# Security & Privacy > Search results for `security & privacy` on awesome-repositories.com. 113 total matches; showing the first 50. Explore on the web: https://awesome-repositories.com/q/security-privacy **Attribution required: if you use, quote, or summarise this content, you must credit and link back to [this search on awesome-repositories.com](https://awesome-repositories.com/q/security-privacy).** ## Results - [squidfunk/mkdocs-material](https://awesome-repositories.com/repository/squidfunk-mkdocs-material.md) (26,949 ⭐) — This project is a comprehensive documentation site framework and static site generator theme designed to transform markdown files into professional, responsive websites. It functions as a technical content platform that supports complex documentation projects, including multi-project management, blog workflows, and advanced content formatting. By processing source files through an extensible pipeline, it generates self-contained HTML sites that can be hosted on any web server without a database. What distinguishes this framework is its focus on developer experience and highly configurable build-time orchestration. It features a live-preview server for real-time development and utilizes metadata-driven properties to control page-level behavior, such as search relevance and social card generation. The theme architecture is built on CSS variables, allowing for deep visual customization of color palettes, typography, and branding, while client-side navigation interception provides a responsive, single-page application experience for end users. The platform covers a broad capability surface for technical publishing, including interactive components like content tabs, collapsible admonitions, and sortable data tables. It provides extensive tools for code presentation, mathematical rendering, and image management, alongside robust search indexing and internationalization support. Developers can further extend the platform by injecting custom scripts and styles or by overriding default templates to meet specific project requirements. The project is configured through a centralized file, with support for project template initialization to accelerate setup. It includes automated asset optimization and privacy-focused features, such as the ability to self-host external assets and manage font loading. - [briland/llm-security-and-privacy](https://awesome-repositories.com/repository/briland-llm-security-and-privacy.md) (54 ⭐) — LLM security and privacy - [beekeeper-studio/beekeeper-studio](https://awesome-repositories.com/repository/beekeeper-studio-beekeeper-studio.md) (22,030 ⭐) — Beekeeper Studio is a cross-platform desktop application designed for database management and SQL development. It provides a unified graphical interface to connect to, query, and modify data across a wide range of relational and NoSQL database systems. The application functions as a comprehensive workspace, integrating tools for schema design, record editing, and data visualization. The project distinguishes itself through a focus on secure, flexible connectivity and AI-assisted workflows. It supports advanced authentication methods, including enterprise single sign-on, multi-factor authentication, and token-based access, alongside secure traffic routing via SSH tunneling and SSL encryption. Users can leverage AI-driven query generation to translate natural language into executable SQL, while the interface allows for direct, spreadsheet-like data editing and transactional staging to ensure data integrity. The platform covers a broad capability surface, including robust import and export management, schema inspection, and visual entity relationship diagram generation. It also offers extensive customization options, such as editor behavior settings, native extension loading for SQLite, and third-party add-on integration. The application is distributed as a native desktop installer for Windows, Linux, and MacOS, with support for portable execution and offline-only operation modes. - [drduh/macos-security-and-privacy-guide](https://awesome-repositories.com/repository/drduh-macos-security-and-privacy-guide.md) (22,443 ⭐) — Community guide to securing and improving privacy on macOS. - [0x192/universal-android-debloater](https://awesome-repositories.com/repository/0x192-universal-android-debloater.md) (19,385 ⭐) — Universal Android Debloater is a desktop utility designed to manage and remove pre-installed software from Android devices. By utilizing the Android Debug Bridge, the tool allows users to identify and disable or uninstall system applications on non-rooted devices to improve privacy, storage availability, and overall system performance. The software distinguishes itself through its ability to reconcile current device states against declarative configuration files, enabling the automated application of software removal profiles. It supports multi-instance management, allowing users to connect to and control multiple hardware units simultaneously from a single interface. The tool also maintains remote synchronization with external repositories to ensure that package metadata and bloatware signatures remain current. Beyond core removal tasks, the utility provides comprehensive data management features, including the ability to import and export custom configuration lists and perform device state backups for system recovery. It incorporates observability tools such as operation logging and modification history auditing to provide transparency and assist in troubleshooting during the maintenance process. - [ente-io/ente](https://awesome-repositories.com/repository/ente-io-ente.md) (27,158 ⭐) — Ente is a privacy-focused platform for end-to-end encrypted storage and two-factor authentication management. It functions as a zero-knowledge identity provider, ensuring that all cryptographic operations, key derivation, and data encryption occur locally on the user's device. By maintaining this architecture, the service provider remains unable to access or decrypt any stored personal information or authentication credentials. The platform distinguishes itself