Showing 80 open source projects for "node-red"

View related business solutions
  • $300 Free Credits for Your Google Cloud Projects Icon
    $300 Free Credits for Your Google Cloud Projects

    Start building on Google Cloud with $300 in free credits. No commitment, no credit card required until you're ready to scale.

    Launch your next project with $300 in free Google Cloud credits—no strings attached. Test, build, and deploy without risk. Use your credits across the entire Google Cloud platform to find what works best for your needs. After your credits are used, continue with always-free tier services. Only pay when you're ready to scale. Sign up in minutes and start exploring.
    Start Free Trial
  • Our Free Plans just got better! | Auth0 Icon
    Our Free Plans just got better! | Auth0

    With up to 25k MAUs and unlimited Okta connections, our Free Plan lets you focus on what you do best—building great apps.

    You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
    Try free now
  • 1
    node-rate-limiter-flexible

    node-rate-limiter-flexible

    Count and limit requests by key with atomic increments

    ...Average request takes 0.7ms in Cluster and 2.5ms in a Distributed application. See benchmarks. It provides a unified API for all limiters. Whenever your application grows, it is ready. Prepare your limiters in minutes. No matter which node package you prefer: redis or ioredis, sequelize/typeorm or knex, memcached, native driver or mongoose. It works with all of them.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 2
    T3MP3ST

    T3MP3ST

    Autonomous red teaming platform

    T3MP3ST is a multi-agent offensive security framework for authorized red-team research, CTFs, and security education. It wraps an existing AI coding agent with orchestration for reconnaissance, exploit exploration, validation, and reporting. The project can work through a browser War Room or CLI while relying on agents such as Claude Code, Codex, Hermes, or locally hosted models. It emphasizes reproducible benchmark claims, keyless operation, and a clear status table that separates stable capabilities from experimental or roadmap work. ...
    Downloads: 17 This Week
    Last Update:
    See Project
  • 3
    Retire.js

    Retire.js

    Scanner detecting the use of JavaScript libraries

    ..."Using Components with Known Vulnerabilities" is now a part of the OWASP Top 10 and insecure libraries can pose a huge risk for your web app. The goal of Retire.js is to help you detect the use of versions with known vulnerabilities. Scan a web app or node app for use of vulnerable JavaScript libraries and/or node modules. grunt-retire scans your grunt-enabled app for use of vulnerable JavaScript libraries and/or node modules. Scans visited sites for references to insecure libraries and puts warnings in the developer console. An icon on the address bar displays will also indicate if vulnerable libraries were loaded. ...
    Downloads: 10 This Week
    Last Update:
    See Project
  • 4
    RedAmon

    RedAmon

    AI-powered framework for automated penetration testing and red teaming

    RedAmon is an AI-powered red team framework designed to automate offensive cybersecurity operations from reconnaissance to exploitation and post-exploitation. It combines artificial intelligence with traditional penetration testing tools to create a fully autonomous pipeline capable of discovering vulnerabilities and executing security assessments without human intervention.
    Downloads: 22 This Week
    Last Update:
    See Project
  • Ship Agents Faster Icon
    Ship Agents Faster

    Transform your applications and workflows into powerful agentic systems at global scale.

    Gemini Enterprise Agent Platform lets you rapidly build, scale, govern and optimize production-ready agents grounded in your organization's data. The platform enables developers to build custom or pre-built agents for virtually any use case. New customers get $300 in free credits.
    Get Started Free
  • 5
    Claude BugHunter

    Claude BugHunter

    A Claude Code skill bundle for bug hunting

    Claude-BugHunter is a Claude Code skill bundle focused on bug hunting, security testing, and external red-team research workflows. It packages a large collection of specialized skills, slash commands, and disclosed-report patterns so Claude Code can reason through common vulnerability classes more systematically. The project is meant to help authorized testers structure reconnaissance, triage, hypothesis building, exploitation reasoning, and reporting.
    Downloads: 5 This Week
    Last Update:
    See Project
  • 6
    theHarvester

    theHarvester

    E-mails, subdomains and names

    theHarvester is a very simple to use, yet powerful and effective tool designed to be used in the early stages of a penetration test or red team engagement. Use it for open source intelligence (OSINT) gathering to help determine a company's external threat landscape on the internet. The tool gathers emails, names, subdomains, IPs and URLs using multiple public data sources.
    Downloads: 52 This Week
    Last Update:
    See Project
  • 7
    Google APIs Node.js Client

    Google APIs Node.js Client

    Google's supported Node.js client library

    ...This means that we will address critical bugs and security issues but will not add any new features. For Google Cloud Platform APIs, we recommend using google-cloud-node which is under active development. This library supports the maintenance LTS, active LTS, and current release of node.js.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 8
    Namecoin Core

    Namecoin Core

    Namecoin full node + wallet based on the current Bitcoin Core codebase

    Namecoin Core is the reference implementation of Namecoin, a decentralized naming system based on the Bitcoin protocol. It allows users to register and manage domain names and identities on a blockchain, aiming to provide censorship-resistant and secure alternatives to traditional DNS systems.​
    Downloads: 1 This Week
    Last Update:
    See Project
  • 9
    XRAY

