Advanced drone detection system that captures and maps Remote ID broadcasts from drones using ESP32 hardware. Features real-time web interface, persistent tracking across sessions, and comprehensive data export capabilities. Nodes can send what they detect to one another over a regional Meshtastic network. You can buy a kit to build your own or assemble a node yourself out of spare parts. Has its own REST API.
HortusFox is a free and open-sourced self-hosted plant manager system that you can use to manage, keep track and journal your home plants. It is designed in a collaborative way, so you can manage your home plants with your partners, friends, family & more! By shipping the software as a self-hosted product, you are always master of your own personal data and thus are in full control over them. HortusFox is open-sourced MIT licensed software, so you can contribute to the software or make your own version of it.
HortusFox provides you with important features such as managing your home locations and assigning added plants to them. You can set various details about your plants such as specific attributes, preview photo, tags, notes, gallery photos and many more! The system also provides you with the opportunity to manage your inventory that is needed to care for your beloved plants. The tasks feature helps you to keep track of what you have to do in order to care about your plants. Also there is a collaborative group chat for your users to exchange important hints about what someone has done or what needs to be done. Of course there are many more features!
Get full protection for any domain, website or backend system in under 5 minutes by using ZeroSSL, the easiest way to issue free SSL certificates. Get new and existing SSL certificates approved within a matter of seconds using one-step email validation, server uploads or CNAME verification. Partnering with some of the biggest ACME providers, ZeroSSL allows you to manage and renew existing certificates without ever lifting a finger.
acme.sh treats them as a first class citizen.
Positions itself as an alternative to Let's Encrypt.
A free account gives you three (3) 90-day certificates at a time. A basic account ($12.50us per month or $120us per year) gives you an unlimited number of 90-day certificates as well as access to their REST API.
One interesting thing is that they say that you can get certs for internal services pretty easily because they offer multiple ways of validating ownership of a domain and identity:
- One-step e-mail validation
- CNAME record validation
- Uploading a supplied file to a website
Hoppscotch is a lightweight, web-based API development suite. It was built from the ground up with ease of use and accessibility in mind providing all the functionality needed for API developers with minimalist, unobtrusive UI. Lets you interact with REST APIs and figure out how to work with them. Seems to support all of the standard HTTP methods.
Supports REST APIs in a cURL-like fashion, WebSockets, HTTP streaming, socket.io, MQTT, GraphQL, and various forms of authentication.
If you pull apart prod.Dockerfile you can figure out how to build it manually.
No-as-a-Service (NaaS) is a simple API that returns a random rejection reason. Use it when you need a realistic excuse, a fun “no,” or want to simulate being turned down in style.
Vulnerability-Lookup facilitates quick correlation of vulnerabilities from various sources, independent of vulnerability IDs, and streamlines the management of Coordinated Vulnerability Disclosure (CVD). Vulnerability-Lookup is also a collaborative platform where users can comment on security advisories and create bundles.
Has a comprehensive and fast lookup API for searching vulnerabilities and identifying correlations by vulnerability identifier. Modular system to import vulnerabilities from different sources. Management of Security Advisories and Vulnerability Disclosures. Support of local vulnerability sources per instance. Users have the possibility to add observations to vulnerabilities with different types of sightings, such as: seen, exploited, not exploited, confirmed, not confirmed, patched, and not patched. Add, review and share comments on vulnerability advisories. Create bundles of vulnerability advisories with a description. RSS and Atom support for vulnerabilities and comments. Integration of the Exploit Prediction Scoring System. Track vulnerabilities with your custom product watch lists and receive email notifications. Almost two dozen vulnerability sources and feeders supported.
Access to reliable and timely information about vulnerabilities affecting Information and Communication Technology (ICT) products and services contributes to an enhanced cybersecurity risk management. Sources of publicly available information about vulnerabilities are an important tool for users of these services, competent authorities, and the broader cybersecurity community. ENISA has established a European Vulnerability Database (EUVD) where entities, regardless of whether they fall within the scope of the NIS2 Directive, and their suppliers of network and information systems, as well as competent authorities, most notably CSIRTs, can voluntarily disclose and register publicly known vulnerabilities to allow users to take appropriate mitigating measures.
