{"id":13620873,"url":"https://github.com/hoophq/hoop","last_synced_at":"2026-05-26T15:02:04.582Z","repository":{"id":246936176,"uuid":"530343316","full_name":"hoophq/hoop","owner":"hoophq","description":"Automated Access and Data Protection","archived":false,"fork":false,"pushed_at":"2026-05-22T20:00:13.000Z","size":54928,"stargazers_count":698,"open_issues_count":77,"forks_count":46,"subscribers_count":1,"default_branch":"main","last_synced_at":"2026-05-22T22:51:31.725Z","etag":null,"topics":["access-control","bastion-host","databases","go","grpc","mongodb","mysql","pam","postgres","proxy","security","sqlserver","ssh","terminal","tty"],"latest_commit_sha":null,"homepage":"https://hoop.dev","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/hoophq.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":"CLA.md"}},"created_at":"2022-08-29T18:26:02.000Z","updated_at":"2026-05-22T21:34:41.000Z","dependencies_parsed_at":"2026-05-22T22:01:12.004Z","dependency_job_id":null,"html_url":"https://github.com/hoophq/hoop","commit_stats":{"total_commits":664,"total_committers":6,"mean_commits":"110.66666666666667","dds":0.2786144578313253,"last_synced_commit":"267b40f312fdbcfe1034633276e1811abec40ff9"},"previous_names":["hoophq/hoop"],"tags_count":1073,"template":false,"template_full_name":null,"purl":"pkg:github/hoophq/hoop","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hoophq%2Fhoop","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hoophq%2Fhoop/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hoophq%2Fhoop/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hoophq%2Fhoop/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/hoophq","download_url":"https://codeload.github.com/hoophq/hoop/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hoophq%2Fhoop/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":33525947,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T03:12:49.672Z","status":"ssl_error","status_checked_at":"2026-05-26T03:12:47.976Z","response_time":63,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["access-control","bastion-host","databases","go","grpc","mongodb","mysql","pam","postgres","proxy","security","sqlserver","ssh","terminal","tty"],"created_at":"2024-08-01T21:01:00.238Z","updated_at":"2026-05-26T15:02:04.565Z","avatar_url":"https://github.com/hoophq.png","language":"Go","funding_links":[],"categories":["Go"],"sub_categories":[],"readme":"\u003ch4 align=\"center\"\u003e\n\u003csub\u003e\u003cb\u003eNEW\u003c/b\u003e  ·  User MCP server — How AI coding agents get production access safely.  \u003ca href=\"#whats-new\"\u003e\u003cb\u003eRead more →\u003c/b\u003e\u003c/a\u003e\u003c/sub\u003e\n\u003c/h4\u003e\n\u003ch1 align=\"center\"\u003e\nOne Gateway Between Your Team and Your Infrastructure.\n\u003c/h1\u003e\n\u003ch3 align=\"center\"\u003e\nhoop.dev is a layer 7 gateway that masks sensitive data, blocks dangerous commands, approves risky writes, and records every session inline, before anything reaches your infrastructure.\n\u003c/h3\u003e\n\u003cp align=\"center\"\u003e\nEngineers · AI Agents · MCP Clients · Services · Support/QA\n\u003c/p\u003e\n\u003cp align=\"center\"\u003e\nOpen-source. Used by NYSE-listed companies. 5,000+ databases protected.\n\u003c/p\u003e\n\u003cp align=\"center\"\u003e\n\u003ca href=\"https://github.com/hoophq/hoop/releases\"\u003e\u003cimg src=\"https://img.shields.io/github/v/release/hoophq/hoop?style=flat-square\" alt=\"release\"\u003e\u003c/a\u003e\n\u003ca href=\"https://github.com/hoophq/hoop/blob/main/LICENSE\"\u003e\u003cimg src=\"https://img.shields.io/github/license/hoophq/hoop?style=flat-square\" alt=\"license\"\u003e\u003c/a\u003e\n\u003ca href=\"https://hub.docker.com/r/hoophq/hoop\"\u003e\u003cimg src=\"https://img.shields.io/docker/pulls/hoophq/hoop?style=flat-square\" alt=\"docker pulls\"\u003e\u003c/a\u003e\n\u003ca href=\"https://github.com/hoophq/hoop/stargazers\"\u003e\u003cimg src=\"https://img.shields.io/github/stars/hoophq/hoop?style=flat-square\" alt=\"stars\"\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003cp align=\"center\"\u003e\n\u003ca href=\"#quick-start\"\u003eQuick start\u003c/a\u003e ·\n\u003ca href=\"#how-it-works\"\u003eHow it works\u003c/a\u003e ·\n\u003ca href=\"https://hoop.dev/docs/quickstart/overview\"\u003eConnectors\u003c/a\u003e ·\n\u003ca href=\"#vs-alternatives\"\u003evs alternatives\u003c/a\u003e ·\n\u003ca href=\"#whats-new\"\u003eWhat's new\u003c/a\u003e ·\n\u003ca href=\"https://hoop.dev/docs\"\u003eDocs\u003c/a\u003e\n\u003c/p\u003e\n\n---\n \n## What is hoop?