This product was not featured by Product Hunt yet. It will not be visible on their landing page and won't be ranked (cannot win product of the day regardless of upvotes).
We built GarudaEye because we kept running the same exhausting loop: spin up a cloud scanner, wrestle with a dozen API keys, stitch together three different dashboards, and still not actually *know* what was exposed.
So we built the tool we wanted. One binary. No tokens. No signup. No waiting.
What it does
GarudaEye drops into your terminal, scans your AWS infrastructure across every region you care about, and gives you a live security picture in minutes — open ports, TLS certificates, CVE hints, attack paths, risk scores, relationships between every resource. Everything in one place.
The bit we're most proud of is the passive fingerprinting engine, which is entirely built in. It resolves DNS, negotiates TLS, probes HTTP/HTTPS headers, grabs service banners, identifies cloud providers and ASNs, and detects OS/tech stacks — all without a single external API key. Point it at your infra, and it just works.
Hey everyone, thanks so much for checking out GarudaEye!
A little background on why we built this:
Most cloud security tools fall into one of two camps: (1) heavy SaaS platforms that cost a fortune and lock your data away, or (2) CLI scripts that dump JSON and leave you to figure out what it means. We wanted something in between — the power of a full scanner with the simplicity of a single command.
A few things I'm especially excited to show you:
The attack path engine: this is the newest addition. It doesn't just list open ports; it reasons about *chains* of risk. A public-facing EC2 instance with a relationship to a database cluster that's running MySQL on port 3306? That's a `LateralMovement` + `ExposedDatabase` attack path, and GarudaEye flags both with remediation guidance. There are 7 path types right now, and we're adding more.
The fingerprinting engine: every public asset gets passively analysed: we grab the TLS cert and check days until expiry, pull HTTP response headers and look for missing HSTS/CSP, banner-grab common ports to detect software versions, and cross-reference ASN data for hosting provider detection. All of this runs without any external API — no Shodan, no Censys, nothing. Just Rust talking to your infra.
The binary size story: the release build is a statically linked MUSL binary, roughly 20 MB, that includes the entire Vue.js dashboard compiled in. Drop it on a fresh EC2 instance with no packages installed and it runs. That was a deliberate design constraint and I'm pretty happy with how it turned out.
Roadmap ask: We're deciding what to prioritise in Phase 5 (multi-cloud). Azure vs GCP vs DigitalOcean — which would be most useful for you? Let us know in the comments!
GarudaEye was submitted on Product Hunt and earned 10 upvotes and 2 comments, placing #43 on the daily leaderboard. Monitor your cloud assets. Contribute to pranaypaine/GarudaEye development by creating an account on GitHub.
GarudaEye was featured in Open Source (68.4k followers) and GitHub (41.2k followers) on Product Hunt. Together, these topics include over 33.1k products, making this a competitive space to launch in.
Who hunted GarudaEye?
GarudaEye was hunted by Pranay Kumar Paine. A “hunter” on Product Hunt is the community member who submits a product to the platform — uploading the images, the link, and tagging the makers behind it. Hunters typically write the first comment explaining why a product is worth attention, and their followers are notified the moment they post. Around 79% of featured launches on Product Hunt are self-hunted by their makers, but a well-known hunter still acts as a signal of quality to the rest of the community. See the full all-time top hunters leaderboard to discover who is shaping the Product Hunt ecosystem.
Want to see how GarudaEye stacked up against nearby launches in real time? Check out the live launch dashboard for upvote speed charts, proximity comparisons, and more analytics.
Pranay Kumar Paine
Hey hunters! 👋
We built GarudaEye because we kept running the same exhausting loop: spin up a cloud scanner, wrestle with a dozen API keys, stitch together three different dashboards, and still not actually *know* what was exposed.
So we built the tool we wanted. One binary. No tokens. No signup. No waiting.
What it does
GarudaEye drops into your terminal, scans your AWS infrastructure across every region you care about, and gives you a live security picture in minutes — open ports, TLS certificates, CVE hints, attack paths, risk scores, relationships between every resource. Everything in one place.
The bit we're most proud of is the passive fingerprinting engine, which is entirely built in. It resolves DNS, negotiates TLS, probes HTTP/HTTPS headers, grabs service banners, identifies cloud providers and ASNs, and detects OS/tech stacks — all without a single external API key. Point it at your infra, and it just works.