Open Source TypeScript Security Software
Sort By:
TypeScript Security Software
View 5766 business solutionsBrowse free open source TypeScript Security Software and projects below. Use the toggles on the left to filter open source TypeScript Security Software by OS, license, language, programming language, and project status.
-
Host LLMs in Production With On-Demand GPUsDeploy your model, get an endpoint, pay only for compute time. No GPU provisioning or infrastructure management required.
-
Custom VMs From 1 to 96 vCPUs With 99.95% UptimeLive migration and automatic failover keep workloads online through maintenance. One free e2-micro VM every month.
-
1
World Monitor
Real-time global intelligence dashboard
World Monitor is an open-source real-time intelligence dashboard that aggregates global news, geopolitical signals, and infrastructure data into a unified situational awareness interface. Built primarily with TypeScript and modern web technologies, the project aims to reduce information fragmentation by consolidating hundreds of curated feeds into a single interactive environment. The platform emphasizes geospatial context through features such as interactive maps and a 3D WebGL globe, enabling users to visualize global events dynamically. It incorporates AI-assisted summarization and local LLM support to help users process large volumes of information more efficiently. The application can run as a native desktop app or progressive web app, reflecting a focus on accessibility and offline-capable intelligence workflows. Overall, worldmonitor positions itself as a free OSINT-style monitoring hub for analysts, researchers, and anyone needing real-time global awareness. -
2
Aviator Predictor
Aviator hack: seed-inspection of aviator crash predictor & aviator app
Our downloadable SHA256 analysis tool powers the Aviator predictor, Aviator predictor app, and aviator crash predictor. Available for desktop, it’s designed for research, fairness verification, and safe demo testing Demo-focused aviator predictor tools — seed-inspection helpers (SHA-512 / SHA-256), AI-assisted summaries, and demo bot templates for aviator crash predictor, Start in demo mode to test safely. Disclaimer: Provided for analytical and testing purposes only. No predictive guarantees or gameplay assurances. -
3
Kubernetes Dashboard
General-purpose web UI for Kubernetes clusters
Kubernetes Dashboard is a general purpose, web-based UI for Kubernetes clusters. It allows users to manage applications running in the cluster and troubleshoot them, as well as manage the cluster itself. To access Dashboard from your local workstation you must create a secure channel to your Kubernetes cluster. Kubeconfig Authentication method does not support external identity providers or certificate-based authentication. Metrics-Server has to be running in the cluster for the metrics and graphs to be available. Make sure that you know what you are doing before proceeding. Granting admin privileges to Dashboard's Service Account might be a security risk. In most cases after provisioning cluster using kops, kubeadm or any other popular tool, the ClusterRole cluster-admin already exists in the cluster. We can use it and create only ClusterRoleBinding for our ServiceAccount. If it does not exist then you need to create this role first and grant required privileges manually. -
4
FlareSolverr
Proxy server to bypass Cloudflare protection
FlareSolverr is a proxy server to bypass Cloudflare and DDoS-GUARD protection. FlareSolverr starts a proxy server, and it waits for user requests in an idle state using few resources. When some request arrives, it uses puppeteer with the stealth plugin to create a headless browser (Firefox). It opens the URL with user parameters and waits until the Cloudflare challenge is solved (or timeout). The HTML code and the cookies are sent back to the user, and those cookies can be used to bypass Cloudflare using other HTTP clients. Web browsers consume a lot of memory. If you are running FlareSolverr on a machine with few RAM, do not make many requests at once. With each request, a new browser is launched. It is also possible to use a permanent session. However, if you use sessions, you should make sure to close them as soon as you are done using them. It is recommended to install using a Docker container because the project depends on an external browser that is already included. -
Try Google Cloud Risk-Free With $300 in CreditUse your credit across every product. Compute, storage, AI, analytics. When it runs out, 20+ products stay free. You only pay when you choose to.
