Open Source JavaScript Security Software for Linux
Sort By:
JavaScript Security Software for Linux
View 708 business solutionsBrowse free open source JavaScript Security Software for Linux and projects below. Use the toggles on the left to filter open source JavaScript Security Software for Linux by OS, license, language, programming language, and project status.
-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
Forever Free Full-Stack Observability | Grafana CloudBuilt on open standards like Prometheus and OpenTelemetry, Grafana Cloud includes Kubernetes Monitoring, Application Observability, Incident Response, plus the AI-powered Grafana Assistant. Get started with our generous free tier today.
-
1
Detect It Easy
Program for determining types of files for Windows, Linux and MacOS
Detect It Easy (DiE) is a tool for determining the type and internal features of binary and other file formats. It is widely used by malware analysts, digital forensics investigators, reverse engineers, and security researchers to quickly inspect unknown files and infer their type, architecture, compiler/packer used, and internal structure. DiE supports a large variety of file formats — from common executables (Windows PE, Linux ELF, macOS Mach-O) to archives, mobile packages (APK, IPA), legacy binaries, compressed or packed files, and more — making it a versatile first step in analysis or triage workflows. The tool offers both a graphical user interface as well as a command-line interface, allowing flexible use across environments (desktop, servers, automation). Its detection engine is signature-based, but also includes heuristics that help when signatures are missing or obfuscated. This helps when analyzing packed, compressed, or partially corrupted files. -
2
YouTube Music
YouTube Music Desktop App bundled with custom plugins
Open source, cross-platform, unofficial YouTube Music Desktop App with built-in ad blocker and downloader. Native look & feel, aims at keeping the original interface. Framework for custom plugins: change YouTube Music to your needs (style, content, features), enable/disable plugins in one click. Install the youtube-music-bin package from the AUR. For AUR installation instructions, take a look at the wiki page. Block all ads and tracking out of the box. Apply compression to audio (lowers the volume of the loudest parts of the signal and raises the volume of the softest parts) Next/Back navigation arrows directly integrated in the interface, like in your favorite browser. Allows setting global hotkeys for playback (play/pause/next/previous) + disable media osd by overriding media keys + enable Ctrl/CMD + F to search + enable Linux mpris support for media keys + custom hotkeys for advanced users. -
3
OSINT Framework
OSINT Framework
OSINT-Framework is a web-based intelligence resource map designed to help investigators and researchers quickly locate free open-source intelligence tools and data sources. Rather than functioning as an automated scanner, it organizes hundreds of OSINT resources into a structured, navigable interface grouped by investigation type, such as usernames, email addresses, domains, and social media. The project was originally created from an information security perspective but has since expanded to support journalists, analysts, and digital investigators across many disciplines. Its value lies in curation and discoverability, allowing users to pivot rapidly between relevant intelligence tools during investigations. The framework includes indicators showing whether a resource requires registration, manual editing, or local installation, improving workflow planning. -
4
malware-samples
A collection of malware samples and relevant dissection information
This repo is a public collection of malware samples and related dissection/analysis information, maintained by InQuest. It gathers various kinds of malicious artifacts, executables, scripts, macros, obfuscated documents, etc., with metadata (e.g., VirusTotal reports), file carriers, and sample hashes. It’s intended for malware analysts/researchers to help study how malware works, how they are delivered, and how it evolves. -
AI-generated apps that pass security reviewRetool lets you generate dashboards, admin panels, and workflows directly on your data. Type something like “Build me a revenue dashboard on my Stripe data” and get a working app with security, permissions, and compliance built in from day one. Whether on our cloud or self-hosted, create the internal software your team needs without compromising enterprise standards or control.
