ToolJet is the open-source foundation of ToolJet AI - the AI-native platform for building internal tools, dashboard, business applications, workflows and AI agents 🚀

Virtual Machine for the Web

Community curated list of templates for the nuclei engine to find security vulnerabilities.

Your personal intelligence agent. Watches the world from multiple data sources and pings you when something changes.

A damn-sexy, open source real-time dashboard builder for IOT and other web mashups. A free open-source alternative to Geckoboard.

CloudMapper helps you analyze your Amazon Web Services (AWS) environments.

Produces persistent, respawning "super" cookies in a browser, abusing over a dozen techniques. Its goal is to identify users after they've removed standard cookies and other privacy data such as Fl…

Ah shhgit! Find secrets in your code. Secrets detection for your GitHub, GitLab and Bitbucket repositories.

Mozaïk is a tool based on nodejs / react / redux / nivo / d3 to easily craft beautiful dashboards

Generate CloudFormation / Terraform / Troposphere templates from your existing AWS resources.

An easy-to-setup version of XSS Hunter. Sets up in five minutes and requires no maintenance!

A CLI for creating better commits following the conventional commits specification

Shuffle: A general purpose security automation platform. Our focus is on collaboration and resource sharing.

Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.

Fast Incident Response

An open source threat modeling tool from OWASP

Protect against malicious code installed via npm, yarn, pnpm, npx, pnpx, pip, uv and poetry with Aikido Safe Chain. Free to use, no tokens required.

The Best Practices for OSS Developers working group is dedicated to raising awareness and education of secure code best practices for open source developers.

A next-generation HTTP stealth proxy which perfectly cloaks requests as the Chrome browser across all layers of the stack.

Digital Forensics Investigation Platform

Analyze Docker images size

A tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.

GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment

A set of policies, standards and control procedures with mapping to HIPAA, NIST CSF, PCI DSS, SOC2, FedRAMP, CIS Controls, and more.

Cloud Conformity Auto Remediate

An Alexandria community initiative to embed all of human belief. See more: https://alex.macrocosm.so/religion

An open-source knowledge base of defensive countermeasures to protect AI/ML systems. Features interactive views and maps defenses to known threats from frameworks like MITRE ATLAS, MAESTRO, and OWASP.

HASH (HTTP Agnostic Software Honeypot)

Google Apps Script that publishes a Google Sheet to Amazon S3 as a JSON file. Auto-updates on edit & maintains data types. Creates an array of objects keyed by column header.