\n \nhoop is an open-source layer 7 gateway that sits between users (engineers, AI agents, service accounts)\nand infrastructure (databases, Kubernetes clusters, servers, APIs). Every query and command\npasses through at the wire protocol level, where the gateway can:\n \n- **Mask sensitive data in responses** — ML-powered classification, not regex pattern matching, applied before bytes leave the gateway.\n- **Block dangerous commands before they execute** — `DROP TABLE`, `rm -rf`, `DELETE` without `WHERE`, configurable per role and per backend.\n- **Require human approval for risky operations** — Slack or Teams workflow, time-bound, fully logged.\n- **Record every session** — full replay of SQL, shell, kubectl, and HTTP traffic, indexed by user, table, and query.\nNo agents on endpoints. No schema discovery. No code changes. Deploy the gateway, connect your identity provider, define your rules.\n \n---\n \n## Who is hoop for?\n \nTeams where engineers or AI agents access production infrastructure. If your developers run queries against databases with customer PII, execute commands on production Kubernetes clusters, or use AI coding assistants against real systems, hoop gives you visibility and control over what happens inside those sessions and what data is allowed to leave them.\n \n---\n \n## The problem, concretely\n \nAn engineer pulls recent payments to investigate a customer report:\n \n**❌ Without hoop**\n \n```sql\nSELECT * FROM payments LIMIT 10;\n```\n \n```\n id    | customer_email          | card_number          | amount | status\n-------+-------------------------+----------------------+--------+----------\n 84021 | jane.thompson@gmail.com | 4532-1024-5678-9012  |  49.99 | settled\n 84022 | mreyes@acmecorp.io      | 5412-7510-3344-1182  | 120.00 | settled\n 84023 | k.patel@protonmail.com  | 4716-9923-1144-5577  |  24.99 | refunded\n 84024 | dlin@northwind.co       | 5577-3344-9911-2266  |  89.50 | settled\n 84025 | tyler.s@gmail.com       | 4111-2222-3333-4444  |  15.00 | failed\n ...\n```\n \n10 rows of real card numbers and emails. Now in `psql` history, in the screenshot the engineer pasted into Slack, and in the CSV they exported to debug locally.\n \n**✅ With hoop**\n \n```sql\nSELECT * FROM payments LIMIT 10;\n```\n \n```\n id    | customer_email        | card_number         | amount | status\n-------+-----------------------+---------------------+--------+----------\n 84021 | j****@*****.com       | **-**-****-9012     |  49.99 | settled\n 84022 | m****@*******.io      | **-**-****-1182     | 120.00 | settled\n 84023 | k****@*********.com   | **-**-****-5577     |  24.99 | refunded\n 84024 | d****@*********.co    | **-**-****-2266     |  89.50 | settled\n 84025 | t****@*****.com       | **-**-****-4444     |  15.00 | failed\n ...\n```\n \nEngineers can still debug using amounts, statuses, and timestamps. PII never leaves the gateway.\n \n---\n \nAn AI agent fixing a bug at 3AM:\n \n**❌ Without hoop**\n \n\u003cpre\u003e\n\u003e claude-code: DROP TABLE orders;\nQuery OK\n47,291,834 rows affected 💀\n\u003c/pre\u003e\n \n**✅ With hoop**\n \n\u003cpre\u003e\n\u003e claude-code: DROP TABLE orders;\n⛔ Blocked by guardrail: \"Prevent destructive DDL in production\"\nEvent logged. Security team notified.\n\u003c/pre\u003e\n \nThe command never reached the database.\n \n---\n \n## Quick Start\n \n```bash\n# create a jwt secret for auth\necho \"JWT_SECRET_KEY=$(openssl rand -hex 32)\" \u003e\u003e .env\n \n# download and run\ncurl -sL https://hoop.dev/docker-compose.yml \u003e docker-compose.yml \u0026\u0026 \\\n  docker compose up\n```\n \nGateway running on `:8009`. OIDC connected. Masking and guardrails active.