-
5
Tamper Dev
Extension that allows you to intercept and edit HTTP/HTTPS requests
If you are a developer, you can use Tamper Dev to debug your websites, or if you are a pentester, you can use it to search for security vulnerabilities by inspecting the HTTP traffic from your browser. Unlike most other extensions, Tamper Dev allows you to intercept, inspect and modify the requests before they are sent to the server. This extension provides functionality similar to Burp Proxy, MITM Proxy, OWASP ZAP, Tamper Data, and Postman Proxy, but without the need of additional software, with full support of HTTPS connections, and trivial to set-up (just install). -
6
RedAmon
AI-powered framework for automated penetration testing and red teaming
RedAmon is an AI-powered red team framework designed to automate offensive cybersecurity operations from reconnaissance to exploitation and post-exploitation. It combines artificial intelligence with traditional penetration testing tools to create a fully autonomous pipeline capable of discovering vulnerabilities and executing security assessments without human intervention. It begins with a multi-phase reconnaissance engine that maps the entire attack surface of a target, collecting information such as subdomains, open ports, services, and potential vulnerabilities. RedAmon then uses an AI agent orchestrator to analyze this data, select appropriate tools, and perform exploitation steps such as credential brute forcing or CVE-based attacks. All discovered assets, relationships, and vulnerabilities are stored in a Neo4j knowledge graph, allowing the system to reason about the environment and make informed decisions during the attack process. -
7
ThumbmarkJS
World's best free browser fingerprinting library
ThumbmarkJS is an MIT-licensed browser fingerprinting library that produces stable fingerprints with 90% uniqueness. It works with normal and private browsing. ThumbmarkJS is a free, open‑source browser fingerprinting JavaScript library, designed as an alternative to FingerprintJS. It generates distinct, persistent device fingerprints using web APIs like canvas, audio, fonts, WebGL, and more, enabling identification of browsers across sessions, even in incognito or cleared-cache scenarios. It supports both client-side-only installs via CDN and npm, with optional API integration for improved uniqueness. -
8
Situation Monitor
Real-time dashboard for monitoring global news and markets
Situation Monitor is an open-source real-time dashboard designed to aggregate and visualize global information streams related to news, financial markets, technology, and geopolitical developments. The project aims to provide a centralized situational awareness interface where users can observe multiple sources of high-signal information without constantly switching between separate applications or websites. Instead of functioning as a traditional news reader, the platform is designed more like an intelligence monitoring system that highlights important signals from diverse data feeds. The dashboard aggregates real-time updates about economic indicators, corporate developments, geopolitical events, and other macro-level signals that may influence markets or public discourse. Its architecture is implemented using modern frontend technologies, allowing data streams to update quickly while maintaining low resource consumption. -
9
Openblocks
The Open Source Retool Alternative
It's cumbersome to create a single app. You had to design user interfaces, write code in multiple languages and frameworks, and understand how all of that code works together. Low-code/No-code platforms are fast to get started with but quickly become unmaintainable and inflexible. This creates more problems than it solves. Retool-like solutions are great for their simplicity and flexibility, but they can also be limited in different ways compared to frameworks like React/Vue. An all-in-one IDE to create internal or customer-facing apps. A place to create, build and share building blocks of web applications. A domain-specific language that UI-configurable block is the first-class citizen. Openblocks is open-source. You don't need to worry about vendor lock-in or being stuck with an outdated version of the software. -
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
10
NanoClaw
A lightweight alternative to Clawdbot / OpenClaw
Nanoclaw is a lightweight, security-focused personal agent runtime designed as a slimmer alternative to larger “personal assistant” agent stacks, with an emphasis on being easy to audit and safe by default. It runs agent execution inside Apple containers to provide strong isolation boundaries, so individual chats and actions can be sandboxed with tighter filesystem and process separation than a typical single-process bot. The project connects directly to WhatsApp, letting you deploy an assistant that can chat in a familiar interface while still supporting real agent behaviors instead of simple call-and-response prompts. It includes memory so the assistant can retain important context across interactions, enabling more consistent follow-through on ongoing tasks. It also supports scheduled jobs, making it suitable for recurring reminders, periodic automations, and timed workflows without needing an external orchestrator. -
11
Headlamp
A Kubernetes web UI that is fully-featured, user-friendly
Out of the box, Headlamp is a fully functional Kubernetes UI. By leveraging its powerful plugin system, builders can shape Headlamp to fit their bespoke use cases, products, and environments. Headlamp adapts not only to a user's cluster configuration (multiple or single clusters, permissions-based UI, etc.), but its powerful plugin system allows builders to customize the experience with new functionality that fits their products. Headlamp’s plugin system makes it possible to create custom experiences with minimal effort; add/extend views, customize branding, etc. Headlamp adapts to a user’s cluster permissions. It checks RBAC and displays actions like delete or edit only if the user has permission to do so. Keeping with Headlamp’s goal of supporting a fully customizable experience, it can be run as a web app, desktop app, or both. -