    XRAY

    XRay for recon, mapping and OSINT gathering from public networks

    ...It provides a framework for writing and executing inspection modules that can parse structured data (JSON, XML, HTML), traverse graphs of endpoints, and perform intelligent probing guided by discovered surface area. XRay is typically used as a reconnaissance and vulnerability discovery engine in red-team or app-security workflows: it leverages extensible plugins to adapt to different protocols, inject payloads, and detect common bug classes such as injection flaws, misconfigurations, and unsafe endpoints. The modular architecture means users can customize or extend the engine with new analyzers, fuzzers, or output formats tailored to specific testing environments. ...
    Downloads: 5 This Week
    Last Update:
    See Project
  • Train ML Models With SQL You Already Know Icon
    Train ML Models With SQL You Already Know

    BigQuery automates data prep, analysis, and predictions with built-in AI assistance.

    Build and deploy ML models using familiar SQL. Automate data prep with built-in Gemini. Query 1 TB and store 10 GB free monthly.
    Try Free
  • 10
    bettercap

    bettercap

    The Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks

    bettercap is a powerful, easily extensible and portable framework written in Go which aims to offer to security researchers, red teamers and reverse engineers an easy to use, all-in-one solution with all the features they might possibly need for performing reconnaissance and attacking WiFi networks, Bluetooth Low Energy devices, wireless HID devices and Ethernet networks.
    Downloads: 88 This Week
    Last Update:
    See Project
  • 11
    FingerprintJS Server API Node.js SDK

    FingerprintJS Server API Node.js SDK

    Node.js wrapper for FingerprintJS Server API

    Node.js wrapper for FingerprintJS Server API. This SDK might be also compatible, however not actively tested, with JavaScript "edge" runtimes that do not support all Node APIs, for example, Vercel Edge Runtime, or Cloudflare Workers. To make it work, replace the SDK's built-in fetch function (which relies on Node APIs) with the runtime's native fetch function.
    Downloads: 2 This Week
    Last Update:
    See Project
  • 12
    Internal All The Things

    Internal All The Things

    Active Directory and Internal Pentest Cheatsheets

    ...It covers a broad range of topics; AD certificate services, Kerberos attacks, lateral movement, tooling, post-exploitation techniques, and networking. The content is designed to help both learners and experienced red-teamers fill gaps in their internal pentest knowledge, especially for environments where AD and internal tooling dominate. Because internal engagements often have more complexity and fewer online guides compared to internet-facing web apps, this repo serves as a converging point for best practices, write-ups, and cheat sheets. The repository is structured, continuously updated, and encourages contributions, so its value grows over time. ...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 13
    Syncthing

    Syncthing

    Open Source Continuous File Synchronization

    Syncthing is an open source continuous file synchronization program, which essentially works by synchronizing files between two or more computers in real time. Syncthing is designed to first and foremost keep users’ data safe and protected against data loss and against attackers who would unlawfully try and access this data. It doesn’t store data anywhere else except on your computers and uses encryption to secure all your data. It is very easy to use, cross-platform and automatic. As such,...
    Downloads: 104 This Week
    Last Update:
    See Project
  • 14
    Splunk Attack Range

    Splunk Attack Range

    A tool that allows you to create vulnerable environments

    The Splunk Attack Range is an open-source project maintained by the Splunk Threat Research Team. It builds instrumented cloud (AWS, Azure) and local environments (Virtualbox), simulates attacks, and forwards the data into a Splunk instance. This environment can then be used to develop and test the effectiveness of detections.
    Downloads: 6 This Week
    Last Update:
    See Project
  • 15
    BBOT

    BBOT

    The recursive internet scanner for hackers

    ...The project emphasizes extensibility, allowing users to create or integrate custom modules that expand the scope of reconnaissance tasks without modifying the core engine. BBOT is particularly valuable for security researchers and red teamers who need to automate multi-stage discovery processes across complex infrastructures. Its architecture supports chaining multiple reconnaissance techniques together, enabling continuous discovery rather than one-off scans. The tool balances power and usability by providing sensible defaults while still exposing deep configuration options for advanced users.
    Downloads: 5 This Week
    Last Update:
    See Project
  • 16
    BadUSB

    BadUSB

    Flipper Zero badusb payload library

    ...It typically contains firmware examples, payloads, and explanations showing how a device presenting as a Human Interface Device (HID) can inject keystrokes, open shells, or orchestrate data exfiltration when plugged into a machine. The codebase is frequently intended for security research and defensive testing: defenders and red teams use it to validate endpoint controls, USB whitelisting, and user training. Due to the dual-use nature of such techniques, responsible repositories emphasize lab-only experiments, consent-based testing, and mitigations like disabling autorun, enforcing device policies, and using endpoint detection.
    Downloads: 7 This Week
    Last Update:
    See Project
  • 17
    Pacu

