Open Source TypeScript Security Software

TypeScript Security Software

View 5915 business solutions

Browse free open source TypeScript Security Software and projects below. Use the toggles on the left to filter open source TypeScript Security Software by OS, license, language, programming language, and project status.

  • Train ML Models With SQL You Already Know Icon
    Train ML Models With SQL You Already Know

    BigQuery automates data prep, analysis, and predictions with built-in AI assistance.

    Build and deploy ML models using familiar SQL. Automate data prep with built-in Gemini. Query 1 TB and store 10 GB free monthly.
    Try Free
  • Go from Code to Production URL in Seconds Icon
    Go from Code to Production URL in Seconds

    Cloud Run deploys apps in any language instantly. Scales to zero. Pay only when code runs.

    Skip the Kubernetes configs. Cloud Run handles HTTPS, scaling, and infrastructure automatically. Two million requests free per month.
    Try it free
  • 1
    World Monitor

    World Monitor

    Real-time global intelligence dashboard

    World Monitor is an open-source real-time intelligence dashboard that aggregates global news, geopolitical signals, and infrastructure data into a unified situational awareness interface. Built primarily with TypeScript and modern web technologies, the project aims to reduce information fragmentation by consolidating hundreds of curated feeds into a single interactive environment. The platform emphasizes geospatial context through features such as interactive maps and a 3D WebGL globe, enabling users to visualize global events dynamically. It incorporates AI-assisted summarization and local LLM support to help users process large volumes of information more efficiently. The application can run as a native desktop app or progressive web app, reflecting a focus on accessibility and offline-capable intelligence workflows. Overall, worldmonitor positions itself as a free OSINT-style monitoring hub for analysts, researchers, and anyone needing real-time global awareness.
    Downloads: 53 This Week
    Last Update:
    See Project
  • 2
    FlareSolverr

    FlareSolverr

    Proxy server to bypass Cloudflare protection

    FlareSolverr is a proxy server to bypass Cloudflare and DDoS-GUARD protection. FlareSolverr starts a proxy server, and it waits for user requests in an idle state using few resources. When some request arrives, it uses puppeteer with the stealth plugin to create a headless browser (Firefox). It opens the URL with user parameters and waits until the Cloudflare challenge is solved (or timeout). The HTML code and the cookies are sent back to the user, and those cookies can be used to bypass Cloudflare using other HTTP clients. Web browsers consume a lot of memory. If you are running FlareSolverr on a machine with few RAM, do not make many requests at once. With each request, a new browser is launched. It is also possible to use a permanent session. However, if you use sessions, you should make sure to close them as soon as you are done using them. It is recommended to install using a Docker container because the project depends on an external browser that is already included.
    Downloads: 50 This Week
    Last Update:
    See Project
  • 3
    NanoClaw

    NanoClaw

    A lightweight alternative to Clawdbot / OpenClaw

    Nanoclaw is a lightweight, security-focused personal agent runtime designed as a slimmer alternative to larger “personal assistant” agent stacks, with an emphasis on being easy to audit and safe by default. It runs agent execution inside Apple containers to provide strong isolation boundaries, so individual chats and actions can be sandboxed with tighter filesystem and process separation than a typical single-process bot. The project connects directly to WhatsApp, letting you deploy an assistant that can chat in a familiar interface while still supporting real agent behaviors instead of simple call-and-response prompts. It includes memory so the assistant can retain important context across interactions, enabling more consistent follow-through on ongoing tasks. It also supports scheduled jobs, making it suitable for recurring reminders, periodic automations, and timed workflows without needing an external orchestrator.
    Downloads: 37 This Week
    Last Update:
    See Project
  • 4
    Flowsint

    Flowsint

    Graph-based OSINT investigation platform w visual relationship mapping

    Flowsint is an open source OSINT investigation platform designed to help analysts explore and understand relationships between digital entities through a visual graph interface. The platform focuses on reconnaissance and open source intelligence workflows, enabling investigators to map connections between domains, IP addresses, organizations, individuals, and other data points. By presenting these relationships in an interactive graph, Flowsint allows users to quickly identify patterns, associations, and investigative leads that might be difficult to detect through traditional data analysis methods. The system includes automated enrichers that gather additional intelligence about entities such as domain records, social media profiles, network infrastructure, and cryptocurrency activity. Its modular architecture separates the frontend application, API server, core services, and enrichment modules, making the platform extensible and easier to expand with new investigative capabilities.
    Downloads: 26 This Week
    Last Update:
    See Project
  • Secure File Transfer for Windows with Cerberus by Redwood Icon
    Secure File Transfer for Windows with Cerberus by Redwood

    Protect and share files over FTP/S, SFTP, HTTPS and SCP with the #1 rated Windows file transfer server.