In line with Coordinated Vulnerability Disclosure practices, which aim at providing improved transparency regarding the publication process, the EUVD is eventually used to publicly disclose the vulnerability information.
To avoid efforts duplication and to support complementarity, ENISA closely cooperates with MITRE and European as well as non-European operators of the Common Vulnerabilities and Exposures (CVE) system. In this context, ENISA offers vulnerability registry services after its onboarding as a CVE Numbering Authority (CNA), with a focus on vulnerabilities in IT products discovered by or reported to European CSIRTs for coordinated disclosure.
The Registration Data Access Protocol (RDAP) is the successor to WHOIS. Like WHOIS, RDAP provides access to information about Internet resources (domain names, autonomous system numbers, and IP addresses). Unlike WHOIS, RDAP provides:
- A machine-readable representation of registration data;
- Differentiated access;
- Structured request and response semantics;
- Internationalisation;
- Extensibility.
RDAP.org aims to support users and developers of RDAP clients by providing a "bootstrap server", i.e. single end point for RDAP queries. RDAP.org aggregates information about all known RDAP servers. RDAP clients can send RDAP queries to RDAP.org, which will then redirect requests to the appropriate RDAP service.
FreeDATA is a versatile, open-source platform designed specifically for HF communications, leveraging Codec2 data modes for robust global digital communication. It features a network-based server-client architecture, a REST API, multi-platform compatibility, and a messaging system. It looks like a desktop app that also has a local REST API. Specifically namechecks working the HF bands.
AutoKitteh is a developer platform for workflow automation and orchestration. It is an easy-to-use, code-based alternative to no/low-code platforms (such as Zapier, Workato, Make.com, n8n) with unlimited flexibility. You write in vanilla Python, we make it durable. Once installed, AutoKitteh is a scalable "serverless" platform (with batteries included) for DevOps, FinOps, MLOps, SOAR, productivity tasks, critical backend business processes, and more.
Provides interfaces for building projects (workflows), deploying them, triggering the code with webhooks or schedulers, executing the code as durable workflows, and managing these workflows. All services are available via gRPC / HTTP. Has a CLI and a built-in MCP server as well.
Beszel is a lightweight server monitoring platform that includes Docker statistics, historical data, and alert functions. It has a friendly web interface, simple configuration, and is ready to use out of the box. It supports automatic backup, multi-user, OAuth authentication, and API access.
Smaller and less resource-intensive than leading solutions. Easy setup, no need for public internet exposure. Configurable alerts for CPU, memory, disk, bandwidth, temperature, and status. Users manage their own systems. Admins can share systems across users. Supports many OAuth2 providers. Password auth can be disabled. Save and restore data from disk or S3-compatible storage.
Consists of a hub built on PocketBase that provides a dashboard for viewing and managing connected systems and an agent that runs on each system you want to monitor, creating a minimal SSH server to communicate system metrics to the hub.
Seems to be designed with system monitoring in mind, and as such isn't really that flexible.
The CVEDB API offers a quick way to check information about vulnerabilities in a service. You can search using either the CVE-ID or CPE23.
A vulnerability lookup service by SHODAN.
Free for non-commercial use (i.e., selling the data). You don't need a SHODAN API key.
An open source threat intel and sharing platform. Lots of ad-hoc visualization methods are available to make sense of data. Includes lots of taxonomies to organize data and do some of the work for you.
You can store your IOCs in a structured manner, and thus enjoy the correlation, automated exports for IDS, or SIEM, in STIX or OpenIOC and synchronize to other MISPs. You can now leverage the value of your data without effort and in an automated manner. The primary goal of MISP is to be used. This is why simplicity is the driving force behind the project. Storing and especially using information about threats and malware should not be difficult. MISP is there to help you get the maximum out of your data without unmanageable complexity. MISP will make it easier for you to share with, but also to receive from trusted partners and trust-groups. Sharing also enabled collaborative analysis and prevents you from doing the work someone else already did before.
