Skip to content

Discover

Find tools for your stack. Pick an audience — we handle the noise.

Discover picks for Vulnerability Scanning

See all tools in Vulnerability Scanning →

On Hacker News

Ranked by discussion

tailscale

Healthy
1

The easiest, most secure way to use WireGuard and 2FA.

Open Source

CyberChef

Mixed

The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis

Open Source

caddy

At Risk
1

Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS

Open Source

netbird

Mixed
1

Connect your devices into a secure WireGuard®-based overlay network with SSO, MFA and granular access controls.

Open Source

pocketbase

Healthy
3

Open Source realtime backend in 1 file

Open Source

opensnitch

At Risk

OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.

Open Source

pangolin

Healthy
0

Identity-aware VPN and proxy for remote access to anything, anywhere.

Open Source

Maigret

Mixed
0

♂ Collect a dossier on a person by username from 3000+ sites

Open Source

certificates

Mixed

A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.

Open Source

keycloak

Healthy
0

Open Source Identity and Access Management For Modern Applications and Services

Open Source

mitmproxy

Healthy
0

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

Open Source

headscale

At Risk

An open source, self-hosted implementation of the Tailscale control server

Open Source

Trending now

See all →

  1. msaad00/agent-bom

    AI supply chain security scanner with 18 MCP tools. Auto-discovers 20 MCP clients, scans dependencies for CVEs (OSV/NVD/EPSS/CISA KEV), maps blast radius from vulnerabilities to exposed credentials and tools, runs CIS benchmarks, generates CycloneDX/SPDX SBOMs, and enforces compliance across OWASP LLM Top 10, MITRE ATLAS, NIST AI RMF, and EU AI Act.

    Healthy
    3

  2. Pompelmi

    Open-source file upload security for Node.js. Scan files before storage to detect malware, MIME spoofing, and risky archives.

    Healthy
    2

  3. trufflehog

    Find, verify, and analyze leaked credentials

    Healthy
    1

  4. gebalamariusz/cloud-audit

    Open-source AWS security scanner with attack chain detection, breach cost estimation, and copy-paste remediation (CLI + Terraform). 47 checks, 16 attack chain rules. First free standalone AWS security MCP server.

    Healthy
    1

  5. Secrover

    Open-source security reports — no paywalls, just actionable insights.

    Mixed
    1

  6. grype

    A vulnerability scanner for container images and filesystems

    Mixed
    1

  7. Trivy

    Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

    At Risk
    1

  8. is-website-vulnerable

    finds publicly known security vulnerabilities in a website's frontend JavaScript libraries

    Healthy
    0

  9. Bearer

    Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

    Mixed
    0

  10. ajitpratap0/GoSQLX

    7 SQL tools (validate, format, parse, lint, security scan, metadata extraction, full analysis) over Streamable HTTP. Public remote server at mcp.gosqlx.dev - no install needed. 1.25M+ ops/sec, 6 SQL dialects.

    Healthy

  11. Tsunami

    Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence.

    At Risk

  12. Deepfence ThreatMapper

    Open Source Cloud Native Application Protection Platform (CNAPP)

    At Risk

Beta — feedback welcome: [email protected]