Open Source TypeScript Security Software
Sort By:
TypeScript Security Software
View 5809 business solutionsBrowse free open source TypeScript Security Software and projects below. Use the toggles on the left to filter open source TypeScript Security Software by OS, license, language, programming language, and project status.
-
Get full visibility and control over your tasks and projects with Wrike.Wrike offers world-class features that empower cross-functional, distributed, or growing teams take their projects from the initial request stage all the way to tracking work progress and reporting results.
-
JS7 JobScheduler is an open source workload automation solution.JS7 JobScheduler is an open source workload automation solution. It is used to run executable files, shell scripts etc. and database procedures.
-
1
World Monitor
Real-time global intelligence dashboard
World Monitor is an open-source real-time intelligence dashboard that aggregates global news, geopolitical signals, and infrastructure data into a unified situational awareness interface. Built primarily with TypeScript and modern web technologies, the project aims to reduce information fragmentation by consolidating hundreds of curated feeds into a single interactive environment. The platform emphasizes geospatial context through features such as interactive maps and a 3D WebGL globe, enabling users to visualize global events dynamically. It incorporates AI-assisted summarization and local LLM support to help users process large volumes of information more efficiently. The application can run as a native desktop app or progressive web app, reflecting a focus on accessibility and offline-capable intelligence workflows. Overall, worldmonitor positions itself as a free OSINT-style monitoring hub for analysts, researchers, and anyone needing real-time global awareness. -
2
Aviator Predictor
Aviator hack: seed-inspection of aviator crash predictor & aviator app
Our downloadable SHA256 analysis tool powers the Aviator predictor, Aviator predictor app, and aviator crash predictor. Available for desktop, it’s designed for research, fairness verification, and safe demo testing Demo-focused aviator predictor tools — seed-inspection helpers (SHA-512 / SHA-256), AI-assisted summaries, and demo bot templates for aviator crash predictor, Start in demo mode to test safely. Disclaimer: Provided for analytical and testing purposes only. No predictive guarantees or gameplay assurances. -
3
FlareSolverr
Proxy server to bypass Cloudflare protection
FlareSolverr is a proxy server to bypass Cloudflare and DDoS-GUARD protection. FlareSolverr starts a proxy server, and it waits for user requests in an idle state using few resources. When some request arrives, it uses puppeteer with the stealth plugin to create a headless browser (Firefox). It opens the URL with user parameters and waits until the Cloudflare challenge is solved (or timeout). The HTML code and the cookies are sent back to the user, and those cookies can be used to bypass Cloudflare using other HTTP clients. Web browsers consume a lot of memory. If you are running FlareSolverr on a machine with few RAM, do not make many requests at once. With each request, a new browser is launched. It is also possible to use a permanent session. However, if you use sessions, you should make sure to close them as soon as you are done using them. It is recommended to install using a Docker container because the project depends on an external browser that is already included. -
4
Kubernetes Dashboard
General-purpose web UI for Kubernetes clusters
Kubernetes Dashboard is a general purpose, web-based UI for Kubernetes clusters. It allows users to manage applications running in the cluster and troubleshoot them, as well as manage the cluster itself. To access Dashboard from your local workstation you must create a secure channel to your Kubernetes cluster. Kubeconfig Authentication method does not support external identity providers or certificate-based authentication. Metrics-Server has to be running in the cluster for the metrics and graphs to be available. Make sure that you know what you are doing before proceeding. Granting admin privileges to Dashboard's Service Account might be a security risk. In most cases after provisioning cluster using kops, kubeadm or any other popular tool, the ClusterRole cluster-admin already exists in the cluster. We can use it and create only ClusterRoleBinding for our ServiceAccount. If it does not exist then you need to create this role first and grant required privileges manually. -
Kinetic Software - Epicor ERPGrow, thrive, and compete in a global marketplace with Kinetic—an industry-tailored, cognitive ERP that helps you work smarter and stay connected.
