TypeScript security-tools

Open-source TypeScript projects categorized as security-tools

Top 23 TypeScript security-tool Projects

security-tools
  • web-check

    🕵️‍♂️ All-in-one OSINT tool for analysing any website

    Project mention: All-in-one OSINT tool for analysing any website | news.ycombinator.com | 2024-10-19
  • SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo
  • personal-security-checklist

    🔒 A compiled checklist of 300+ tips for protecting digital security and privacy in 2024

    Project mention: The Personal Security Checklist | news.ycombinator.com | 2024-02-21

    Checklists at https://github.com/Lissy93/personal-security-checklist/blob/...

  • infisical

    ♾ Infisical is the open-source secret management platform: Sync secrets across your team/infrastructure, prevent secret leaks, and manage internal PKI

    Project mention: Top DevSecOps Tools for 2025 | dev.to | 2025-01-09

    Other options: Pulumi, Infisical

  • ThreatMapper

    Open Source Cloud Native Application Protection Platform (CNAPP)

  • privacy.sexy

    Open-source tool to enforce privacy & security best-practices on Windows, macOS and Linux, because privacy is sexy

    Project mention: My Windows Computer Just Doesn't Feel Like Mine Anymore | news.ycombinator.com | 2024-06-21

    https://privacy.sexy is what you want/need!

    Works well to disable various telemetry, bloat and other baddies.

  • lunasec

    LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/

    Project mention: Installing Arch Linux on a Laptop | news.ycombinator.com | 2024-09-14

    Nit picking a bit but I prefer btrfs even if it's slower. Easier to work with.

    What bootloader is this using? Or is it just straight EFI booting?

    I helped write a guide a few years back that still is what I do using systemd-boot. https://github.com/lunasec-io/lunasec/blob/master/docs/blog/...

    How is Wayland support these days? I love i3 but I know Sway promises to be close enough.

  • CloudGraph cli

    The universal GraphQL API and CSPM tool for AWS, Azure, GCP, K8s, and tencent. (by cloudgraphdev)

  • grapefruit

    (WIP) Runtime Application Instruments for iOS. Previously Passionfruit

  • ZeusCloud

    Open Source Cloud Security

  • console

    Application secrets and configuration management for developers. (by phasehq)

    Project mention: Ask HN: What Open Source Projects Need Help? | news.ycombinator.com | 2024-11-16
  • graphql-armor

    🛡️ The missing GraphQL security security layer for Apollo GraphQL and Yoga / Envelop servers 🛡️

    Project mention: Launch HN: Escape (YC W23) – Discover and secure all your APIs | news.ycombinator.com | 2024-02-01
  • gradejs

    GradeJS analyzes production Webpack bundles without having access to the source code of a website. Instantly see vulnerabilities, outdated packages, and more just by entering a web application URL.

  • arcjet-js

    Arcjet JS SDKs. Bot detection, rate limiting, email validation, attack protection, data redaction for Node.js, Next.js, Deno, Bun, Remix, SvelteKit, NestJS.

    Project mention: Announcing the Arcjet NestJS & Remix adapters | dev.to | 2024-12-02

    import { WithArcjetRules, detectBot } from "@arcjet/nest"; import { Injectable, Get } from "@nestjs/common"; // This would normally go in your controller file e.g. // src/page/page.controller.ts // Attaches the ArcjetGuard to the controller to protect it with the specified // rules extended from the global rules defined in app.module.ts. @WithArcjetRules([ detectBot({ mode: "LIVE", // will block requests. Use "DRY_RUN" to log only // configured with a list of bots to allow from // https://arcjet.com/bot-list // Block all bots except the following allow: [ "CATEGORY:SEARCH_ENGINE", // Google, Bing, etc // Uncomment to allow these other common bot categories // See the full list at https://arcjet.com/bot-list //"CATEGORY:MONITOR", // Uptime monitoring services //"CATEGORY:PREVIEW", // Link previews e.g. Slack, Discord ], }), ]) export class PageController { constructor(private readonly pageService: PageService) {} @Get() index() { return this.pageService.message(); } }

  • eslint-plugin-no-secrets

    An eslint plugin to find strings that might be secrets/credentials

  • hashpass

    A simple password manager with a twist.

  • jfrog-docker-desktop-extension

    🐸 Scans any of your local Docker images for security vulnerabilities. 🐋

  • ots-share-app

    A self-hosting app to share secrets only one-time.

  • crypt.fyi

    Ephemeral, zero-knowledge sensitive data sharing with end-to-end encryption and seamless UX—no sign-up, just secure and instant sharing.

    Project mention: Ephemeral, Secure, ZK sensitive data sharing | news.ycombinator.com | 2025-01-11

    Hello everyone, I’d like to introduce *crypt.fyi*, an open-source, secure, and ephemeral secret-sharing platform for safely sharing sensitive information. Unlike email, Slack, or SMS, crypt.fyi ensures your data is private and disappears once accessed. It also offers additional configuration features like IP/CIDR allow-listing, max read-counts, and webhooks for extra control over your shared secrets.

    Existing tools like privatebin, pwpush, onetimesecret, etc. left something to be desired from a UX/I standpoint and/or had some missing security, privacy and/or product features, so my goal with crypt.fyi is to combine modern security with clean, intuitive interfaces and novel features. It includes a CLI and browser extension for easy integration into your workflow, making it simple to share passwords, API keys, and confidential messages securely and in-context.

    Self-hosting is easy with Docker and Docker Compose. Feel free to fork it or try it out—your feedback is welcome!

    https://github.com/osbytes/crypt.fyi

  • npm-lint

    A linter for npm & node package.json files with a focus on dependency security

  • kraken-project

    A scalable pentesting platform

    Project mention: What should I do when someone blatantly copy my open-source project on GitHub? | news.ycombinator.com | 2024-08-25

    I think the developer doing this is: https://github.com/obaraelijah

    And it looks like he's done the exact same with a pen-testing project called Kraken: https://github.com/myOmikron/kraken-project

    Probably trying to pad out his Github for freelancing.

  • secutils-webui

    The web user interface for Secutils.dev

  • secret-stack

    SecretStack is a robust Visual Studio Code extension that safeguards your workspace by identifying exposed secrets like API keys, tokens, and sensitive data. With customizable detection, real-time alerts, and detailed reports, SecretStack secures your code before it reaches Git.

    Project mention: Never Leak Secrets again with this must-have VSCode Extension | dev.to | 2024-12-28

    Open-source GitHub Repo: CipherScan

  • ignorecheck

    A simple CLI/utility to ensure certain patterns are present in a project's .gitignore - Be sure to 🌟 this repository for updates!

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020).

TypeScript security-tools discussion

Log in or Post with

TypeScript security-tools related posts

Index

What are some of the best open-source security-tool projects in TypeScript? This list will help you:

Project Stars
1 web-check 23,075
2 personal-security-checklist 17,697
3 infisical 16,217
4 ThreatMapper 4,887
5 privacy.sexy 4,353
6 lunasec 1,438
7 CloudGraph cli 883
8 grapefruit 822
9 ZeusCloud 691
10 console 518
11 graphql-armor 504
12 gradejs 406
13 arcjet-js 358
14 eslint-plugin-no-secrets 139
15 hashpass 117
16 jfrog-docker-desktop-extension 76
17 ots-share-app 62
18 crypt.fyi 61
19 npm-lint 26
20 kraken-project 11
21 secutils-webui 6
22 secret-stack 5
23 ignorecheck 4

Sponsored
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com

Did you konow that TypeScript is
the 1st most popular programming language
based on number of metions?