Threat Intelligence is much more than Indicators of Compromise. This is why MISP provides metadata tagging, feeds, visualization and even allows you to integrate with other tools for further analysis thanks to its open protocols and data formats. Having access to a large amount of Threat information through MISP Threat Sharing communities gives you outstanding opportunities to aggregate this information and take the process of trying to understand how all this data fits together telling a broader story to the next level. We are transforming technical data or indicators of compromise (IOCs) into cyber threat intelligence. MISP comes with many visualization options helping analysts find the answers they are looking for.
Github: https://github.com/MISP/
Of interest:
- MISP/MISP is the core platform (the analytics and dashboard part)
- MISP/misp-galaxy looks like the correlation engine
- MISP/PyMISP is the supported Python module for interacting with the API
- MISP/misp-taxonomies are used for organizing information
- MISP/misp-galaxy does the work of clustering data points to find patterns
- MISP/misp-modules are additional functional units (because of course there are)
- MISP/misp-warninglists looks like sets of known false positives for cutting things down a bit.
There are more repos but I haven't gone through them yet.
Protomaps is an open source system for interactive web maps, deployable as a single static file on cloud storage. Protomaps can optionally be delivered through an edge network like AWS Cloudfront and Cloudflare for ultra-low latency, using Lambda or Workers. First-class support for mapping libraries like Leaflet and MapLibre GL to enable vector cartography and visualization of your own geodata. Your map-based projects and sites don't depend on a third party service or API keys, and work offline, forever. Protomaps also maintains a Tiles API - get a free API key. It's free for non-commercial use, or commercial use paired with a GitHub sponsorship.
Github: https://github.com/protomaps
While xthulu is intended to be a community server with multiple avenues of interaction (e.g. terminal, browser, REST API), its primary focus is to provide a modern SSH terminal interface which pays homage to the bulletin boards of the 1990s. Rather than leaning entirely into DOS-era nostalgia, modern character sets (UTF-8) and terminal capabilities are taken advantage of.
Documentation for Open Weathermap's geocoding/reverse geocoding REST API.
IndexNow is an easy way for websites owners to instantly inform search engines about latest content changes on their website. In its simplest form, IndexNow is a simple ping so that search engines know that a URL and its content has been added, updated, or deleted, allowing search engines to quickly reflect this change in their search results.
Without IndexNow, it can take days to weeks for search engines to discover that the content has changed, as search engines don’t crawl every URL often. With IndexNow, search engines know immediately the "URLs that have changed, helping them prioritize crawl for these URLs and thereby limiting organic crawling to discover new content."
IndexNow is offered under the terms of the Attribution-ShareAlike Creative Commons License and has support from Microsoft Bing, Naver, Seznam.cz, Yandex, Yep.
IndexNow-enabled search engines shares immediately all URLs submitted to all other IndexNow-enabled search engines, so you just need to notify one endpoint.
Add dynamic content, forms or personalization to your static site, manage smart home, monitor server room temperatures in hundreds of locations using Raspberry Pi, or simply play with the API - JsonStorage is super simple and scales up to your needs.
The Polaric Server is mainly a web based service to present live tracking information (APRS, AIS, etc) on maps and where the information is updated in realtime. It is originally targeted for use by radio amateurs in voluntary search and rescue service in Norway. It consists of a web application and a server program (APRS daemon). It runs on e.g. aprs.no as a online service on the internet, but we could also bring it with us out in the field in a portable computer, possibly with its own LAN, APRS modems and radios. A goal is that it should be able to work without always being online with a good connection to the internet.
Github: https://github.com/orgs/PolaricServer/repositories
Lots of Java, unfortunately.
Alexandria.org is a non-profit, ad-free search engine. Our goal is to provide the best available information without compromise. The index is built on data from Common Crawl and the engine is written in C++. The source code is available. We are still at an early stage of development and running the search engine on a shoestring budget.
Github:
- Search engine: https://github.com/alexandria-org/alexandria
- REST API: https://github.com/alexandria-org/alexandria-api
- Front end: https://github.com/alexandria-org/alexandria-frontend
In theory you can set up your own instance. In practice, I don't know how practical that would be.