through a combination of on-device intelligence and resilient data distribution. It utilizes a local machine learning engine to perform resource-intensive tasks such as semantic image searching and facial recognition directly on the user's hardware, ensuring that sensitive visual data never leaves the device. To guarantee high availability and data permanence, the system replicates encrypted information across multiple independent cloud providers and geographic regions, protecting against provider outages or regional failures. Beyond its core storage and security capabilities, the project includes sophisticated resource scheduling that monitors device telemetry to manage background processing tasks efficiently. It also provides a comprehensive authentication manager that supports secure token imports and offline operation, allowing users to maintain control over their credentials with or without cloud synchronization. - [drduh/os-x-security-and-privacy-guide](https://awesome-repositories.com/repository/drduh-os-x-security-and-privacy-guide.md) (22,444 ⭐) — Community guide to securing and improving privacy on macOS. - [fmhy/fmhy](https://awesome-repositories.com/repository/fmhy-fmhy.md) (10,701 ⭐) — FMHY is a community-driven index designed to organize and distribute decentralized digital content through standardized metadata and protocol-agnostic linking. It functions as a resilient, distributed map of internet resources, providing a structured directory that facilitates the discovery of media, software, and educational tools without reliance on centralized control. The project distinguishes itself by maintaining a massive, human-verified repository of external links that span diverse digital ecosystems, including peer-to-peer networks, Usenet, and direct download servers. By utilizing lightweight, version-controlled text files, the platform enables easy mirroring and local hosting, ensuring that its comprehensive index remains accessible and redundant across various environments. The directory covers a broad operational surface, including tools for digital media acquisition, retro gaming emulation, and self-directed academic learning. It also provides extensive resources for system privacy and security, artificial intelligence integration, and professional development, offering a centralized hub for navigating complex online information. The project is documented through a series of structured, navigable directories that allow users to filter and locate specific resources efficiently. - [capsoftware/cap](https://awesome-repositories.com/repository/capsoftware-cap.md) (17,026 ⭐) — Cap is a self-hosted screen recording and video collaboration platform designed for teams to replace synchronous meetings with asynchronous video updates. It provides a comprehensive suite for capturing high-resolution desktop activity, including system audio, microphone input, and camera overlays, which are then processed through an integrated post-production workflow. The platform distinguishes itself by offering full data sovereignty through containerized deployment and object storage abstractions, allowing users to host their media assets on private infrastructure or S3-compatible buckets. Beyond simple recording, it features keyframe-based video compositing, automated AI-powered transcription, and visual branding tools that enable creators to polish and annotate their content before sharing. The system facilitates team engagement through a centralized workspace where viewers can provide feedback via timestamped comments, reactions, and playback analytics. It also includes programmatic interfaces for embedding videos into external applications, managing media assets, and automating distribution workflows. The project is distributed as a containerized application, enabling deployment on private servers to maintain complete control over data storage and access permissions. - [lissy93/awesome-privacy](https://awesome-repositories.com/repository/lissy93-awesome-privacy.md) (9,500 ⭐) — 🦄 A curated list of privacy & security-focused software and services - [coder/code-server](https://awesome-repositories.com/repository/coder-code-server.md) (77,955 ⭐) — This project provides a remote development platform that enables users to access a full-featured integrated development environment through a standard web browser. By decoupling the user interface from the server-side filesystem, it allows for persistent coding workspaces to be hosted on remote servers, virtual machines, or cloud-native infrastructure, ensuring a consistent development experience from any device. The platform distinguishes itself through a secure gateway architecture that manages traffic, authentication, and encryption at the edge. It utilizes persistent WebSocket connections to synchronize editor state and terminal input-output between the remote server and the browser. Furthermore, it includes built-in service proxying capabilities that allow developers to expose locally running web applications via secure subdomains or subpaths, complete with integrated identity verification and traffic management. To support diverse infrastructure requirements, the system offers flexible deployment options including containerized environments and automated provisioning workflows. It maintains state continuity through filesystem-mounted persistence, ensuring that configurations and project data remain intact across restarts. The platform also enforces network security by managing TLS certificates for HTTPS traffic and providing integration layers for external authentication providers. Installation is supported across various host architectures through shell scripts, package managers, or standalone archives, with built-in utilities for managing the application lifecycle. - [fish-shell/fish-shell](https://awesome-repositories.com/repository/fish-shell-fish-shell.md) (33,687 ⭐) — This project is an interactive command-line shell designed to provide a user-friendly terminal environment for system interaction and task automation. It functions as both an interactive interface for developers and a scripting runtime, featuring