    Pacu

    The AWS exploitation framework, designed for testing security

    ...Written in Python 3 with a modular architecture, Pacu has tools for every step of the pen testing process, covering the full cyber kill chain. Pacu is the aggregation of all of the exploitation experience and research from our countless prior AWS red team engagements. Automating components of the assessment not only improves efficiency but also allows our assessment team to be much more thorough in large environments. What used to take days to manually enumerate can be now be achieved in minutes. There are currently over 35 modules that range from reconnaissance, persistence, privilege escalation, enumeration, data exfiltration, log manipulation, and miscellaneous general exploitation.
    Downloads: 9 This Week
    Last Update:
    See Project
  • 18
    SCAP Security Guide

    SCAP Security Guide

    Security automation content in SCAP, Bash, Ansible, and other formats

    The purpose of this project is to create security policy content for various platforms, Red Hat Enterprise Linux, Fedora, Ubuntu, Debian, SUSE Linux Enterprise Server (SLES), as well as products, Firefox, Chromium, JRE. We aim to make it as easy as possible to write new and maintain existing security content in all the commonly used formats. "SCAP content" refers to documents in the XCCDF, OVAL and Source DataStream formats.
    Downloads: 4 This Week
    Last Update:
    See Project
  • 19
    Maltrail

    Maltrail

    Malicious traffic detection system

    ...Also, it uses (optional) advanced heuristic mechanisms that can help in the discovery of unknown threats (e.g. new malware). Sensor(s) is a standalone component running on the monitoring node (e.g. Linux platform connected passively to the SPAN/mirroring port or transparently inline on a Linux bridge) or at the standalone machine (e.g. Honeypot) where it "monitors" the passing Traffic for blacklisted items/trails (i.e. domain names, URLs and/or IPs).
    Downloads: 6 This Week
    Last Update:
    See Project
  • 20
    Domain Password Spray

    Domain Password Spray

    A tool written in PowerShell to perform password assessments

    ...Output formats include summary reports and structured logs to help analysts triage which accounts were hit and where to prioritize defensive follow-up. The codebase is written to be used by penetration testers, red teams, and security assessors in authorized engagements and emphasizes responsible use; the README explicitly warns against unauthorized use and stresses running tests only with permission.
    Downloads: 3 This Week
    Last Update:
    See Project
  • 21
    OWASP Juice Shop

    OWASP Juice Shop

    Probably the most modern and sophisticated insecure web application

    OWASP Juice Shop is probably the most modern and sophisticated insecure web application! It can be used in security trainings, awareness demos, CTFs and as a guinea pig for security tools! Juice Shop encompasses vulnerabilities from the entire OWASP Top Ten along with many other security flaws found in real-world applications! Juice Shop is written in Node.js, Express and Angular. It was the first application written entirely in JavaScript listed in the OWASP VWA Directory. The...
    Leader badge
    Downloads: 236 This Week
    Last Update:
    See Project
  • 22
    TorRefresher-proxy

    TorRefresher-proxy

    One-click Tor IP refresher with bridge support built-in

    ... 🔄 Automatic IP Rotation – Refresh your Tor circuit on a timer of your choice 🖱 One-Click Manual Refresh – Instantly change your IP from the tray 🌍 Exit Node Info – See your current IP and country at a glance 🔒 Bridge Mode Support – Works in censored regions with custom bridges ⚡ Fast & Lightweight – Runs silently in the background Setup is simple: download the Tor Expert Bundle, point TorRefresher to your tor.exe, and you’re ready to go. It does not modify Tor itself—it just makes managing it effortless. ...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 23
    PoshC2

    PoshC2

    C2 framework used to aid red teamers with post-exploitation

    PoshC2 is a proxy-aware C2 framework used to aid penetration testers with red teaming, post-exploitation and lateral movement. PoshC2 is primarily written in Python3 and follows a modular format to enable users to add their own modules and tools, allowing an extendible and flexible C2 framework. Out-of-the-box PoshC2 comes PowerShell/C# and Python2/Python3 implants with payloads written in PowerShell v2 and v4, C++ and C# source code, a variety of executables, DLLs and raw shellcode in addition to a Python2/Python3 payload. ...
    Downloads: 1 This Week
    Last Update:
    See Project
  • 24
    Stegcore

    Stegcore

    A cross-platform crypto-steganography toolkit

    ...Unlike basic steganography tools that hide data without encrypting it, Stegcore ensures the payload is cryptographically protected at rest. Unlike pure encryption tools, the payload isn't even visible. Designed for journalists, security researchers, red teamers, digital forensics professionals, and CTF participants.
    Downloads: 19 This Week
    Last Update:
    See Project
  • 25
    JakiKaliOS

    JakiKaliOS

    JakiKaliOS V.0.01 is a LiveRAM Debian distribution based on Kali Linux

    JakiKaliOS is a LiveRAM Linux distribution based on Kali Linux, designed for cybersecurity professionals, ethical hackers, forensic analysts, and laboratory environments. The system runs entirely in RAM by default, leaving no disk footprint and providing fast, clean, and temporary work sessions ideal for security testing and controlled operations. JakiKaliOS includes a lightweight XFCE desktop optimized for performance and low resource usage, suitable for virtual machines, VPS consoles,...
    Downloads: 4 This Week
    Last Update:
    See Project
  • Previous
  • You're on page 1
  • 2
  • 3
  • 4
  • Next
Auth0 Logo