    Cerberus supports unlimited users and connections on a single IP, with built-in encryption, 2FA, and a browser-based web client — all deployable in under 15 minutes with a 25-day free trial.
    Try for Free
  • 5
    Shannon

    Shannon

    Fully autonomous AI hacker to find actual exploits in your web apps

    Shannon is an autonomous AI penetration testing system built to find and prove real, exploitable vulnerabilities in web applications rather than stopping at static warnings or best-guess alerts. It focuses on “proof by exploitation,” meaning it actively hunts for attack vectors in your code and then attempts to execute end-to-end exploits to demonstrate impact. The project blends source-aware analysis with automated web interaction so it can validate issues like injection flaws, authentication bypasses, and other exploitable paths in a way that resembles an actual attacker’s workflow. Instead of requiring you to manually reproduce findings, Shannon is designed to produce actionable evidence that a weakness can be weaponized, which helps teams prioritize what truly matters. It positions itself as a pre-attacker safety net, aiming to break your web app before someone else does and thereby reduce the gap between “potentially vulnerable” and “confirmed exploitable.”
    Downloads: 24 This Week
    Last Update:
    See Project
  • 6
    RedAmon

    RedAmon

    AI-powered framework for automated penetration testing and red teaming

    RedAmon is an AI-powered red team framework designed to automate offensive cybersecurity operations from reconnaissance to exploitation and post-exploitation. It combines artificial intelligence with traditional penetration testing tools to create a fully autonomous pipeline capable of discovering vulnerabilities and executing security assessments without human intervention. It begins with a multi-phase reconnaissance engine that maps the entire attack surface of a target, collecting information such as subdomains, open ports, services, and potential vulnerabilities. RedAmon then uses an AI agent orchestrator to analyze this data, select appropriate tools, and perform exploitation steps such as credential brute forcing or CVE-based attacks. All discovered assets, relationships, and vulnerabilities are stored in a Neo4j knowledge graph, allowing the system to reason about the environment and make informed decisions during the attack process.
    Downloads: 18 This Week
    Last Update:
    See Project
  • 7
    T3MP3ST

    T3MP3ST

    Autonomous red teaming platform

    T3MP3ST is a multi-agent offensive security framework for authorized red-team research, CTFs, and security education. It wraps an existing AI coding agent with orchestration for reconnaissance, exploit exploration, validation, and reporting. The project can work through a browser War Room or CLI while relying on agents such as Claude Code, Codex, Hermes, or locally hosted models. It emphasizes reproducible benchmark claims, keyless operation, and a clear status table that separates stable capabilities from experimental or roadmap work. Its stated target areas include web apps, CTF challenges, source-code review, OSS vulnerability hunting, smart contracts, and embedded or robotics research. Because it automates offensive workflows, it must only be used on systems where the user has explicit written permission.
    Downloads: 17 This Week
    Last Update:
    See Project
  • 8
    OWASP Juice Shop

    OWASP Juice Shop

    Probably the most modern and sophisticated insecure web application

    It can be used in security trainings, awareness demos, CTFs and as a guinea pig for security tools! Juice Shop encompasses vulnerabilities from the entire OWASP Top Ten along with many other security flaws found in real-world applications! Juice Shop is written in Node.js, Express and Angular. It was the first application written entirely in JavaScript listed in the OWASP VWA Directory. The application contains a vast number of hacking challenges of varying difficulty where the user is supposed to exploit the underlying vulnerabilities. The hacking progress is tracked on a scoreboard. Finding this scoreboard is actually one of the (easy) challenges! Apart from the hacker and awareness training use case, pentesting proxies or security scanners can use Juice Shop as a “guinea pig”-application to check how well their tools cope with JavaScript-heavy application frontends and REST APIs.
    Downloads: 16 This Week
    Last Update:
    See Project
  • 9
    React Native Auth0