a clean, consistent syntax that simplifies command execution and process management. The shell distinguishes itself through a focus on discoverability and real-time feedback. It includes a predictive suggestion engine that offers command completions and history-based hints as you type, alongside a dedicated parser that provides immediate visual feedback on syntax validity. To ensure data integrity, it utilizes a native list-based variable architecture that prevents common issues with word splitting, and it maintains a universal variable manager to synchronize settings across all active and future shell instances. Beyond its core interactive capabilities, the shell supports a comprehensive suite of productivity tools, including customizable prompts, advanced line editing, and an event-driven hook system for responding to lifecycle changes. It manages configuration through both terminal-based commands and a graphical interface, while optimizing performance through lazy function autoloading and efficient command history navigation. The shell provides extensive support for scripting, including built-in tools for string manipulation, conditional logic, and data stream redirection. It is designed to be ready for use with default completion support and terminal compatibility features, such as true color rendering, enabled out of the box. - [gorhill/ublock](https://awesome-repositories.com/repository/gorhill-ublock.md) (65,524 ⭐) — uBlock is a browser-based content blocker that functions as a declarative filtering engine to intercept network requests and modify web page content. It operates by parsing standardized filter lists into optimized data structures, allowing it to block network hosts, enforce security policies, and prevent unauthorized data transmission. The extension provides a comprehensive security layer that monitors outgoing traffic and disables intrusive browser features to enhance user privacy. What distinguishes this project is its granular control over filtering behavior through a dynamic rule orchestrator. Users can manage custom rules, apply site-specific overrides, and toggle filtering settings on a per-domain basis. The engine also employs advanced techniques such as CNAME uncloaking, IP address filtering, and response body modification to identify and neutralize trackers that attempt to bypass standard blocking methods. Furthermore, it supports enterprise-grade deployment, enabling organizations to enforce consistent security and filtering configurations across managed environments. The project covers a broad capability surface including cosmetic page modification, which uses CSS injection and sandboxed scriptlets to remove visual clutter and neutralize anti-blocking scripts. It also provides interactive tools for real-time network traffic inspection and manual element removal, ensuring users can debug and customize their browsing experience. The extension is designed to maintain high performance by synchronizing its initialization at startup, ensuring that all security rules are active before any network requests are processed. - [aseprite/aseprite](https://awesome-repositories.com/repository/aseprite-aseprite.md) (37,521 ⭐) — Aseprite is a specialized graphics editor and animation suite designed for the creation of pixel-based artwork. It provides a comprehensive environment for managing multi-layered animation sequences, offering tools for frame-by-frame design, onion skinning, and real-time motion previews. The application is built to handle both indexed color palettes and full-color RGB editing, allowing users to maintain precise control over pixel data and transparency. What distinguishes Aseprite is its focus on programmable workflows and game asset production. It features a scriptable command architecture that allows users to automate repetitive tasks via Lua scripting or command-line operations, facilitating batch processing and integration into larger development pipelines. Beyond standard drawing utilities, the software includes dedicated workspaces for tilemap design and sprite sheet generation, enabling the export of complex animations and metadata for use in external game engines. The application supports a wide range of structural management tools, including layer grouping, slice property configuration, and flexible timeline organization. Users can customize their workspace through dockable panels, interface themes, and extensive preference settings, while built-in crash recovery mechanisms ensure data safety during long editing sessions. - [undergroundwires/privacy.sexy](https://awesome-repositories.com/repository/undergroundwires-privacy-sexy.md) (5,595 ⭐) — Open-source tool to enforce privacy & security best-practices on Windows, macOS and Linux, because privacy is sexy - [tensorflow/privacy](https://awesome-repositories.com/repository/tensorflow-privacy.md) (2,014 ⭐) — Library for training machine learning models with privacy for training data - [dragonflydb/dragonfly](https://awesome-repositories.com/repository/dragonflydb-dragonfly.md) (30,688 ⭐) — Dragonfly is a high-performance, multi-model in-memory data store designed to serve as a drop-in replacement for existing database infrastructures. By utilizing a multi-threaded, shared-nothing architecture and a fiber-based concurrency model, it maximizes CPU utilization and minimizes latency for read and write operations. The system supports a wide range of data structures, including strings, hashes, lists, sets, sorted sets, and JSON documents, while maintaining full compatibility with standard industry wire protocols and client libraries. What distinguishes Dragonfly is its focus on efficiency and scalability through advanced memory management and request processing. It employs a lock-free, cache-friendly hash table structure and zero-copy serialization to reduce overhead during high-throughput operations. For durability, the system utilizes asynchronous, snapshot-based persistence that captures the state of the dataset without blocking active requests. Furthermore, it provides built-in support for horizontal scaling and cluster management, allowing for