12
OWASP Juice Shop
Probably the most modern and sophisticated insecure web application
It can be used in security trainings, awareness demos, CTFs and as a guinea pig for security tools! Juice Shop encompasses vulnerabilities from the entire OWASP Top Ten along with many other security flaws found in real-world applications! Juice Shop is written in Node.js, Express and Angular. It was the first application written entirely in JavaScript listed in the OWASP VWA Directory. The application contains a vast number of hacking challenges of varying difficulty where the user is supposed to exploit the underlying vulnerabilities. The hacking progress is tracked on a scoreboard. Finding this scoreboard is actually one of the (easy) challenges! Apart from the hacker and awareness training use case, pentesting proxies or security scanners can use Juice Shop as a “guinea pig”-application to check how well their tools cope with JavaScript-heavy application frontends and REST APIs. -
13
OpenCTI
Open Cyber Threat Intelligence Platform
OpenCTI is a comprehensive open-source cyber threat intelligence platform designed to help organizations collect, structure, analyze, and share information about cyber threats. It provides a modern web application backed by a GraphQL API and a data model aligned with the STIX2 standard to ensure interoperability across the threat intelligence ecosystem. The platform enables teams to correlate technical indicators such as observables and TTPs with higher-level context like attribution and victimology, creating a unified intelligence knowledge base. OpenCTI is built to integrate with external tools including MISP, TheHive, and MITRE ATT&CK, allowing it to function as a central intelligence hub in security operations. Its design emphasizes traceability by linking intelligence objects back to their original sources and tracking confidence levels and temporal metadata. -
14
Shannon
Fully autonomous AI hacker to find actual exploits in your web apps
Shannon is an autonomous AI penetration testing system built to find and prove real, exploitable vulnerabilities in web applications rather than stopping at static warnings or best-guess alerts. It focuses on “proof by exploitation,” meaning it actively hunts for attack vectors in your code and then attempts to execute end-to-end exploits to demonstrate impact. The project blends source-aware analysis with automated web interaction so it can validate issues like injection flaws, authentication bypasses, and other exploitable paths in a way that resembles an actual attacker’s workflow. Instead of requiring you to manually reproduce findings, Shannon is designed to produce actionable evidence that a weakness can be weaponized, which helps teams prioritize what truly matters. It positions itself as a pre-attacker safety net, aiming to break your web app before someone else does and thereby reduce the gap between “potentially vulnerable” and “confirmed exploitable.” -
15
Buttercup Desktop
Cross-Platform Passwords & Secrets Vault
Buttercup for desktop is a beautifully-simple password manager designed to help manage your credentials. Buttercup uses very strong encryption to protect your sensitive details under a single master password - Feel free to use stronger and more complex passwords for each service and let Buttercup store them securely. Buttercup is free to download and use and is available for Windows, Mac and Linux. Use it alongside the browser extension and mobile app for a completely portable experience. Strong 256bit AES encrypted vaults that meet today's security standards. Rest assured that your credentials are safe. Easy-to-use interfaces with basic concepts make storing and finding your login details a piece of cake. Buttercup's software is free to download and use, forever. It's also available for all major platforms. -
16
Flowsint
Graph-based OSINT investigation platform w visual relationship mapping
Flowsint is an open source OSINT investigation platform designed to help analysts explore and understand relationships between digital entities through a visual graph interface. The platform focuses on reconnaissance and open source intelligence workflows, enabling investigators to map connections between domains, IP addresses, organizations, individuals, and other data points. By presenting these relationships in an interactive graph, Flowsint allows users to quickly identify patterns, associations, and investigative leads that might be difficult to detect through traditional data analysis methods. The system includes automated enrichers that gather additional intelligence about entities such as domain records, social media profiles, network infrastructure, and cryptocurrency activity. Its modular architecture separates the frontend application, API server, core services, and enrichment modules, making the platform extensible and easier to expand with new investigative capabilities. -
17
Mitaka
Browser extension for fast OSINT searches and IOC investigation
Mitaka is a browser extension designed to streamline Open Source Intelligence (OSINT) investigations by enabling quick searches and scans directly from the browser. It allows security researchers, analysts, and investigators to easily examine various indicators of compromise (IoCs) such as IP addresses, domains, URLs, hashes, email addresses, and more. Instead of manually copying and pasting suspicious indicators into multiple intelligence platforms, users can simply highlight a value on any webpage and access multiple OSINT services through a context menu. Mitaka automatically detects the type of indicator and generates appropriate search options for relevant threat intelligence services. Mitaka also includes a refanging capability that converts obfuscated indicators, such as example[.]com or hxxp://example.com, into valid formats that can be analyzed immediately. -
18
uBlacklist