-
5
RedAmon
AI-powered framework for automated penetration testing and red teaming
RedAmon is an AI-powered red team framework designed to automate offensive cybersecurity operations from reconnaissance to exploitation and post-exploitation. It combines artificial intelligence with traditional penetration testing tools to create a fully autonomous pipeline capable of discovering vulnerabilities and executing security assessments without human intervention. It begins with a multi-phase reconnaissance engine that maps the entire attack surface of a target, collecting information such as subdomains, open ports, services, and potential vulnerabilities. RedAmon then uses an AI agent orchestrator to analyze this data, select appropriate tools, and perform exploitation steps such as credential brute forcing or CVE-based attacks. All discovered assets, relationships, and vulnerabilities are stored in a Neo4j knowledge graph, allowing the system to reason about the environment and make informed decisions during the attack process. -
6
OWASP Juice Shop
Probably the most modern and sophisticated insecure web application
OWASP Juice Shop is probably the most modern and sophisticated insecure web application! It can be used in security trainings, awareness demos, CTFs and as a guinea pig for security tools! Juice Shop encompasses vulnerabilities from the entire OWASP Top Ten along with many other security flaws found in real-world applications! Juice Shop is written in Node.js, Express and Angular. It was the first application written entirely in JavaScript listed in the OWASP VWA Directory. The application contains a vast number of hacking challenges of varying difficulty where the user is supposed to exploit the underlying vulnerabilities. The hacking progress is tracked on a score board. Finding this score board is actually one of the (easy) challenges! Apart from the hacker and awareness training use case, pentesting proxies or security scanners can use Juice Shop as a "guinea pig"-application to check how well their tools cope with JavaScript-heavy application frontends and REST APIs. -
7
CamDesk
The Desktop Webcam Widget
CamDesk is a free, open source, desktop webcam widget, that was created as home surveillance application. Although others have used it for demonstrations even with CamStudio, and QuickTime Player for screen casting. -
8
CaptfEncoder
Captfencoder is a rapid cross platform network security tool suite
Captfencoder is a rapid cross-platform network security tool suite, providing network security-related code conversion, classical cryptography, cryptography, asymmetric encryption, miscellaneous tools, and aggregating all kinds of online tools. CaptfEncoder V3 develop by Rust, Executable programs are smaller, faster, better performing, and more powerful. CaptfEncoder V3 suport script extension. -
9
Rocket.Chat
The communications platform that puts data protection first
Real-time conversations with your colleagues, other companies or customers. Enable teams to collaborate with real-time chat, audio, file sharing and video calls. Communicate in real-time with partners, vendors, suppliers or any external organization. Talk to visitors and customers in one place, regardless of how they connect with you. Explore our marketplace to find and build custom apps that streamline your workflows. Control over the stewardship of your data. E2E encrypted, ISO 27001 certified, and supporting compliance with GDPR, CCPA, LGPD, and HIPAA. Unlimited customizations, security assurances, and ability to contribute to the roadmap. Talk to colleagues, partners, vendors, website visitors, or customers, regardless of the channel they choose to connect with you. Become a part of the largest open-source communications community in the world. Collaborate with millions of users and developers who are improving the way the world communicates. -
Earn up to 16% annual interest with Nexo.Generate interest, borrow against your crypto, and trade a range of cryptocurrencies — all in one platform. Geographic restrictions, eligibility, and terms apply.
-
10
SQUEEZER
Squeezer framework, build serverless dApps
Squeezer is a platform that empowers new-entry blockchain developers to build serverless dApps simply as dead. The main usage of the ChainKit is to unify top blockchains interfaces into a single normalized API interface, therefore you can build blockchain dApps easily without digging into blockchain complex infrastructure. Bi-directional on-chain transactions (inbound and outbound). Build dApps connecting to smart contracts using chain kit agnostic connector. Quick intuitive code deployments by using a special mechanism that will deploy smart contracts and dApp services where code changed. Silent deployments, no interruption for the current functionality (really useful on production). One single command to simultaneously deploy all available functions on your project where code changed from the last deployment. Test your code locally on a simulated functions platform for a faster development cycle. -
11
Trape
OSINT tool for tracking users and analyzing browser data online
Trape is an open source OSINT analysis and research tool designed to track and analyze users on the internet in real time. The project focuses on demonstrating how web browsers can reveal sensitive information about users while interacting with websites and online services. It provides researchers, security professionals, and organizations with a platform for studying how attackers could gather intelligence through social engineering techniques. The tool can clone websites and monitor interactions in order to collect data from visitors, allowing investigators to observe user behavior and session activity. Trape was originally created to educate the public about how large internet services may obtain confidential information such as session status or browser details without users realizing it. Over time, it has evolved into a research platform that helps analysts track cybercriminal activity and study online tracking mechanisms. -
12
TwitchAdSolutions
This repo aims to provide multiple solutions for blocking Twitch ads
TwitchAdSolutions is an open-source repository that aggregates multiple techniques, scripts, and tools designed to block or bypass advertisements on the Twitch streaming platform. Rather than being a single application, it serves as a curated collection of methods that users can apply depending on their environment, including browser extensions, proxy-based approaches, and custom scripts. The project focuses on maintaining functional workarounds for Twitch’s evolving ad delivery system, which frequently changes to counter ad-blocking solutions. It includes experimental scripts that attempt to replace or skip ad segments by forcing the player to retrieve ad-free streams or suppress playback during ad breaks. The repository also provides configuration instructions for tools like uBlock Origin, allowing users to integrate custom filters and scripts into their browsing setup. -
13
StatiCrypt
Password protect a static HTML page
StatiCrypt uses AES-256 and WebCrypto to encrypt your HTML file with your long password and return a static page including a password prompt and the javascript decryption logic that you can safely upload anywhere (see what the page looks like). This means you can password protect the content of your public static HTML file, without any back-end - serving it over Netlify, GitHub pages, etc. You can encrypt a file online in your browser (client side). StatiCrypt uses WebCrypto to generate a static, password protected page that can be decrypted in-browser. You can then just send or upload the generated page to a place serving static content (github pages, for example) and you're done: the page will prompt users for a password, and the javascript will decrypt and load your HTML, all done in the browser. -
14
Damn Vulnerable GraphQL Application
Vulnerable implementation of Facebook's GraphQL technology
Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security. DVGA has numerous flaws, such as Injections, Code Executions, Bypasses, Denial of Service, and more. See the full list under the Scenarios section. A public Postman collection is also available to replay solutions to the challenges. DVGA supports Beginner and Expert level game modes, which will change the exploitation difficulty. -
15
OWASP Juice Shop
Probably the most modern and sophisticated insecure web application
It can be used in security trainings, awareness demos, CTFs and as a guinea pig for security tools! Juice Shop encompasses vulnerabilities from the entire OWASP Top Ten along with many other security flaws found in real-world applications! Juice Shop is written in Node.js, Express and Angular. It was the first application written entirely in JavaScript listed in the OWASP VWA Directory. The application contains a vast number of hacking challenges of varying difficulty where the user is supposed to exploit the underlying vulnerabilities. The hacking progress is tracked on a scoreboard. Finding this scoreboard is actually one of the (easy) challenges! Apart from the hacker and awareness training use case, pentesting proxies or security scanners can use Juice Shop as a “guinea pig”-application to check how well their tools cope with JavaScript-heavy application frontends and REST APIs. -
16
Password-Manager
Online keepass-like tool to manage password. client-side AES encrypt!