the distribution of large datasets across multiple nodes to ensure high availability. Beyond core storage, the platform includes a comprehensive suite of operational and analytical capabilities. It features integrated support for geospatial data management, real-time message brokering via publish-subscribe patterns, and full-text search. To handle massive datasets efficiently, the engine incorporates probabilistic data structures for cardinality estimation, frequency tracking, and membership testing. These features are complemented by robust administrative tools, including access control, request rate limiting, and detailed server monitoring. - [mintplex-labs/anything-llm](https://awesome-repositories.com/repository/mintplex-labs-anything-llm.md) (61,663 ⭐) — This platform serves as a comprehensive environment for managing private language models, document knowledge bases, and automated agent workflows within secure local infrastructure. It functions as a document-aware workspace that enables users to ingest diverse file formats into searchable repositories, ensuring that all data processing and model inference remain within private, local environments to maintain data sovereignty. The system distinguishes itself through a modular agentic engine that allows for the definition of custom skills and external tool execution. By utilizing a multi-model abstraction layer, it normalizes interactions across various local and cloud-based providers, while workspace-scoped management ensures that system prompts and knowledge bases remain isolated to meet specific operational requirements. Beyond core orchestration, the platform includes a document-parsing pipeline that converts files into structured text for semantic retrieval via local vector indexing. Users can further extend functionality through command-line triggers and persistent system instructions, standardizing how artificial intelligence behaves across different business contexts. - [memvid/memvid](https://awesome-repositories.com/repository/memvid-memvid.md) (13,160 ⭐) — Memvid is an embedded memory framework designed to provide persistent, versioned context for intelligent agents. It functions as a local vector database library that stores all data within a single binary file, removing the need for external database infrastructure or network dependencies. The system distinguishes itself by integrating in-process vector indexing with append-only versioning, allowing for high-speed semantic similarity searches alongside the ability to track and roll back state changes over time. It includes built-in transparent data encryption and masking to secure sensitive information at rest, ensuring privacy and compliance during all storage operations. The framework provides a comprehensive set of tools for managing agent context, including programmatic SDK access for reading and writing data. By combining embedded key-value mapping with low-latency retrieval mechanisms, it enables applications to maintain consistent, long-term memory across sessions. - [adolfintel/windows10-privacy](https://awesome-repositories.com/repository/adolfintel-windows10-privacy.md) (1,409 ⭐) — Windows 10 Privacy Guide - [eyaltoledano/claude-task-master](https://awesome-repositories.com/repository/eyaltoledano-claude-task-master.md) (27,567 ⭐) — This project is an autonomous, multi-model orchestrator designed to manage the full software development lifecycle through a command-line interface. It functions as an intelligent agent that decomposes high-level product goals into actionable, prioritized subtasks, manages dependency graphs, and executes development cycles. By automating requirement parsing, technical research, and task tracking, it maintains project alignment and momentum throughout the implementation process. The system distinguishes itself through a provider-agnostic abstraction layer that allows users to assign specific artificial intelligence models to primary, research, or fallback roles. It supports both cloud-based services for broad reasoning capabilities and local model execution to ensure data privacy and offline functionality. Furthermore, the platform integrates live web research directly into the task management workflow, enabling agents to generate complexity scores and validate technical decisions against current industry patterns before writing code. Beyond core orchestration, the tool provides a comprehensive framework for managing task metadata, parallel workstreams, and team collaboration. It includes features for real-time task monitoring, automated documentation generation, and integration with development environments through standardized communication protocols and editor extensions. The system is configured via local environment files, which handle secure credential management and allow for the optimization of active tools to balance context window usage. - [google/differential-privacy](https://awesome-repositories.com/repository/google-differential-privacy.md) (3,324 ⭐) — Google's differential privacy libraries. - [zen-browser/desktop](https://awesome-repositories.com/repository/zen-browser-desktop.md) (42,877 ⭐) — This project is an open-source desktop web browser built on the Gecko rendering engine. It is designed to prioritize user privacy and security, utilizing a multi-process architecture to isolate web content and maintain a secure sandbox environment for all browsing activities. The browser distinguishes itself through a highly modular interface engine that allows users to customize visual layouts and functional behaviors using style sheets and community-developed modifications. It supports advanced productivity workflows by enabling users to synchronize navigation state across multiple windows, organize tabs into distinct workspaces, and utilize split-view layouts for efficient multitasking. Beyond its core interface capabilities, the browser provides a comprehensive suite of security and privacy protections. This includes automated tracker blocking, encrypted domain name resolution, and strict enforcement of secure connection protocols to prevent unauthorized data collection and