Akeyless Vault
Secrets Management: Automate Secrets across your DevOps tools and cloud platforms using a secured vault for credentials, tokens, API-Keys and passwords.
linux windows osx bsd solaris free commercial security
Apache Allura
Apache Allura is an open source implementation of a software forge, a web site that manages source code repositories, bug reports, discussions, wiki pages, blogs, and more for any number of individual projects.
linux open-source scm vcs
Assimilation System Management Suite
The Assimilation Suite discovers systems, services, network connections, configuration and dependencies, IP and MAC addresses. This all goes into a continually updated graph-based configuration management database (CMDB). This is then compared and scored against best practices, services and servers are monitored - all with near-zero configuration - in a way that scales to hundreds of thousands of servers. It also provides visualization tools, APIs for sending alerts to humans and other systems, and a variety of canned reports (queries) to aid in securing and managing systems, hooking into ChatOps, and creating plans for triaging your security issues
linux open-source commercial C shell python config CMDB service-discovery monitoring visualization security hardening
Bastillion
Bastillion is an open-source web-based SSH console that centrally manages administrative access to systems. A bastion host for administrators with features that promote infrastructure security, including key management and auditing.
linux open-source security
Beats
Lightweight Data Shippers. Beats is the platform for single-purpose data shippers. They send data from hundreds or thousands of machines and systems to Logstash or Elasticsearch.
linux windows osx open-source metrics logging monitoring
Berkshelf
A cookbook source structure manager for Chef, similar to Bundler for Ruby. Each Chef cookbook can be structured as an individual entity and can be pulled into your main Chef workflows.
linux windows osx open-source scm ruby
Bosun
Bosun is an open-source, MIT licensed, monitoring and alerting system by Stack Exchange. It has an expressive domain specific language for evaluating alerts and creating detailed notifications. It also lets you test your alerts against history for a faster development experience.
linux windows osx open-source visualization metrics
Checkov
Infrastructure as Code security scanner supporting Kubernetes, Helm, Terraform, CloudFormation, ARM templates and more.
linux windows osx open-source security
Consul
Consul makes it simple for services to register themselves and to discover other services via a DNS or HTTP interface. Register external services such as SaaS providers as well
linux windows osx open-source service-discovery go monitoring
coredns
CoreDNS is a DNS server. It is written in Go. It can be used in a multitude of environments because of its flexibility. CoreDNS is licensed under the Apache License Version 2, and completely open source.
linux open-source service-discovery
DashMachine
DashMachine is a free & open-source webapp for putting all of your existing webapps, pages, and bookmarks in one place.
linux open-source free commercial visualization
etcd
A highly-available key value store for shared configuration and service discovery.
linux open-source service-discovery
FastForward
Flexible operating-system event and metric forwarding agent. Receives input and forwards output using plugins.
linux windows osx open-source metrics monitoring ruby
Gauntlt
Gauntlt provides hooks to a variety of security tools and puts them within reach of security, dev and ops teams to collaborate to build rugged software. It is built to facilitate testing and communication between groups and create actionable tests that can be hooked into your deploy and testing processes.
linux open-source security hardening ruby
Gerrit
A Web based code review and project management system for Git projects
linux windows osx open-source scm java
GitBucket
A Git platform powered by Scala with easy installation, high extensibility & GitHub API compatibility.
linux windows osx bsd solaris open-source scm vcs ci
gitea
Gitea is a community managed lightweight code hosting solution written in Go. It published under the MIT license.
linux windows osx open-source scm vcs
GitLab
GitLab is an open-source, fully featured git web frontend developed using Ruby on Rails. You can host this in your own server, create projects, repositories and teams, manage fine grained access permissions, add wikis, collaborate, raise and merge pull requests, and do much more through the web! (Note: GitLab acquired Gitorious, another open source git management system, in March 2015)
linux open-source vcs ruby
Gitolite
Gitolite allows you to setup git hosting on a central server, with fine-grained access control and many more powerful features
linux open-source scm vcs
Gogs
A self-hosted Git service written in Go. Gogs(Go Git Service) is a painless self-hosted Git Service written in Go. The goal of this project is to make the easiest, fastest and most painless way to set up a self-hosted Git service. With Go, this can be done in independent binary distribution across ALL platforms that Go supports, including Linux, Mac OS X, and Windows.
