Skip to content
View rezmoss's full-sized avatar
🎯
Focusing
🎯
Focusing

Sponsors

@pbxdomanalytics

Sponsoring

@muesli
@wesm
@FiloSottile
@mudler
@mvdan
@gaocegege
@jesseduffield
@rudrankriyam

Organizations

@AikidoSec @cloudaidnet

Block or report rezmoss

Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
rezmoss/README.md

Twitter LinkedIn Website AWS

I'm a developer and system builder. Currently leading VM scanning at @AikidoSec. Founder of CloudAid. I work primarily in Go, Node.js, and AWS.

I build tools, write about what I learn, and maintain open-source projects in the cloud security and infrastructure space.


Recent Projects

Project What it does
cloud-provider-ip-addresses Daily-updated IP ranges for 35+ providers (AWS, Azure, GCP, Cloudflare, GitHub, Fastly,Linode + GoogleBot/BingBot/GPTBot) in 12+ formats
sbomlyze SBOM comparison & diff to detect supply-chain tampering and drift in CI
axios4go Axios-inspired HTTP client for Go — interceptors, automatic retries
go-cloudip Sub-microsecond cloud provider IP detection for Go
js-cloudip Sub-millisecond cloud provider detection for Node.js & the browser
py-cloudip Fast, auto-updating cloud provider IP detection for Python
ip-watch Auto-applies cloud provider IP ranges to nginx, caddy, haproxy & firewalls
go-is-disposable-email High-performance Go package for detecting disposable/temporary email addresses
simple-load-balancer HTTP load balancer in Go using only the standard library
awesome-security-pipeline Curated security tools organized by CI/CD pipeline stage

The cloudip family (go · js · py) shares one daily-updated source of truth: cloud-provider-ip-addresses.

Recent Writing

More at rezmoss.com/blog

Book

I wrote Go at Scale: Patterns for Professional Development on Go patterns covering concurrency, microservices, event-driven architecture, and more. Companion code is here

Pinned Loading

  1. axios4go axios4go Public

    A Go HTTP client library inspired by Axios, providing a simple and intuitive API for making HTTP requests with features like interceptors, JSON handling, configurable instances, and automatic retries

    Go 37 9

  2. go-at-scale go-at-scale Public

    📘 Companion code for "Go at Scale" 528 pages of production-grade Go patterns. Concurrency, microservices, event-driven architecture & more. Available on Amazon.

    Go 39 3

  3. simple-load-balancer simple-load-balancer Public

    HTTP load balancer in Go using only the standard library, round-robin, health checks, weighted routing. Great for learning Go networking internals

    Go 51 7

  4. cloud-provider-ip-addresses cloud-provider-ip-addresses Public

    Daily-updated IP ranges for 35+ providers (AWS, Azure, GCP, Cloudflare, GitHub, Fastly, Linode + GoogleBot, BingBot, GPTBot) in 12+ formats: TXT, JSON, CSV, SQL, Nginx, Apache, iptables, nftables, …

    Shell 139 15

  5. sbomlyze sbomlyze Public

    git diff for your SBOM — compare CycloneDX/SPDX/Syft bills of materials, detect tampering, and gate CI

    Go 23 2

  6. awesome-security-pipeline awesome-security-pipeline Public

    🔐 A curated list of open-source security tools organized by CI/CD pipeline stage. Covers secrets detection, SBOM, SAST, SCA, IaC security, container scanning, Kubernetes security & more. Actively m…

    13 4