-
5
Flowsint
Graph-based OSINT investigation platform w visual relationship mapping
Flowsint is an open source OSINT investigation platform designed to help analysts explore and understand relationships between digital entities through a visual graph interface. The platform focuses on reconnaissance and open source intelligence workflows, enabling investigators to map connections between domains, IP addresses, organizations, individuals, and other data points. By presenting these relationships in an interactive graph, Flowsint allows users to quickly identify patterns, associations, and investigative leads that might be difficult to detect through traditional data analysis methods. The system includes automated enrichers that gather additional intelligence about entities such as domain records, social media profiles, network infrastructure, and cryptocurrency activity. Its modular architecture separates the frontend application, API server, core services, and enrichment modules, making the platform extensible and easier to expand with new investigative capabilities. -
6
OWASP Juice Shop
Probably the most modern and sophisticated insecure web application
It can be used in security trainings, awareness demos, CTFs and as a guinea pig for security tools! Juice Shop encompasses vulnerabilities from the entire OWASP Top Ten along with many other security flaws found in real-world applications! Juice Shop is written in Node.js, Express and Angular. It was the first application written entirely in JavaScript listed in the OWASP VWA Directory. The application contains a vast number of hacking challenges of varying difficulty where the user is supposed to exploit the underlying vulnerabilities. The hacking progress is tracked on a scoreboard. Finding this scoreboard is actually one of the (easy) challenges! Apart from the hacker and awareness training use case, pentesting proxies or security scanners can use Juice Shop as a “guinea pig”-application to check how well their tools cope with JavaScript-heavy application frontends and REST APIs. -
7
Headlamp
A Kubernetes web UI that is fully-featured, user-friendly
Out of the box, Headlamp is a fully functional Kubernetes UI. By leveraging its powerful plugin system, builders can shape Headlamp to fit their bespoke use cases, products, and environments. Headlamp adapts not only to a user's cluster configuration (multiple or single clusters, permissions-based UI, etc.), but its powerful plugin system allows builders to customize the experience with new functionality that fits their products. Headlamp’s plugin system makes it possible to create custom experiences with minimal effort; add/extend views, customize branding, etc. Headlamp adapts to a user’s cluster permissions. It checks RBAC and displays actions like delete or edit only if the user has permission to do so. Keeping with Headlamp’s goal of supporting a fully customizable experience, it can be run as a web app, desktop app, or both. -
8
RedAmon
AI-powered framework for automated penetration testing and red teaming
RedAmon is an AI-powered red team framework designed to automate offensive cybersecurity operations from reconnaissance to exploitation and post-exploitation. It combines artificial intelligence with traditional penetration testing tools to create a fully autonomous pipeline capable of discovering vulnerabilities and executing security assessments without human intervention. It begins with a multi-phase reconnaissance engine that maps the entire attack surface of a target, collecting information such as subdomains, open ports, services, and potential vulnerabilities. RedAmon then uses an AI agent orchestrator to analyze this data, select appropriate tools, and perform exploitation steps such as credential brute forcing or CVE-based attacks. All discovered assets, relationships, and vulnerabilities are stored in a Neo4j knowledge graph, allowing the system to reason about the environment and make informed decisions during the attack process. -
9
uBlacklist
Blocks specific sites from appearing in Google search results
uBlacklist is a Google Search filter for Chrome and Firefox. uBlacklist requires many site permissions on install. They are necessary to support all domains where Google Search is provided (google.com, google.ac, google.ad, ...). You can install uBlacklist from Chrome Web Store, Firefox Add-ons or Mac App Store. To block a site that you are looking at from appearing on the search result page, click the toolbar icon. A "Block this site" dialog will be shown. In recent versions of Chrome, the toolbar icon may be hidden by default. If so, first click the puzzle piece icon. To see and edit blocked sites, open the options page. It can be accessed from the toolbar icon. Blocked sites are displayed on the top of the options page. After editing them, don't forget to press the "Save" button. -
DataHub is the leading open-source data catalog helping teams discover, understand, and govern their data assets.Built on an open source foundation with a thriving community of 13,000+ members, DataHub gives you unmatched flexibility to customize and extend without vendor lock-in. DataHub Cloud is a modern metadata platform with REST and GraphQL APIs that optimize performance for complex queries, essential for AI-ready data management and ML lifecycle support.