mitigate threats from malicious websites. The application also features an extensible architecture that supports third-party modules, allowing users to integrate specialized tools for enhanced navigation and media management. - [amruthpillai/reactive-resume](https://awesome-repositories.com/repository/amruthpillai-reactive-resume.md) (38,613 ⭐) — This project is a web-based platform designed for creating, managing, and sharing professional resumes. It functions as a structured document builder that integrates artificial intelligence to assist with content generation, editing, and analysis. Users can maintain a collection of resumes, customize their visual presentation through various templates, and export them into multiple formats for job applications. The platform distinguishes itself through its autonomous AI agent capabilities, which can perform research, suggest incremental edits, and apply data patches directly to documents. It also provides a secure, self-hostable environment that allows users to maintain full control over their data and infrastructure. The system supports advanced authentication methods, including passkeys and federated identity providers, ensuring that personal and professional information remains protected. Beyond core editing, the application includes tools for document organization, such as tagging, filtering, and legacy data migration. It features a robust document generation engine that separates content from design, allowing for precise layout control and styling. Users can share their resumes via password-protected public URLs and monitor document performance through integrated analytics. The application is designed for containerized deployment, utilizing Docker Compose to facilitate consistent installation across private infrastructure. It includes built-in health monitoring and feature flagging to manage system performance and functionality without requiring code redeployments. - [ajayyy/sponsorblock](https://awesome-repositories.com/repository/ajayyy-sponsorblock.md) (12,776 ⭐) — SponsorBlock is a community-driven platform designed to automate the skipping of specific video segments, such as sponsorships and intros, during playback. It functions as a crowdsourced database where users submit and categorize video timestamps, which are then retrieved by client-side extensions to intercept and skip unwanted content. The system distinguishes itself through a reputation-weighted consensus model, where community voting and administrative moderation ensure the accuracy of submitted data. To protect user privacy, the platform utilizes hash-based retrieval, allowing clients to fetch segment information without exposing their specific viewing history to the central server. The platform includes a comprehensive suite of tools for managing content integrity, including role-based moderation, content locking, and contributor performance analytics. Users can track their impact through metrics like total time saved and submission volume, while administrators maintain the database through specialized tools for correcting timing errors and managing account-level permissions. - [diafygi/privacy-checklist](https://awesome-repositories.com/repository/diafygi-privacy-checklist.md) (39 ⭐) — Checklist for securing communications - [balena-io/etcher](https://awesome-repositories.com/repository/balena-io-etcher.md) (33,872 ⭐) — Etcher is a cross-platform utility designed for creating bootable media by flashing raw disk images onto USB drives and SD cards. It functions as a desktop application that provides a graphical interface for low-level storage device management, ensuring data integrity through built-in validation during the writing process. The application utilizes a unified interface layer to map high-level commands to native system utilities, allowing it to operate consistently across different operating systems. It employs a stream-based data pipeline to pipe image contents directly to storage media, which minimizes memory usage during large write operations. To maintain system security, the tool delegates administrative disk access tasks to a background process. Beyond image deployment, the software includes capabilities for storage device maintenance, such as clearing partition tables and reformatting corrupted or unusable drives. It is distributed through various native package managers and community repositories across Windows, macOS, and Linux environments. - [hagezi/dns-blocklists](https://awesome-repositories.com/repository/hagezi-dns-blocklists.md) (20,103 ⭐) — This project is a comprehensive repository of curated domain blocklists designed for network-wide DNS filtering. It functions as a DNS sinkhole feed, providing the necessary data to intercept and block unwanted network requests at the resolution layer before they reach their destination. By returning null or loopback addresses for identified domains, it prevents connections to malicious infrastructure, advertising servers, and tracking endpoints across all devices on a network. The repository distinguishes itself through a tiered categorization logic that allows users to select protection levels based on their specific security and compatibility requirements. It aggregates data from multiple threat intelligence and privacy sources, processing them through an automated pipeline to ensure the lists remain current. The output is generated in multiple standard formats, ensuring compatibility with a wide range of DNS server software and network appliances. Beyond basic ad and tracker blocking, the project supports granular content restrictions, including the ability to filter adult content, gambling sites, and social media platforms. It also includes specialized protections against security threats such as phishing, malware, and command-and-control servers, while mitigating unauthorized telemetry and preventing DNS rebinding attacks. - [binwiederhier/ntfy](https://awesome-repositories.com/repository/binwiederhier-ntfy.md) (30,790 ⭐) — ntfy is a self-hosted messaging infrastructure that provides a lightweight platform for sending and receiving real-time notifications. It