Open Source Tools

I’ve published +100 open source tools over the years.

Here are just a few. The ones with the most GitHub stars.

They’re focused on REST APIs, security, and high performance.

See all on GitHub →

SEE ALL ON GITHUB
Dockerscan
1396

Dockerscan

Go 2024

Enterprise-grade security scanner for Docker containers. Detects vulnerabilities, analyzes configurations, and prevents secret leaks in real-time. +1,400 stars. Used by Fortune 500 companies.

Aiotasks
438

Aiotasks

Python 2024

High-performance distributed task manager for Python Asyncio. Massive real-time event processing with horizontal scaling. Modern Celery alternative without overhead. +400 stars.

NoSQL Injection Wordlists
370

NoSQL Injection Wordlists

Payloads 2024

Enterprise payload collection for NoSQL database pentesting (MongoDB, Cassandra, CouchDB, Redis). Used in bug bounties with critical findings up to $50K. +370 stars. Global reference.

FestIn
232

FestIn

Python 2024

Enterprise scanner for misconfigured S3 buckets. Prevents data leaks and multi-million GDPR fines. Detects exposed medical records, backups, and confidential data. +230 stars.

Aiohttp-Swagger
186

Aiohttp-Swagger

Python 2024

Automatic OpenAPI/Swagger documentation generation for high-performance aiohttp APIs. Reduces documentation time by 90%. Used in APIs handling millions of daily requests. +180 stars.

Enteletaor
150

Enteletaor

Python 2024

Specialized pentesting framework for Message Queues (RabbitMQ, Redis, Kafka). Detects insecure configurations in critical financial systems. Prevents malicious message injection. +150 stars.

Dockerfile Security
95

Dockerfile Security

Python 2024

Static security analysis for Dockerfiles in seconds. Detects hardcoded secrets, excessive privileges, and outdated software before build. CI/CD integration. +95 stars.

Vulnerable Node
480

Vulnerable Node

JavaScript 2024

Intentionally vulnerable web application for testing security tools

OpenVAS to Report
41

OpenVAS to Report

Python 2024

Convert OpenVAS XML reports into professional reports

🐍
Python
43

ja-shortener

Python 2023

Self-hosted URL shortener with no external dependencies. Lightweight, fast, easy to deploy. 43 stars.

🐍
Python
31

RSM - Redis Security Map

Python 2022

Anti-hacking tool for Redis. Detects and blocks attacks against exposed Redis instances. 31 stars.

💻
CSS
26

EasyLogs

CSS 2022

Simple, agnostic and lightweight logging dashboard. No stack dependencies, works with any application. 26 stars.

💻
Shell
13

wordpress-docker-sec

Shell 2021

Anti-hacking Docker configuration for WordPress. Automated hardening with nmap, wpscan and plecost. 13 stars.

🐍
Python
12

LAPIS

Python 2026

Lightweight API Specification for Intelligent Systems. Reduces LLM token overhead by 85% compared to OpenAPI. Published paper on arXiv. 12 stars.

💻
HTML
12

nginx-wordpress-docker-sec

HTML 2021

Secure Nginx configuration for WordPress on Docker. Anti-hacking tools deployed automatically. 12 stars.

🐍
Python
11

realtime-redis-backup

Python 2022

Realtime Redis data backup to S3. Uses asyncio to avoid performance impact. 11 stars.