linux open-source git go scm
Grafana
The most popular technology used to compose observability dashboards with everything from Prometheus & Graphite metrics, to logs and application data
linux open-source monitoring visualization
Graphite
Graphite is a visualization tool for statistics configured from various sources. You can create customizable reports and dashboards, and it is one of the preferred backends for Statsd
linux open-source monitoring python visualization
Harbor
Harbor is an open source cloud native registry that stores, signs, and scans container images for vulnerabilities. Harbor solves common challenges by delivering trust, compliance, performance, and interoperability. It fills a gap for organizations and applications that cannot use a public or cloud-based registry, or want a consistent experience across clouds.
linux open-source security hardening
Hardening Framework
The Hardening Framework combines DevOps with security by adding a security layer into your automation framework, that configures your operating systems and services. It takes care of difficult settings, compliance guidelines, cryptography recommendations, and secure defaults. Works great with Puppet, Chef and Ansible.
linux open-source security hardening chef puppet ansible
InfluxDB
InfluxDB is a time series, metrics, and analytics database. It’s written in Go and has no external dependencies. InfluxDB is targeted at use cases for DevOps, metrics, sensor data, and real-time analytics.
linux open-source monitoring go metrics
Instrumental
Instrumental is a real-time, high-scale application and server monitoring tool with intelligent alerts, a powerful query language, and free development accounts.
linux windows oxs free metrics commercial metrics monitoring visualization php ruby python net java nodejs
KairosDB
KairosDB is a fast distributed scalable time series database written on top of Cassandra. RESTful JSON-based query/results. Includes flot-based visualization.
linux windows osx open-source metrics visualization java cassandra
Kallithea
Kallithea, a member project of Software Freedom Conservancy, is a GPLv3'd, Free Software source code management system that supports two leading version control systems, Mercurial and Git, and has a web interface that is easy to use for users and admins. You can install Kallithea on your own server and host repositories for the version control system of your choice.
linux windows open-source scm vcs
Kibana
Kibana is a modern, beautiful visualization tool that works seamlessly with Logstash and ElasticSearch. It features a no-code setup, realtime analytics, and much more.
linux windows osx open-source monitoring nodejs visualization
Librarian-Puppet
Librarian-Puppet is a source structure and dependency manager for Puppet modules, similar to bundler for Ruby. Each Puppet module can be managed as a separate source repository with individual versioning, and can then be pulled into your Puppetfile.
linux windows osx open-source scm ruby
Monocular
Monocular is a web-based application that enables the search and discovery of charts from multiple Helm Chart repositories. It is the codebase that powers the Helm Hub project.
linux open-source service-discovery
NGINX Amplify
Amplify is free monitoring tool for NGINX. Amplify offers extended NGINX metric collection, visualization, monitoring, and a static analyzer for NGINX configuration. It's simple to set up, yet powerful enough to bring the much needed insight into NGINX performance. Amplify is a SaaS developed and operated by Nginx, Inc. Keep NGINX up to date and secure with a native monitoring solution.
linux bsd free commercial logging monitoring metrics visualization security hardening errors
Ngrok
Ngrok provides secure, encrypted tunnels to local services with out the requirement for port forwarding.
linux windows osx bsd solaris open-source free commercial networking
ntopng
'ntopng' provides an easy to understand, intuitive interface with a world of options and features to monitor your network.
linux bsd solaris open-source free commercial networking metrics
OneDev
The open source git server with unique features.