    React Native Auth0

    React Native toolkit for Auth0 API

    With a few lines of code, you can have Auth0 integrated into any app written in any language, and any framework. We provide 30+ SDKs & Quickstarts to help you succeed in your implementation. Enable user collaboration and granular access control in your applications with easy-to-use APIs. From improving customer experience through seamless sign-on to making MFA as easy as a click of a button, your login box must find the right balance between user convenience, privacy and security. That’s why Okta and Auth0 have joined forces. Because we know together we can help you build a better solution for Customer Identity (CIAM) that will reduce security and compliance risks, improve your UX, and help your developers maximize their time.
    Downloads: 16 This Week
    Last Update:
    See Project
  • Our Free Plans just got better! | Auth0 Icon
    Our Free Plans just got better! | Auth0

    With up to 25k MAUs and unlimited Okta connections, our Free Plan lets you focus on what you do best—building great apps.

    You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
    Try free now
  • 10
    apk-mitm

    apk-mitm

    Application that automatically prepares Android APK files for HTTPS

    Inspecting a mobile app's HTTPS traffic using a proxy is probably the easiest way to figure out how it works. However, with the Network Security Configuration introduced in Android 7 and app developers trying to prevent MITM attacks using certificate pinning, getting an app to work with an HTTPS proxy has become quite tedious.
    Downloads: 15 This Week
    Last Update:
    See Project
  • 11
    Headlamp

    Headlamp

    A Kubernetes web UI that is fully-featured, user-friendly

    Out of the box, Headlamp is a fully functional Kubernetes UI. By leveraging its powerful plugin system, builders can shape Headlamp to fit their bespoke use cases, products, and environments. Headlamp adapts not only to a user's cluster configuration (multiple or single clusters, permissions-based UI, etc.), but its powerful plugin system allows builders to customize the experience with new functionality that fits their products. Headlamp’s plugin system makes it possible to create custom experiences with minimal effort; add/extend views, customize branding, etc. Headlamp adapts to a user’s cluster permissions. It checks RBAC and displays actions like delete or edit only if the user has permission to do so. Keeping with Headlamp’s goal of supporting a fully customizable experience, it can be run as a web app, desktop app, or both.
    Downloads: 12 This Week
    Last Update:
    See Project
  • 12
    Tamper Dev

    Tamper Dev

    Extension that allows you to intercept and edit HTTP/HTTPS requests

    If you are a developer, you can use Tamper Dev to debug your websites, or if you are a pentester, you can use it to search for security vulnerabilities by inspecting the HTTP traffic from your browser. Unlike most other extensions, Tamper Dev allows you to intercept, inspect and modify the requests before they are sent to the server. This extension provides functionality similar to Burp Proxy, MITM Proxy, OWASP ZAP, Tamper Data, and Postman Proxy, but without the need of additional software, with full support of HTTPS connections, and trivial to set-up (just install).
    Downloads: 12 This Week
    Last Update:
    See Project
  • 13
    Infisical

    Infisical

    Infisical is the open-source platform for secrets management, PKI

    Infisical is an open-source, all-in-one platform for managing secrets, certificates, and privileged access. It delivers modern security workflows like secrets rotation, dynamic credentials, role-based access control, and SSH certificate-based access—tailored for development and infrastructure teams. Manage secrets across projects and environments (e.g. development, production, etc.) through a user-friendly interface. Sync secrets to platforms like GitHub, Vercel, AWS, and use tools like Terraform, Ansible, and more. Keep track of every secret and project state; roll back when needed. Deliver secrets to your Kubernetes workloads and automatically reload deployments.
    Downloads: 11 This Week
    Last Update:
    See Project
  • 14
    Mitaka

    Mitaka

    Browser extension for fast OSINT searches and IOC investigation

    Mitaka is a browser extension designed to streamline Open Source Intelligence (OSINT) investigations by enabling quick searches and scans directly from the browser. It allows security researchers, analysts, and investigators to easily examine various indicators of compromise (IoCs) such as IP addresses, domains, URLs, hashes, email addresses, and more. Instead of manually copying and pasting suspicious indicators into multiple intelligence platforms, users can simply highlight a value on any webpage and access multiple OSINT services through a context menu. Mitaka automatically detects the type of indicator and generates appropriate search options for relevant threat intelligence services. Mitaka also includes a refanging capability that converts obfuscated indicators, such as example[.]com or hxxp://example.com, into valid formats that can be analyzed immediately.
    Downloads: 11 This Week
    Last Update:
    See Project
  • 15
    uBlacklist