-
10
Shannon
Fully autonomous AI hacker to find actual exploits in your web apps
Shannon is an autonomous AI penetration testing system built to find and prove real, exploitable vulnerabilities in web applications rather than stopping at static warnings or best-guess alerts. It focuses on “proof by exploitation,” meaning it actively hunts for attack vectors in your code and then attempts to execute end-to-end exploits to demonstrate impact. The project blends source-aware analysis with automated web interaction so it can validate issues like injection flaws, authentication bypasses, and other exploitable paths in a way that resembles an actual attacker’s workflow. Instead of requiring you to manually reproduce findings, Shannon is designed to produce actionable evidence that a weakness can be weaponized, which helps teams prioritize what truly matters. It positions itself as a pre-attacker safety net, aiming to break your web app before someone else does and thereby reduce the gap between “potentially vulnerable” and “confirmed exploitable.” -
11
Buttercup Desktop
Cross-Platform Passwords & Secrets Vault
Buttercup for desktop is a beautifully-simple password manager designed to help manage your credentials. Buttercup uses very strong encryption to protect your sensitive details under a single master password - Feel free to use stronger and more complex passwords for each service and let Buttercup store them securely. Buttercup is free to download and use and is available for Windows, Mac and Linux. Use it alongside the browser extension and mobile app for a completely portable experience. Strong 256bit AES encrypted vaults that meet today's security standards. Rest assured that your credentials are safe. Easy-to-use interfaces with basic concepts make storing and finding your login details a piece of cake. Buttercup's software is free to download and use, forever. It's also available for all major platforms. -
12
OTPLib
One Time Password (OTP) / 2FA for Node.js and Browser
A JavaScript library for generating and verifying one-time passwords (TOTP/HOTP), commonly used for two-factor authentication (2FA). -
13
Tamper Dev
Extension that allows you to intercept and edit HTTP/HTTPS requests
If you are a developer, you can use Tamper Dev to debug your websites, or if you are a pentester, you can use it to search for security vulnerabilities by inspecting the HTTP traffic from your browser. Unlike most other extensions, Tamper Dev allows you to intercept, inspect and modify the requests before they are sent to the server. This extension provides functionality similar to Burp Proxy, MITM Proxy, OWASP ZAP, Tamper Data, and Postman Proxy, but without the need of additional software, with full support of HTTPS connections, and trivial to set-up (just install). -
14
Yank Note
A Hackable Markdown Note Application for Programmers
A Hackable Markdown Note Application for Programmers. Version control, AI completion, mind map, documents encryption, code snippet running, integrated terminal, chart embedding, HTML applets, Reveal.js, plug-in, and macro replacement. Use Monaco kernel, optimize for Markdown editing, and have the same editing experience as VSCode. Support version control; Applets, runnable code blocks, tables, PlantUML, Drawio, macro replacements, etc., can be embedded in the document; support for OpenAI auto-completion. Data is saved as local Markdown files, and the extension functions are implemented in the original syntax of Markdown as far as possible. Support users to write their own plug-ins to expand the functionality of the editor. Use encryption to save private files such as account number, and the password can be set separately for each file. -
15
Mitaka
Browser extension for fast OSINT searches and IOC investigation
Mitaka is a browser extension designed to streamline Open Source Intelligence (OSINT) investigations by enabling quick searches and scans directly from the browser. It allows security researchers, analysts, and investigators to easily examine various indicators of compromise (IoCs) such as IP addresses, domains, URLs, hashes, email addresses, and more. Instead of manually copying and pasting suspicious indicators into multiple intelligence platforms, users can simply highlight a value on any webpage and access multiple OSINT services through a context menu. Mitaka automatically detects the type of indicator and generates appropriate search options for relevant threat intelligence services. Mitaka also includes a refanging capability that converts obfuscated indicators, such as example[.]com or hxxp://example.com, into valid formats that can be analyzed immediately. -
16
Global Threat & Event Intelligence Map
Interactive map for exploring global conflicts & geopolitical threats
GlobalThreatMap is an open source web application designed to visualize geopolitical events, conflicts, and military activity around the world on an interactive map. It helps users explore ongoing wars, international tensions, military base locations, and historical conflict data across different countries. It aggregates and processes global event information and presents it geographically so users can quickly understand where significant geopolitical developments are occurring. GlobalThreatMap is built to assist researchers, analysts, and curious users who want a clearer view of global security dynamics. Users can browse event feeds, investigate country-level conflicts, and explore geopolitical entities directly from the interface. It also supports both self-hosted deployments and an authenticated mode using the Valyu platform for accessing additional data features. -
17
Prymitive karma
Alert dashboard for Prometheus Alertmanager
Alertmanager UI is useful for browsing alerts and managing silences, but it's lacking as a dashboard tool - karma aims to fill this gap. Karma is an alert dashboard for managing Prometheus Alertmanager alerts, allowing users to filter, group, and silence alerts for better incident management. -
