence reporting for security operations

Moni

HTTP service monitoring application

πŸ› οΈ Technical Expertise

Languages

  • Go
  • Python
  • JavaScript/TypeScript
  • Bash

Security & Identity

  • SPIFFE/SPIRE
  • Sigstore
  • OIDC/JWT
  • mTLS
  • Zero-Trust

Supply Chain

  • SLSA v1.0
  • in-toto
  • SPDX
  • CycloneDX

Infrastructure

  • AWS
  • Kubernetes
  • Docker
  • Terraform
  • Helm
  • Istio

Databases

  • PostgreSQL
  • Redis
  • MongoDB
  • MySQL
  • DynamoDB

Frameworks

  • Vue.js
  • Django
  • Flask

GitHub Activity

Top Languages Contribution Streak

Building secure software supply chains β€’ Contributing to open source β€’ Shipping at scale

Pinned Loading

  1. headscale-client-go headscale-client-go Public

    A client implementation for the Headscale HTTP API

    Go 11 3

  2. Moni Moni Public

    Application to monitor HTTP services

    Python 1 2

  3. Waypoint Waypoint Public

    GeoIP Rest API

    Go 3 4

  4. ArguSwarm ArguSwarm Public

    Go

  5. Arclift Arclift Public

    Backup utility

    Go

  6. Stashly Stashly Public

    Stashly is a simple yet powerful CLI tool that automates PostgreSQL backups. It supports scheduling backups using cron expressions and storing them securely on multiple backends such as Amazon S3, …

    Go