functions as a topic-based pub-sub server, allowing users to publish and subscribe to message channels using standard HTTP requests. By bridging server-side events with native mobile and desktop clients, it enables the delivery of alerts across various environments through a unified communication layer. The project distinguishes itself by offering a complete, private notification ecosystem that includes persistent message caching and robust access control. It supports the UnifiedPush protocol, acting as a gateway to native mobile operating system push services, which allows for decentralized notification delivery without reliance on proprietary cloud providers. Users can interact with the system through a command-line interface, webhooks, or persistent streaming connections like Server-Sent Events and WebSockets. The platform covers a broad range of operational capabilities, including automated system monitoring, workflow integration, and cross-platform event broadcasting. It supports advanced message features such as content templating, file attachments, interactive buttons, and priority-based delivery. The system is designed for flexible deployment, offering containerized and binary-based installation options that simplify integration into existing infrastructure. The software is distributed as a single static binary, facilitating straightforward deployment across Linux, macOS, and Windows environments. - [simonbrazell/privacy-redirect](https://awesome-repositories.com/repository/simonbrazell-privacy-redirect.md) (2,190 ⭐) — A simple web extension that redirects Twitter, YouTube, Instagram & Google Maps requests to privacy friendly alternatives. - [lissy93/personal-security-checklist](https://awesome-repositories.com/repository/lissy93-personal-security-checklist.md) (21,691 ⭐) — This project provides a comprehensive, modular framework for auditing and hardening personal digital and physical security. It functions as a structured, platform-agnostic knowledge base that breaks down complex security standards into granular, actionable tasks. By utilizing a static documentation architecture, the project ensures that its guidance remains accessible and transparent, allowing users to track their security posture incrementally through a persistent, manual progress-tracking system. The project distinguishes itself by bridging the gap between digital cybersecurity and physical threat mitigation. Beyond standard account and network hardening, it offers specialized guidance on physical countermeasures, such as electromagnetic signal shielding, hardware sensor obfuscation, and the use of physical security hardware to prevent unauthorized data access. It also emphasizes privacy-centric alternatives to mainstream platforms, curating directories of software and decentralized services designed to minimize digital footprints and data harvesting. The scope of the guidance covers a wide range of domains, including digital identity protection, secure communication practices, and the auditing of mobile, web, and smart home environments. It provides systematic methodologies for managing cryptographic assets, enforcing multi-factor authentication, and sanitizing media metadata to prevent tracking. The repository serves as a centralized resource for ongoing security education, offering curated tool directories and threat intelligence to help users maintain a proactive defense against evolving surveillance and security risks. - [clickhouse/clickhouse](https://awesome-repositories.com/repository/clickhouse-clickhouse.md) (48,042 ⭐) — ClickHouse is a high-performance, columnar analytical database designed for real-time query execution and large-scale data aggregation. It functions as a distributed data warehouse capable of processing petabytes of information, while also providing an embedded engine that integrates directly into applications for native query capabilities without external dependencies. The system is built to handle high-throughput ingestion and complex analytical workloads, delivering millisecond-level latency for interactive dashboards and operational monitoring. The platform distinguishes itself through advanced storage and execution techniques, including vectorized query processing and a merge tree storage engine that maintains performance during massive insertions. It features adaptive subcolumn mapping for semi-structured data and supports native vector search for machine learning and generative AI applications. To facilitate efficient data movement, the engine utilizes zero-copy shared memory buffers, minimizing overhead when interacting with external analytical tools or processing diverse file formats like Parquet, JSON, and Arrow. Beyond its core storage and processing capabilities, the project provides a comprehensive suite of tools for observability, security, and data integration. It includes built-in support for natural language querying, automated workflow orchestration for AI agents, and extensive diagnostic features for query plan inspection. The platform also offers robust cloud infrastructure management, including support for private networking, compliant deployment strategies, and integrated billing consolidation. - [forseti-security/forseti-security](https://awesome-repositories.com/repository/forseti-security-forseti-security.md) (1,270 ⭐) — Forseti Security - [privacy-tech-lab/privacyflash-pro](https://awesome-repositories.com/repository/privacy-tech-lab-privacyflash-pro.md) (166 ⭐) — Generate a privacy policy for your iOS app quickly and automatically - [badges/shields](https://awesome-repositories.com/repository/badges-shields.md) (26,811 ⭐) — Shields is a dynamic badge generator that creates visual status indicators for software projects by fetching live data from external APIs. It functions as a programmatic image renderer, converting structured data parameters into consistent, high-contrast vector graphics that can be embedded directly into markdown and web documentation via URL parameters. The project distinguishes itself by offering a self-hosted metadata server, allowing users to deploy the service behind their