Description:
rep+ is a Burp-style HTTP Repeater Chrome DevTools extension with AI-powered explanations and attack-scenario generation for testing web applications.
Security
Malcolm
Description:
Malcolm is a powerful, easily deployable open-source network traffic analysis toolkit that ingests PCAPs, Zeek logs, and Suricata alerts; it provides OpenSearch Dashboards and Arkime interfaces for analysis, enrichment, and incident response in containerized deployments.
Proximity
Description:
Proximity is an MCP security scanner powered with NOVA that discovers tools, prompts, and resources on MCP servers, with NOVA-based security analysis.
Octelium
Description:
Octelium is a free, open-source, self-hosted zero-trust secure access platform that unifies human and workload access to internal resources, microservices, AI workloads, and SaaS, offering both client-based VPN and client-less BeyondCorp access with ABAC policy-driven control.
Infisical
Description:
Infisical is an open-source platform for secrets, certificates, and privileged access management, enabling secure secret storage, rotation, PKI, and access governance across teams and infrastructure.
Maltrail
Description:
Maltrail is a malicious traffic detection system that uses public blacklists and heuristics to detect suspicious network activity; it uses a sensor-server architecture and is implemented in Python.
Syft
Description:
Syft is a CLI tool and library for generating SBOMs from container images, filesystems, and other artifacts; exports to SPDX/CycloneDX formats and integrates with Grype for vulnerability scanning.
Grype
Description:
A vulnerability scanner for container images and filesystems; scans SBOMs and images to identify known vulnerabilities, integrates with Syft and OpenVEX for composable, auditable results.
SpiderFoot
Description:
SpiderFoot is an open source intelligence (OSINT) automation tool. It integrates with just about every data source available and utilises a range of methods for data analysis, making that data easy to navigate.
SpiderFoot has an embedded web-server for providing a clean and intuitive web-based interface but can also be used completely via the command-line. It’s written in Python 3 and MIT-licensed.
fnox
Description:
encrypted/remote secret manager. A cross-platform toolset for securely storing and retrieving secrets, with support for age encryption and cloud secret managers (AWS, Azure, GCP), plus OS Keychain and shell integration to load secrets on demand.