\n \n[Full installation options →](https://hoop.dev/docs/introduction/getting-started)\n \n---\n \n## How It Works\n \n```\nEngineers / AI Agents / Service Accounts\n              │\n              ▼\n     ┌────────────────┐\n     │   hoop Gateway │  ← Parses wire protocols in real time\n     │                │\n     │  • Masks PII   │  (ML-powered, \u003c5ms latency)\n     │  • Blocks cmds │  (DROP, DELETE, rm -rf)\n     │  • Approvals   │  (Slack / Teams)\n     │  • Records all │  (full session replay)\n     │  • AI controls │  (per-action governance)\n     └────────────────┘\n              │\n              ▼\n    Your Infrastructure\n    (Databases, K8s, SSH, APIs, MCP servers)\n```\n \nThe gateway parses wire protocols natively: PostgreSQL, MySQL, MSSQL, MongoDB, Kubernetes, SSH, HTTP/gRPC, RDP, and more. Your tools connect through the gateway without knowing it's there. No SDKs, no plugins, no browser extensions.\n \n---\n \n## Key Capabilities\n \n### Inline controls\n \nWhat hoop does in real-time on every connection — for engineers, AI agents, and service accounts equally.\n \n**Data masking**\n \n- ML-powered detection of PII, PHI, PCI data, and credentials inside database responses, API payloads, and terminal output. Not regex. The model understands context: `555-1234` in a `phone` column is a phone number, `BUILD-555-1234` in a CI log is a build ID. One rule covers thousands of resources. No schema mapping required.\n**Guardrails**\n \n- Define dangerous operations and block them at the protocol layer before they reach the target system. `DROP TABLE`, `DELETE` without `WHERE`, `kubectl delete namespace`, `rm -rf`, and any custom pattern. Prevention, not detection.\n**Command approval**\n \n- Route risky operations (production writes, schema changes, config mutations) for human approval via Slack or Teams. One command, one decision. The operation waits until approved, denied, or scheduled for a maintenance window.\n**SSO**\n \n- Connect Okta, JumpCloud, Azure AD, Google Workspace, or any OIDC/SAML provider. Included in the open-source license with no separate tier or seat charge. Identity is a security primitive, not a revenue lever.\n### Built for AI agents\n \nSame policy engine, agent-aware semantics. No parallel stack, no sandbox.\n \n**AI agent governance**\n \n- Claude Code, Cursor, and autonomous agents connect to your infrastructure through the gateway. Agents read freely (with masked responses). Agents write with approval. Destructive operations are blocked outright. Every agent action is logged, risk-scored, and replayable.\n**MCP gateway**\n \n- Not just a proxy. hoop inspects MCP payloads, masks PII in JSON responses before they reach the agent, blocks dangerous operations, and federates identity so developers never touch real credentials. Auto-generates a sensitive data catalog from MCP traffic.\n### Audit \u0026 operations\n \nWhat you stop building yourself once hoop is in place.\n \n**Session recording**\n \n- Full session capture with replay. Every command, every response, every approval and denial. Generates compliance evidence for SOC 2, GDPR, PCI DSS, and HIPAA automatically.\n**Runbooks**\n \n- Parameterized templates stored in Git. Your team executes common operations with validated inputs. Guardrails, masking, and approval workflows apply automatically to every run.\n---\n \n## vs Alternatives\n \nhoop gets compared to three different categories of tools. Here's where it overlaps and where it doesn't.\n \n### vs PAM (Privileged Access Management)\n \nPAM tools route the connection, broker credentials, and log the session. hoop does that too — and then parses the wire protocol on top. Once a user is connected, PAM is done; hoop is just starting. We mask sensitive fields in database responses, block destructive commands by content (`DROP TABLE`, `rm -rf`), and require approval on risky writes — all inline, before the action reaches the target system.\n \nIf your concern is *who connected*, PAM is enough. If your concern is *what data left the session and what commands ran*, you need both — or you need hoop.