Tools

Infisical is the open-source platform for secrets, certificates, and privileged access management.

The authentication glue you need.

Share sensitive information securely with self-destructing links that are only viewable once.

Secure, browser-based, password-only self-custodial cryptocurrency wallet.

Fully transparent SSH, HTTPS, Kubernetes, MySQL and Postgres bastion/PAM that doesn't need additional client-side software

Securely share sensitive information with automatic expiration & deletion after a set number of views or duration. Track who, what and when with full audit logs.

Authentication and authorization infrastructure for SaaS and AI apps, built on OIDC and OAuth 2.1 with multi-tenancy, SSO, and RBAC.

Single Sign-On for Your Self-Hosted Universe

Kanidm: A simple, secure, and fast identity management platform

Whistleblowing software enabling anyone to easily set up and maintain a secure reporting platform.

A simple and easy-to-use OIDC provider that allows users to authenticate with their passkeys to your services.

Privacy-first password manager with built-in email aliasing. Fully encrypted and self-hostable.

Shuffle: A general purpose security automation platform. Our focus is on collaboration and resource sharing.

Secure sharing of secrets, passwords and files.

Complete, reliable, secure and zero-trust webapp based on zero-knowledge encryption to store your TOTP codes.

The Single Sign-On Multi-Factor portal for web apps, now OpenID Certified™

An editor of encrypted files that supports YAML, JSON and BINARY formats and encrypts with AWS KMS and PGP.

Open Source Identity and Access Management For Modern Applications and Services

OpenBao is a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys.

Plugable framework for automated decryption, often used as a Tang client.

Passbolt Community Edition (CE) API. The JSON API for the open source password manager for teams!

Open source Auth0/Clerk/Firebase alternative. Passkeys, SSO, MFA, passwordless, biometric login. Self-hosted or cloud. Enterprise-ready for SaaS & mobile apps

Single Sign-On Identity & Access Management via OpenID Connect, OAuth 2.0 and PAM

Cerbos is the open core, language-agnostic, scalable authorization solution that makes user permissions and authorization simple to implement and manage by writing context-aware access control policies for your application resources.

Light LDAP implementation

Easy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across 14 platforms.

Web frontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory.

Permission control plane for AI agents. MCP proxy that enforces least-privilege YAML policies on every tool call, classifies sensitive data (PII/PHI), detects dangerous skill chains, and generates compliance audit trails. Supports stdio and HTTP proxy modes.

Keep your sensitive information out of chat logs, emails, and more with encrypted secrets.

A turnkey OAuth & authentication system, designed for both Cloudflare Workers and Node.js

One-Time-Secret sharing platform with a symmetric 256bit AES encryption in the browser

AI-safe secrets manager with MCP integration. Run commands with credentials injected as environment variables - AI agents never see plaintext secrets. Features output sanitization, AES-256-GCM encryption, and Argon2id key derivation.

Quantum-inspired keyring for AI coding agents. Secure secrets with superposition, entanglement, tunneling, and teleportation.

Keep secrets out of emails or chat logs, share them using secure links with passphrase and expiration dates. `MIT` `Python`

Credential isolation proxy for AI agents. Injects secrets at the network boundary with domain restrictions, agent authentication, and audit logging. No SDK required — works as a transparent HTTP proxy or MCP server.

ZITADEL - Identity infrastructure, simplified for you.

KeePassXC is a cross-platform community-driven port of the Windows application “KeePass Password Safe”.

Self-evolving MCP server that generates and improves its own tools at runtime. Built on FastMCP, Janee uses LLM-driven tool generation to dynamically create, test, and refine MCP tools from natural language descriptions — enabling AI agents to extend their own capabilities on the fly.

Unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs

Simple self hosted password generator

A helm plugin that help manage secrets with Git workflow and store them anywhere

CLI for managing secrets

Superagent protects your AI applications against prompt injections, data leaks, and harmful outputs. Embed safety directly into your app and prove compliance to your customers.

A Web app to manage your Two-Factor Authentication (2FA) accounts and generate their security codes

Simple to use, simple to deploy, one time self destruct messaging service, with hashicorp vault as a backend

easy-rsa - Simple shell based CA utility

Password manager dedicated for managing passwords in a collaborative way. One symmetric key is used to encrypt all shared/team passwords and stored server side in a file and the database. works on any server Apache, MySQL and PHP.