    uBlacklist

    Blocks specific sites from appearing in Google search results

    uBlacklist is a Google Search filter for Chrome and Firefox. uBlacklist requires many site permissions on install. They are necessary to support all domains where Google Search is provided (google.com, google.ac, google.ad, ...). You can install uBlacklist from Chrome Web Store, Firefox Add-ons or Mac App Store. To block a site that you are looking at from appearing on the search result page, click the toolbar icon. A "Block this site" dialog will be shown. In recent versions of Chrome, the toolbar icon may be hidden by default. If so, first click the puzzle piece icon. To see and edit blocked sites, open the options page. It can be accessed from the toolbar icon. Blocked sites are displayed on the top of the options page. After editing them, don't forget to press the "Save" button.
    Downloads: 11 This Week
    Last Update:
    See Project
  • 16
    FingerprintJS

    FingerprintJS

    Browser fingerprinting library

    FingerprintJS is a source-available, client-side, browser fingerprinting library that queries browser attributes and computes a hashed visitor identifier from them. Unlike cookies and local storage, a fingerprint stays the same in incognito/private mode and even when browser data is purged. Since FingerprintJS processes and generates the fingerprints from within the browser itself, the accuracy is limited (40% - 60%). For example, when 2 different users send requests using identical (i.e. same version, same vendor, same platform), browsers, FingerprintJS will not be able to tell these two browsers apart, primarily because the attribitutes from these browsers will be identical. Fingerprint Identification is a closed-source, commercial device identification product designed for fraud detection, device identification, marketing attribution, and analytics.
    Downloads: 9 This Week
    Last Update:
    See Project
  • 17
    OpenCTI

    OpenCTI

    Open Cyber Threat Intelligence Platform

    OpenCTI is a comprehensive open-source cyber threat intelligence platform designed to help organizations collect, structure, analyze, and share information about cyber threats. It provides a modern web application backed by a GraphQL API and a data model aligned with the STIX2 standard to ensure interoperability across the threat intelligence ecosystem. The platform enables teams to correlate technical indicators such as observables and TTPs with higher-level context like attribution and victimology, creating a unified intelligence knowledge base. OpenCTI is built to integrate with external tools including MISP, TheHive, and MITRE ATT&CK, allowing it to function as a central intelligence hub in security operations. Its design emphasizes traceability by linking intelligence objects back to their original sources and tracking confidence levels and temporal metadata.
    Downloads: 8 This Week
    Last Update:
    See Project
  • 18
    OSIRIS

    OSIRIS

    Open Source Global Intelligence Platform

    OSIRIS is an open-source global intelligence platform for real-time situational awareness across multiple data domains. It is designed as a web dashboard that brings together aviation, maritime, CCTV, seismic, fire, weather, space, news, and cyber-related data into one interface. The project uses modern web technologies to render large numbers of entities visually and interactively on maps and dashboards. It positions itself as a transparent alternative to closed intelligence platforms by aggregating public and open-source feeds. Osiris is useful for analysts, researchers, journalists, and technical teams who need a unified view of fast-changing global events. Its main value is combining many OSINT streams into a single operational picture instead of forcing users to monitor separate tools.
    Downloads: 7 This Week
    Last Update:
    See Project
  • 19
    OTPLib

    OTPLib

    One Time Password (OTP) / 2FA for Node.js and Browser

    A JavaScript library for generating and verifying one-time passwords (TOTP/HOTP), commonly used for two-factor authentication (2FA).
    Downloads: 7 This Week
    Last Update:
    See Project
  • 20
    Prymitive karma

    Prymitive karma

    Alert dashboard for Prometheus Alertmanager

    Alertmanager UI is useful for browsing alerts and managing silences, but it's lacking as a dashboard tool - karma aims to fill this gap. Karma is an alert dashboard for managing Prometheus Alertmanager alerts, allowing users to filter, group, and silence alerts for better incident management.
    Downloads: 7 This Week
    Last Update:
    See Project
  • 21
    Amplication