own firewalls to maintain full control over infrastructure and data privacy. It supports extensive customization, including the ability to define specific labels, messages, and color schemes, as well as the integration of custom logos and predefined icons to provide visual context for project metrics. The platform covers a broad capability surface for badge management, including modular data fetching, automated testing with mocked service responses, and a decoupled architecture for optional raster image conversion. It provides comprehensive tooling for developers to implement new service badges, manage server secrets, and monitor performance, ensuring consistent design standards across all generated status indicators. - [mozilla-firefox/firefox](https://awesome-repositories.com/repository/mozilla-firefox-firefox.md) (11,305 ⭐) — Firefox is a cross-platform web browser engine designed to render web content, execute JavaScript, and manage secure browsing sessions. It utilizes a multi-process isolation architecture that distributes browser tasks across independent operating system processes to ensure stability and prevent site-specific failures from impacting the entire application. The engine incorporates a sandboxed execution environment to restrict web content and untrusted scripts to isolated memory compartments, enforcing security policies that prevent unauthorized access to system resources. The project distinguishes itself through a high-performance rendering pipeline that decouples visual updates from the main thread, enabling fluid scrolling and animation performance. It features a formal cross-language binding layer that connects high-level scripting environments with low-level system logic, facilitating memory-safe performance improvements through the integration of Rust components. Additionally, the browser employs a declarative component framework that uses reactive properties and shadow DOM encapsulation to ensure consistent rendering and modular feature development across the user interface. The browser provides a comprehensive suite of capabilities for web standards implementation, privacy protection, and automated testing. It includes infrastructure for local machine learning, persistent data management, and cross-device synchronization of user profiles and settings. The platform also offers extensive developer tools for inspecting network activity, profiling performance, and debugging scripts, alongside a robust framework for third-party extension development. The codebase is structured to support complex browser operations, including automated testing, build configuration, and system-level integration. It is distributed as a complete application package for major operating systems, with documentation and build tools provided to support cross-platform development and continuous integration workflows. - [organicmaps/organicmaps](https://awesome-repositories.com/repository/organicmaps-organicmaps.md) (13,304 ⭐) — Organic Maps is a mobile application designed for offline mapping, navigation, and outdoor activity planning. It functions as a privacy-focused client for OpenStreetMap data, enabling users to explore locations, search for points of interest, and receive turn-by-turn directions entirely without an internet connection. The project distinguishes itself through a strict zero-telemetry privacy model that excludes trackers, data collection, and mandatory account requirements. By utilizing a native core engine and local-first data storage, it ensures that all user activity, location history, and personal bookmarks remain stored exclusively on the device. Beyond standard navigation, the application provides tools for outdoor enthusiasts, including GPS-based route tracking and terrain visualization features like contour lines and elevation profiles. It also supports vehicle dashboard integration for hands-free guidance and allows for the management of geographic data through standard file formats for backup and sharing. - [anomalyco/opencode](https://awesome-repositories.com/repository/anomalyco-opencode.md) (175,152 ⭐) — OpenCode is a framework for orchestrating autonomous AI agents within development environments. It provides a multi-tiered architecture where primary assistants manage user interaction while specialized subagents handle specific tasks like planning, research, and code generation. The system includes a comprehensive command-line interface for managing these workflows, configuring agent behavior, and defining custom tools or commands through metadata-rich files. The platform features a modular plugin system and extensive integration support, including standardized protocols for connecting local and remote tool servers. It incorporates a security-focused architecture with granular permission controls, allowing users to define access policies for file operations, shell commands, and web access. These security measures are complemented by enterprise-grade infrastructure options, such as centralized authentication and private registry integration. For developers, the project offers a type-safe SDK for building custom integrations and a RESTful API for programmatic system management. Configuration is handled through a schema-validated system that supports variable injection and multi-file organization. The interface is fully customizable, featuring a theme system for terminal displays and interactive commands for managing model selection and session history. - [securing/scsvs](https://awesome-repositories.com/repository/securing-scsvs.md) (628 ⭐) — Smart Contract Security Verification Standard - [sandboxie-plus/sandboxie](https://awesome-repositories.com/repository/sandboxie-plus-sandboxie.md) (18,636 ⭐) — Sandboxie is an operating system-level virtualization tool designed to run Windows applications in isolated, secure environments. By intercepting system calls and redirecting file system and registry modifications to a separate, discardable storage area, it prevents untrusted software from making permanent changes to the host system. This containment ensures that browser history, temporary files, and potential