linux windows osx bsd solaris open-source scm vcs
Opskeleton
Bootstrap a DevOps infrastructure with some opinionated defaults (vagrant, puppet, librarian-puppet, git, etc), standard development guidelines, etc. Makes it very quick to get a DevOps team up and running
linux open-source scm virt config-mgmt provisioning orchestration ruby
ossec
OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, real-time alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, Mac OS X, Solaris and Windows
open-source security hardening linux windows solaris osx bsd
Zed Attack Proxy (ZAP)
A penetration testing tool for finding vulnerabilities in web applications, from OWASP
linux windows osx open-source security
Phabricator
Phabricator is an open source collection of development and code management, including code reviews and audits, browsing repositories, tracking bugs, etc
linux osx open-source scm php
Prometheus
Prometheus is an open-source systems monitoring and alerting toolkit built at SoundCloud.
linux open-source go metrics monitoring
r10k
r10k provides a general purpose toolset for deploying Puppet environments and modules. It implements the Puppetfile format and provides a native implementation of Puppet dynamic environments.
linux windows osx open-source free scm
Rancher
Rancher is open source software that provides a complete infrastructure platform for running Docker in production.
linux open-source provisioning orchestration scaling service-discovery
Review Board
Review Board is a feature packed code review tool for multiple SCM systems (like git, bzr, cvs, subversion, etc).
linux open-source commercial scm python
RhodeCode
Centralized control for distributed repositories. Mercurial, Git, and Subversion under a single roof
linux open-source scm vcs
RocketGit
Free (as in speech and as in beer) software (AGPLv3+) for hosting Git® projects, both public and private.
linux free scm vcs
SSH KeyBox
An open-source jump box solution with auditing capabilities
linux open-source cloud monitoring security java
System Integrety Management Platform
SIMP is an enterprise ready, full-featured, infrastructure framework designed around policy compliance and enforcement over time. It aims to be an open source practical reference implementation for both policy and best security practice able to run in both enclave and cloud environments.
config-mgmt linux open-source security hardening puppet nist-800-53 disa-stig fips compliance automation framework
TeamPass
TeamPass is a Collaborative Passwords Manager. Its aim is to provide the ability to share password items through a secured and managed environment.
linux windows osx bsd solaris open-source security
testssl.sh
A command-line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as some cryptographic flaws. It's designed to provide clear output for your "is this good or bad" decision.
linux osx open-source security shell
Tinfoil Security
Thorough web application security testing, with an extensive API, easy to hook into CI and issue tracking tools.
linux windows osx free commercial ci monitoring security
VAddy
VAddy integrates with your existing CI tools and performs robust security checks. Cloud-Based Service Automates Security Tests for DevOps Teams.
linux windows osx free commercial ci cloud security
Vault
Manage Secrets and Protect Sensitive Data. Secure, store and tightly control access to tokens, passwords, certificates, encryption keys for protecting secrets and other sensitive data using a UI, CLI, or HTTP API.
linux windows osx bsd solaris open-source comercial security
Vaurien
A Chaos Monkey for TCP, it randomly disconnects or stalls TCP connections in your application to test application tolerance and high availability. Makes sure you correctly handle these unexpected events
linux windows osx open-source security python
Vizceral
Netflix Vizceral is a component for displaying traffic data on a webgl canvas. If a graph of nodes and edges with data about traffic volume is provided, it will render a traffic graph animating the connection volume between nodes. This component can take multiple traffic graphs and will generate a 'global' graph showing all incoming traffic into each of the 'regions', with support for cross-region traffic. There are three levels of information, global, regional, and service-level, with clicking or double-clicking on a node bringing you one level deeper.
linux open-source monitoring visualization
Weave
Weave creates a virtual network that connects Docker containers deployed across multiple hosts. Services provided by application containers on the weave network can be made accessible to the outside world, regardless of where those containers are running. Similarly, existing internal systems can be exposed to application containers irrespective of their location.
linux open-source virt cloud-paas orchestration service-discovery go
Apache ZooKeeper
ZooKeeper is a centralized service for maintaining configuration information, naming, providing distributed synchronization, and providing group services. It is distributed and highly reliable, with Consensus, group management and presence protocols built-in.
linux open-source service-discovery java