\n \n### vs DLP (Data Loss Prevention)\n \nDLP inspects data in motion at the network or endpoint layer — usually after a developer has already pulled it onto their laptop, into a Slack message, or into an email. hoop inspects data in motion at the wire-protocol layer — before it reaches the developer at all. Sensitive fields never leave the gateway in the first place.\n \nDLP catches leaks. hoop prevents them.\n \n### vs AI Security (LLM guardrails, prompt firewalls)\n \nAI security tools sit in front of the LLM. They inspect prompts going in and outputs coming out, looking for jailbreaks, prompt injection, and policy violations at the application layer. hoop sits in front of the infrastructure. We inspect what data the agent is allowed to read, what commands it's allowed to run, and what gets returned — at the database, Kubernetes, and MCP layers.\n \nDifferent problem. Different layer. Most regulated AI deployments end up with both — application-layer controls on the prompt, infrastructure-layer controls on the data.\n \n---\n \n## Installation\n \n### Docker (Recommended)\n \n```bash\ntouch .env \u0026\u0026 \\\ncurl -sL https://hoop.dev/docker-compose.yml \u003e docker-compose.yml \u0026\u0026 \\\ndocker compose up\n```\n \n[See Docker Compose documentation →](https://hoop.dev/docs/setup/deployment/docker-compose)\n \n[See Kubernetes deployment documentation →](https://hoop.dev/docs/setup/deployment/kubernetes)\n \n[See AWS deploy \u0026 host documentation →](https://hoop.dev/docs/setup/deployment/AWS)\n \n---\n \n## Supported Protocols\n \n| Category | Protocols |\n| --- | --- |\n| Databases | PostgreSQL, MySQL, MSSQL, MongoDB |\n| Infrastructure | Kubernetes (exec, port-forward), SSH, RDP |\n| APIs | HTTP, gRPC |\n| AI | Claude Code, Cursor, MCP servers |\n| Runtimes | Rails, Django, Elixir IEx, PHP |\n| Cloud | AWS SSM, custom CLIs |\n \n---\n \n## What's New\n \n### May 18, 2026 — User MCP server\n \nNow, when AI coding agents connect to your databases, servers, and services, they are tagged as the human user running them, not just as a shared service account. When you connect Claude Code, Cursor, or any MCP-compatible client, the agent authenticates over OAuth 2.1 and inherits the user's permissions, group memberships, and ABAC rules.\n\nEvery query flows through the same policy engine, data masking, and approval routing as a human session. When a query needs review, the agent waits. Reviewers see the user's name on the request, not an opaque agent identity. Then, the approved query is the only one that runs.\n\nAudit logs record the human user as the source. One timeline for humans and agents.\n \n[Read the full breakdown →](https://hoop.dev/blog/how-ai-coding-agents-get-production-access-safely)\n \n---\n \n## Contributing\n \nWe welcome contributions. Protocol parsers, masking patterns, guardrail rules, runbook templates, integrations, and documentation improvements. Check out our [Development Documentation](https://hoop.dev/docs) to get started.\n \n---\n \n## Community\n \nJoin our [Discussions](https://github.com/hoophq/hoop/discussions) to ask questions, share ideas, and connect with other users.\n\n---\n\n## Star the Repository\n\nIf hoop solves a problem for you, give us a star. It helps other teams find the project and tells us what to invest in next.\n\n\u003cp \u003e\n\u003ca href=\"https://github.com/hoophq/hoop\"\u003e\u003cimg src=\"https://img.shields.io/github/stars/hoophq/hoop?style=social\" alt=\"Star hoop on GitHub\"\u003e\u003c/a\u003e\n\u003c/p\u003e\n \n---\n \n## License\n \nMIT. The code that touches your data is code you can read.\n \n---\n \n\u003cp align=\"center\"\u003e\n\u003ca href=\"https://hoop.dev\"\u003ehoop.dev\u003c/a\u003e · Data security in transit. One gateway, every protocol.\n\u003c/p\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhoophq%2Fhoop","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fhoophq%2Fhoop","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhoophq%2Fhoop/lists"}