Replace abandoned deepfence and weaveworks tooling references (#2123)

0xBassia · web-flow · commit fa34ad1bbe2f · 2026-04-16T21:24:31.000+01:00
The deepfence org was abandoned and their domain hijacked (see deepfence/ThreatMapper#2429). Weaveworks shut down in early 2024 and Scope is no longer maintained. Replaced both with current alternatives for attack-surface visualisation in container and service-mesh deployments: - Cilium Hubble (eBPF-based network observability) - kubeshark (Kubernetes traffic viewer)
diff --git a/cheatsheets/Attack_Surface_Analysis_Cheat_Sheet.md b/cheatsheets/Attack_Surface_Analysis_Cheat_Sheet.md
@@ -35,7 +35,7 @@ With this approach, you don't need to understand every endpoint in order to unde
 
 Microservice and Cloud Native applications are comprised of multiple smaller components, loosely coupled using APIs and independently scalable. When assessing the attack surface for applications of this architectural style, you should prioritize the components that are reachable from an attack source (e.g. external traffic from the Internet). Such components may be located behind tiers of proxies, load balancers and ingress controllers, and may auto-scale without warning.
 
-Open source tooling such as [Scope](https://github.com/weaveworks/scope) or [ThreatMapper](https://github.com/deepfence/ThreatMapper) assist in visualizing the attack surface.
+Open source tooling such as [Cilium Hubble](https://github.com/cilium/hubble) and [kubeshark](https://github.com/kubeshark/kubeshark) assist in visualizing the attack surface for Kubernetes and service-mesh deployments.
 
 ## Identifying and Mapping the Attack Surface
 