Blocks specific sites from appearing in Google search results
uBlacklist is a Google Search filter for Chrome and Firefox. uBlacklist requires many site permissions on install. They are necessary to support all domains where Google Search is provided (google.com, google.ac, google.ad, ...). You can install uBlacklist from Chrome Web Store, Firefox Add-ons or Mac App Store. To block a site that you are looking at from appearing on the search result page, click the toolbar icon. A "Block this site" dialog will be shown. In recent versions of Chrome, the toolbar icon may be hidden by default. If so, first click the puzzle piece icon. To see and edit blocked sites, open the options page. It can be accessed from the toolbar icon. Blocked sites are displayed on the top of the options page. After editing them, don't forget to press the "Save" button. -
19
Infisical
Infisical is the open-source platform for secrets management, PKI
Infisical is an open-source, all-in-one platform for managing secrets, certificates, and privileged access. It delivers modern security workflows like secrets rotation, dynamic credentials, role-based access control, and SSH certificate-based access—tailored for development and infrastructure teams. Manage secrets across projects and environments (e.g. development, production, etc.) through a user-friendly interface. Sync secrets to platforms like GitHub, Vercel, AWS, and use tools like Terraform, Ansible, and more. Keep track of every secret and project state; roll back when needed. Deliver secrets to your Kubernetes workloads and automatically reload deployments. -
20
React Native Auth0
React Native toolkit for Auth0 API
With a few lines of code, you can have Auth0 integrated into any app written in any language, and any framework. We provide 30+ SDKs & Quickstarts to help you succeed in your implementation. Enable user collaboration and granular access control in your applications with easy-to-use APIs. From improving customer experience through seamless sign-on to making MFA as easy as a click of a button, your login box must find the right balance between user convenience, privacy and security. That’s why Okta and Auth0 have joined forces. Because we know together we can help you build a better solution for Customer Identity (CIAM) that will reduce security and compliance risks, improve your UX, and help your developers maximize their time. -
21
Domain Digger
Domain analysis toolkit for DNS, IP, and WHOIS lookups
Domain Digger is an open source toolkit designed to help users analyze and explore domain-related information in a structured and visual way. It provides a centralized interface for investigating various technical details associated with a domain, including DNS records, IP information, and WHOIS data. By combining several domain intelligence features into a single platform, it simplifies the process of gathering and understanding domain infrastructure details. Domain Digger presents domain information through organized views and visual components, making it easier to interpret relationships between domains, DNS records, and network addresses. This can be useful for developers, security researchers, system administrators, and anyone working with domain infrastructure. Domain Digger aims to streamline domain analysis workflows by offering quick lookups and consolidated data sources in one environment. -
22
FingerprintJS Server API Node.js SDK
Node.js wrapper for FingerprintJS Server API
Node.js wrapper for FingerprintJS Server API. This SDK might be also compatible, however not actively tested, with JavaScript "edge" runtimes that do not support all Node APIs, for example, Vercel Edge Runtime, or Cloudflare Workers. To make it work, replace the SDK's built-in fetch function (which relies on Node APIs) with the runtime's native fetch function. -
23
Global Threat & Event Intelligence Map
Interactive map for exploring global conflicts & geopolitical threats
GlobalThreatMap is an open source web application designed to visualize geopolitical events, conflicts, and military activity around the world on an interactive map. It helps users explore ongoing wars, international tensions, military base locations, and historical conflict data across different countries. It aggregates and processes global event information and presents it geographically so users can quickly understand where significant geopolitical developments are occurring. GlobalThreatMap is built to assist researchers, analysts, and curious users who want a clearer view of global security dynamics. Users can browse event feeds, investigate country-level conflicts, and explore geopolitical entities directly from the interface. It also supports both self-hosted deployments and an authenticated mode using the Valyu platform for accessing additional data features. -
24
Prymitive karma
Alert dashboard for Prometheus Alertmanager
Alertmanager UI is useful for browsing alerts and managing silences, but it's lacking as a dashboard tool - karma aims to fill this gap. Karma is an alert dashboard for managing Prometheus Alertmanager alerts, allowing users to filter, group, and silence alerts for better incident management. -
25
Yank Note
A Hackable Markdown Note Application for Programmers
A Hackable Markdown Note Application for Programmers. Version control, AI completion, mind map, documents encryption, code snippet running, integrated terminal, chart embedding, HTML applets, Reveal.js, plug-in, and macro replacement. Use Monaco kernel, optimize for Markdown editing, and have the same editing experience as VSCode. Support version control; Applets, runnable code blocks, tables, PlantUML, Drawio, macro replacements, etc., can be embedded in the document; support for OpenAI auto-completion. Data is saved as local Markdown files, and the extension functions are implemented in the original syntax of Markdown as far as possible. Support users to write their own plug-ins to expand the functionality of the editor. Use encryption to save private files such as account number, and the password can be set separately for each file.