    Amplication

    Amplication is an open‑source development tool

    Amplication is an open‑source development tool. It helps you develop quality Node.js applications without spending time on repetitive coding tasks. Easily create data models and configure role‑based access control with a simple and intuitive UI or CLI. Continuously push the generated application to your GitHub repository. Get a Docker container with your database, a Node.js application, and a React client. Generated apps include NestJS, Prisma, REST & GraphQL API, a React admin UI, logging, authentication, and authorization. Safely customize your generated app Node.js code using your favorite IDE. Decide whether to download the app within a Docker container that’s ready for deployment or to deploy to the Amplication cloud. At any point you’re free to download the source code and continue development elsewhere. We are a group of creators who love open‑source and low‑code. We believe that low‑code application development will evolve into a modern‑day programming language.
    Downloads: 6 This Week
    Last Update:
    See Project
  • 22
    Buttercup Desktop

    Buttercup Desktop

    Cross-Platform Passwords & Secrets Vault

    Buttercup for desktop is a beautifully-simple password manager designed to help manage your credentials. Buttercup uses very strong encryption to protect your sensitive details under a single master password - Feel free to use stronger and more complex passwords for each service and let Buttercup store them securely. Buttercup is free to download and use and is available for Windows, Mac and Linux. Use it alongside the browser extension and mobile app for a completely portable experience. Strong 256bit AES encrypted vaults that meet today's security standards. Rest assured that your credentials are safe. Easy-to-use interfaces with basic concepts make storing and finding your login details a piece of cake. Buttercup's software is free to download and use, forever. It's also available for all major platforms.
    Downloads: 6 This Week
    Last Update:
    See Project
  • 23
    Hemmelig

    Hemmelig

    Keep your sensitive information out of chat logs, emails, and more

    Hemmelig is a privacy-focused secret sharing service that lets users securely share sensitive information like passwords, API keys, private notes, or confidential links using client-side encryption so that the server never sees unencrypted data. It operates with a zero-knowledge architecture: all encryption and decryption happen in the browser, and only encrypted blobs are transmitted to and stored on the server, reducing the risk of leaks or unauthorized access. Users can generate shareable links with optional expiration times, view limits, and password protection to tailor how and when secrets are consumed, and links automatically expire or self-destruct after use to prevent reuse or exposure. The platform supports easy deployment via Docker or hosted options, making it practical for individuals, teams, or enterprises that want to safeguard secrets without relying on third-party storage.
    Downloads: 6 This Week
    Last Update:
    See Project
  • 24
    Kubernetes Dashboard

    Kubernetes Dashboard

    General-purpose web UI for Kubernetes clusters

    Kubernetes Dashboard is a general purpose, web-based UI for Kubernetes clusters. It allows users to manage applications running in the cluster and troubleshoot them, as well as manage the cluster itself. To access Dashboard from your local workstation you must create a secure channel to your Kubernetes cluster. Kubeconfig Authentication method does not support external identity providers or certificate-based authentication. Metrics-Server has to be running in the cluster for the metrics and graphs to be available. Make sure that you know what you are doing before proceeding. Granting admin privileges to Dashboard's Service Account might be a security risk. In most cases after provisioning cluster using kops, kubeadm or any other popular tool, the ClusterRole cluster-admin already exists in the cluster. We can use it and create only ClusterRoleBinding for our ServiceAccount. If it does not exist then you need to create this role first and grant required privileges manually.
    Downloads: 6 This Week
    Last Update:
    See Project
  • 25
    Leapp

    Leapp

    Leapp is the DevTool to access your cloud

    Let Leapp manage your Cloud credentials locally. Improve your workflow with the only open-source desktop app and CLI you’ll ever need. Your all-in-one solution to assign IAM Cloud access across teams. Cloud credentials are available with a click. Data stored locally encrypted in your System Vault. Work with your Cloud Identities from a single place. Automatic temporary Cloud credentials generation and rotation. Pick your Cloud Provider to add a Leapp Session. Choose from supported access methods or leverage your federated identity with SAML 2.0 compliant identity providers. Automatically provision your sessions from AWS Single Sign-On via Leapp Integration. Start your Session, and Leapp will automatically generate secure short-lived credentials for you. All sensitive data are stored in your local System Vault and used only when needed to provide best-in-class security.
    Downloads: 6 This Week
    Last Update:
    See Project
  • Previous
  • You're on page 1
  • 2
  • 3
  • 4
  • Next
Auth0 Logo