SaaSHub helps you find the best software and product alternatives Learn more →
Top 23 TypeScript security-tool Projects
-
Project mention: All-in-one OSINT tool for analysing any website | news.ycombinator.com | 2024-10-19
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
-
personal-security-checklist
🔒 A compiled checklist of 300+ tips for protecting digital security and privacy in 2024
Checklists at https://github.com/Lissy93/personal-security-checklist/blob/...
-
infisical
♾ Infisical is the open-source secret management platform: Sync secrets across your team/infrastructure, prevent secret leaks, and manage internal PKI
Other options: Pulumi, Infisical
-
-
privacy.sexy
Open-source tool to enforce privacy & security best-practices on Windows, macOS and Linux, because privacy is sexy
Project mention: My Windows Computer Just Doesn't Feel Like Mine Anymore | news.ycombinator.com | 2024-06-21https://privacy.sexy is what you want/need!
Works well to disable various telemetry, bloat and other baddies.
-
lunasec
LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
Nit picking a bit but I prefer btrfs even if it's slower. Easier to work with.
What bootloader is this using? Or is it just straight EFI booting?
I helped write a guide a few years back that still is what I do using systemd-boot. https://github.com/lunasec-io/lunasec/blob/master/docs/blog/...
How is Wayland support these days? I love i3 but I know Sway promises to be close enough.
-
CloudGraph cli
The universal GraphQL API and CSPM tool for AWS, Azure, GCP, K8s, and tencent. (by cloudgraphdev)
-
-
-
-
graphql-armor
🛡️ The missing GraphQL security security layer for Apollo GraphQL and Yoga / Envelop servers 🛡️
Project mention: Launch HN: Escape (YC W23) – Discover and secure all your APIs | news.ycombinator.com | 2024-02-01 -
gradejs
GradeJS analyzes production Webpack bundles without having access to the source code of a website. Instantly see vulnerabilities, outdated packages, and more just by entering a web application URL.
-
arcjet-js
Arcjet JS SDKs. Bot detection, rate limiting, email validation, attack protection, data redaction for Node.js, Next.js, Deno, Bun, Remix, SvelteKit, NestJS.
import { WithArcjetRules, detectBot } from "@arcjet/nest"; import { Injectable, Get } from "@nestjs/common"; // This would normally go in your controller file e.g. // src/page/page.controller.ts // Attaches the ArcjetGuard to the controller to protect it with the specified // rules extended from the global rules defined in app.module.ts. @WithArcjetRules([ detectBot({ mode: "LIVE", // will block requests. Use "DRY_RUN" to log only // configured with a list of bots to allow from // https://arcjet.com/bot-list // Block all bots except the following allow: [ "CATEGORY:SEARCH_ENGINE", // Google, Bing, etc // Uncomment to allow these other common bot categories // See the full list at https://arcjet.com/bot-list //"CATEGORY:MONITOR", // Uptime monitoring services //"CATEGORY:PREVIEW", // Link previews e.g. Slack, Discord ], }), ]) export class PageController { constructor(private readonly pageService: PageService) {} @Get() index() { return this.pageService.message(); } }
-
-
-
jfrog-docker-desktop-extension
🐸 Scans any of your local Docker images for security vulnerabilities. 🐋
-
crypt.fyi
Ephemeral, zero-knowledge sensitive data sharing with end-to-end encryption and seamless UX—no sign-up, just secure and instant sharing.
Hello everyone, I’d like to introduce *crypt.fyi*, an open-source, secure, and ephemeral secret-sharing platform for safely sharing sensitive information. Unlike email, Slack, or SMS, crypt.fyi ensures your data is private and disappears once accessed. It also offers additional configuration features like IP/CIDR allow-listing, max read-counts, and webhooks for extra control over your shared secrets.
Existing tools like privatebin, pwpush, onetimesecret, etc. left something to be desired from a UX/I standpoint and/or had some missing security, privacy and/or product features, so my goal with crypt.fyi is to combine modern security with clean, intuitive interfaces and novel features. It includes a CLI and browser extension for easy integration into your workflow, making it simple to share passwords, API keys, and confidential messages securely and in-context.
Self-hosting is easy with Docker and Docker Compose. Feel free to fork it or try it out—your feedback is welcome!
https://github.com/osbytes/crypt.fyi
-
-
Project mention: What should I do when someone blatantly copy my open-source project on GitHub? | news.ycombinator.com | 2024-08-25
I think the developer doing this is: https://github.com/obaraelijah
And it looks like he's done the exact same with a pen-testing project called Kraken: https://github.com/myOmikron/kraken-project
Probably trying to pad out his Github for freelancing.
-
-
secret-stack
SecretStack is a robust Visual Studio Code extension that safeguards your workspace by identifying exposed secrets like API keys, tokens, and sensitive data. With customizable detection, real-time alerts, and detailed reports, SecretStack secures your code before it reaches Git.
Project mention: Never Leak Secrets again with this must-have VSCode Extension | dev.to | 2024-12-28Open-source GitHub Repo: CipherScan
-
ignorecheck
A simple CLI/utility to ensure certain patterns are present in a project's .gitignore - Be sure to 🌟 this repository for updates!
TypeScript security-tools discussion
TypeScript security-tools related posts
-
All-in-one OSINT tool for analysing any website
-
WebCheck
-
Web-check: All-in-one OSINT tool for analysing any website
-
WebCheck: Find out what hackers know about your site
-
Show HN: I made tool that let's you see everything about any website
-
Web Check – All-in-one OSINT tool for analysing any website
-
Web-check: All-in-one OSINT tool for analysing any website
-
A note from our sponsor - SaaSHub
www.saashub.com | 14 Jan 2025
Index
What are some of the best open-source security-tool projects in TypeScript? This list will help you:
Project | Stars | |
---|---|---|
1 | web-check | 23,075 |
2 | personal-security-checklist | 17,697 |
3 | infisical | 16,217 |
4 | ThreatMapper | 4,887 |
5 | privacy.sexy | 4,353 |
6 | lunasec | 1,438 |
7 | CloudGraph cli | 883 |
8 | grapefruit | 822 |
9 | ZeusCloud | 691 |
10 | console | 518 |
11 | graphql-armor | 504 |
12 | gradejs | 406 |
13 | arcjet-js | 358 |
14 | eslint-plugin-no-secrets | 139 |
15 | hashpass | 117 |
16 | jfrog-docker-desktop-extension | 76 |
17 | ots-share-app | 62 |
18 | crypt.fyi | 61 |
19 | npm-lint | 26 |
20 | kraken-project | 11 |
21 | secutils-webui | 6 |
22 | secret-stack | 5 |
23 | ignorecheck | 4 |