v11.00 greatly enhanced security! This password manager can generate and store random strong passwords for users. Passwords are generated on users' browsers and then encrypted using AES256 (mode CBC). PBKDF2 with SHA512 is used for user identification check. In trusted computers, user can enable a PIN to login faster. PIN verification is complicated and involves both server and client. Though PIN is only 4 digits, it's still safe (server will disable PIN upon 3 errors) You can import CSV file including your account and passwords from other password managers to this one. Tags and search are supported now. Installation: https://github.com/zeruniverse/Password-Manager/wiki/Installation Upgrade: https://github.com/zeruniverse/Password-Manager/wiki/Upgrade-Password-Manager For demo, please visit: http://phppasswordmanager.sourceforge.net/ You can access the database for this demo at: https://mysql-p.sourceforge.net with login user: p2663268ro and password:12345678 -
17
AliasVault
Open-Source Password & (Email) Alias Manager
AliasVault is an end-to-end encrypted password and (email) alias manager that protects your privacy by creating alternative identities, passwords and email addresses for every website you use. Keeping your personal information private. -
18
Proxy Tester is a proxy list tester and then it generates a wpad.dat file you can use for your browser based on working servers. wpad.dat file selects a random proxy server from the list of provided working proxy servers with each connection request.
-
19
Ampare Hide Links
Ampare Hide Link is a script which auto hide real link on your website
Ampare Hide Link is a script which auto hide link on your website to prevent user from knowing the final destination. Ampare Hide Link is using Defat Technology and other to protect your link on iframe and other tags. If you want to share some content but want to keep the url private. You can use Ampare Hide Link . It is free -
20
This is where web developers can get tools that can make their life easier. Web technologies and languages used contain but are not limited to HTML, XHTML, CSS, JavaScript, PHP, and AJAX. All code is extremely slim, fast running, and is W3C compliant.
-
21
In-Browser-File-Encrypter
The source code of the In-Browser-File-Encrypter web app
The In-Browser File Encrypter is a simple web application that enables you to securely encrypt your files directly in your browser using the AES-256 encryption algorithm in CBC mode. Check it out at: https://codepen.io/Northstrix/pen/xxvXvJL and https://northstrix.github.io/In-Browser-File-Encrypter/V1.0/web-app.html GitHub page: https://github.com/Northstrix/In-Browser-File-Encrypter The download shortcut: https://sourceforge.net/projects/in-browser-file-encrypter/files/V1.0%20%28Improved%20UI%29/V1.0%20%28Improved%20UI%29.zip/download Successfully tested in Google Chrome on Windows 11 and Fedora 40. -
22
Apisauce
Axios + standardized errors + request/response transforms
Talking to APIs doesn't have to be awkward anymore. Low-fat wrapper for the amazing Axios HTTP client library. All responses follow the same flow: success and failure alike. Responses have a problem property to help guide exception flow, attach functions that get called each request, attach functions that change all request or response data. Detects connection issues (on React Native). The only required property is baseURL and it should be the starting point for your API. It can contain a sub-path and a port as well. The responses are promise-based, so you'll need to handle things in a .then() function. The promise is always resolved with a response object. Even if there was a problem with the request! This is one of the goals of this library. It ensures sane calling code without having to handle .catch and has 2 separate flows. -
23
-
24
Betwixt
Web debugging proxy based on Chrome DevTools network panel
Betwixt will help you analyze web traffic outside the browser using familiar Chrome DevTools interface. Download the latest release for your operating system, build your own bundle or run Betwixt from the source code. In order to capture traffic, you'll have to direct it to the proxy created by Betwixt in the background. -
25
Bootleg-Password-Vault
A password vault with client-side encryption and nice-looking UI
A password vault with client-side encryption and nice-looking UI built with React. The app is hosted at https://northstrix.github.io/Bootleg-Password-Vault/ The source code can also be found at: https://github.com/Northstrix/Bootleg-Password-Vault https://codeberg.org/Northstrix/Bootleg-Password-Vault The related article is available at: https://medium.com/@Northstrix/adbd8dad0442