18
Arcjet
Arcjet JS SDKs. Rate limiting, bot protection, email verification
Arcjet helps developers protect their apps in just a few lines of code. Implement rate limiting, bot protection, email verification, and defense against common attacks. Native security for Bun, Next.js, Node.js, SvelteKit, Vercel, Netlify, Fly.io, and other modern platforms. Customizable protection for signup forms, login pages, API routes, and your whole app. Test security rules locally. Protection that works in every environment. No agent is required. -
19
FingerprintJS Server API Node.js SDK
Node.js wrapper for FingerprintJS Server API
Node.js wrapper for FingerprintJS Server API. This SDK might be also compatible, however not actively tested, with JavaScript "edge" runtimes that do not support all Node APIs, for example, Vercel Edge Runtime, or Cloudflare Workers. To make it work, replace the SDK's built-in fetch function (which relies on Node APIs) with the runtime's native fetch function. -
20
Situation Monitor
Real-time dashboard for monitoring global news and markets
Situation Monitor is an open-source real-time dashboard designed to aggregate and visualize global information streams related to news, financial markets, technology, and geopolitical developments. The project aims to provide a centralized situational awareness interface where users can observe multiple sources of high-signal information without constantly switching between separate applications or websites. Instead of functioning as a traditional news reader, the platform is designed more like an intelligence monitoring system that highlights important signals from diverse data feeds. The dashboard aggregates real-time updates about economic indicators, corporate developments, geopolitical events, and other macro-level signals that may influence markets or public discourse. Its architecture is implemented using modern frontend technologies, allowing data streams to update quickly while maintaining low resource consumption. -
21
FingerprintJS
Browser fingerprinting library
FingerprintJS is a source-available, client-side, browser fingerprinting library that queries browser attributes and computes a hashed visitor identifier from them. Unlike cookies and local storage, a fingerprint stays the same in incognito/private mode and even when browser data is purged. Since FingerprintJS processes and generates the fingerprints from within the browser itself, the accuracy is limited (40% - 60%). For example, when 2 different users send requests using identical (i.e. same version, same vendor, same platform), browsers, FingerprintJS will not be able to tell these two browsers apart, primarily because the attribitutes from these browsers will be identical. Fingerprint Identification is a closed-source, commercial device identification product designed for fraud detection, device identification, marketing attribution, and analytics. -
22
Leapp
Leapp is the DevTool to access your cloud
Let Leapp manage your Cloud credentials locally. Improve your workflow with the only open-source desktop app and CLI you’ll ever need. Your all-in-one solution to assign IAM Cloud access across teams. Cloud credentials are available with a click. Data stored locally encrypted in your System Vault. Work with your Cloud Identities from a single place. Automatic temporary Cloud credentials generation and rotation. Pick your Cloud Provider to add a Leapp Session. Choose from supported access methods or leverage your federated identity with SAML 2.0 compliant identity providers. Automatically provision your sessions from AWS Single Sign-On via Leapp Integration. Start your Session, and Leapp will automatically generate secure short-lived credentials for you. All sensitive data are stored in your local System Vault and used only when needed to provide best-in-class security. -
23
Hemmelig
Keep your sensitive information out of chat logs, emails, and more
Hemmelig is a privacy-focused secret sharing service that lets users securely share sensitive information like passwords, API keys, private notes, or confidential links using client-side encryption so that the server never sees unencrypted data. It operates with a zero-knowledge architecture: all encryption and decryption happen in the browser, and only encrypted blobs are transmitted to and stored on the server, reducing the risk of leaks or unauthorized access. Users can generate shareable links with optional expiration times, view limits, and password protection to tailor how and when secrets are consumed, and links automatically expire or self-destruct after use to prevent reuse or exposure. The platform supports easy deployment via Docker or hosted options, making it practical for individuals, teams, or enterprises that want to safeguard secrets without relying on third-party storage. -
24
Wabe
Your backend in minutes not days
Wabe is an open-source backend that allows you to create your own fully customizable backend in just a few minutes. It handles database access, automatic GraphQL API generation, authentication with various methods (classic or OAuth), permissions, security, and more for you. -
25
Wayne
Kubernetes multi-cluster management and publishing platform
Wayne is a universal, web-based Kubernetes multi-cluster management platform. It reduces service access costs by visualizing Kubernetes object template editing. With a complete permission management system and adapting to multi-tenant scenarios, it is a publishing platform suitable for enterprise-level clusters. Wayne has been serving 360 search on a large scale, carrying most of the online services, stably managing nearly a thousand applications, and tens of thousands of containers, running for more than two years, and withstood the test of production.