malware remain trapped within the sandbox, protecting the integrity and privacy of the underlying host. The software distinguishes itself through granular control over the isolation environment, including the ability to emulate administrative privileges for compatibility without granting actual elevated rights. It supports complex security policies such as per-sandbox network filtering, proxy redirection, and DNS control, alongside the ability to define specific breakout rules for documents or applications. Users can manage these environments through snapshots, encrypted storage, and volatile memory mapping, which allows for high-speed performance and automatic data clearing upon process termination. Beyond core isolation, the platform provides comprehensive lifecycle management for virtualized workspaces, including automated deployment for removable drives and programmatic configuration via a command-line interface. It enforces strict resource usage limits and access rules to maintain system stability while offering tools for data recovery and state management. The software is distributed as a utility for Windows environments, providing a centralized interface for monitoring and maintaining these isolated execution containers. - [pantheon-security/chrome-mcp-secure](https://awesome-repositories.com/repository/pantheon-security-chrome-mcp-secure.md) (5 ⭐) — Secure ChromeMCP Server - Query and Debugging sites using Google Chrome with additional security hardening layers - [chatwoot/chatwoot](https://awesome-repositories.com/repository/chatwoot-chatwoot.md) (31,959 ⭐) — Chatwoot is a self-hosted, omnichannel customer support platform designed to aggregate messages from diverse social and digital channels into a single, collaborative team inbox. It provides organizations with full data ownership and control over their support infrastructure, ensuring strict logical separation of customer data through multi-tenant architecture. By centralizing communication, the platform enables teams to manage, route, and resolve inquiries within a unified workspace that maintains complete interaction history for every contact. The platform distinguishes itself through an event-driven automation engine and a visual rule builder that allow teams to manage conversations and workflows without writing custom code. It incorporates intelligent features such as automated response drafting, conversation context recall, and a self-service knowledge base to improve agent efficiency. These capabilities are supported by granular role-based access controls and comprehensive performance analytics, which provide insights into agent productivity, inbox activity, and customer satisfaction trends. Beyond its core messaging and routing functions, the system offers a broad suite of operational tools including proactive engagement triggers, team workload balancing, and multilingual support. It supports flexible deployment strategies, including containerized and cloud-native orchestration, to accommodate various production environments. The platform is designed for extensibility, allowing for custom attribute management and integration with external systems via webhooks and API-based channels. - [security-onion-solutions/security-onion](https://awesome-repositories.com/repository/security-onion-solutions-security-onion.md) (3,123 ⭐) — Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management - [umami-software/umami](https://awesome-repositories.com/repository/umami-software-umami.md) (37,192 ⭐) — Umami is a self-hosted, privacy-focused web analytics platform designed to provide full control over infrastructure and user data. It captures website traffic and visitor behavior through anonymous tracking methods that avoid cookies, browser fingerprinting, and the storage of personally identifiable information. The platform distinguishes itself through a comprehensive suite of behavioral analysis tools, including session replays, heatmaps, and cohort-based retention reporting. It features a multi-tenant architecture that allows teams to manage multiple websites within a single, collaborative dashboard, supported by granular role-based access controls and the ability to share specific insights via public links. Beyond core traffic monitoring, the system includes a robust event tracking framework for capturing custom user interactions, conversion funnels, and marketing campaign attribution. It also provides diagnostic capabilities for web performance, allowing users to track core web vitals and troubleshoot data collection through detailed session logs and visitor activity searches. The software supports flexible deployment strategies, including containerized installations and source-code-based setups, and can be integrated into various environments via a standard API or pre-built plugins. - [aider-ai/aider](https://awesome-repositories.com/repository/aider-ai-aider.md) (46,305 ⭐) — Aider is a command-line interface tool that enables large language models to directly edit, refactor, and manage source code within a local repository. It functions as an AI-powered coding assistant that integrates into the developer workflow, allowing users to apply code changes through natural language prompts while maintaining repository context and version control. The tool distinguishes itself through a specialized diff-based patching engine that parses model-generated search-and-replace blocks to modify specific file segments without rewriting entire files. It features a provider-agnostic model abstraction that supports a wide range of cloud-based and local language models, enabling users to switch between them to optimize for performance, cost, and reasoning capabilities. To ensure high-quality results, it employs a repository context engine that analyzes codebase structure and dependencies, dynamically managing the active chat window to provide relevant information within token limits. Beyond basic editing, the project automates the development lifecycle by integrating directly with version control systems to handle commit attribution and history management. It supports multi-stage planning through an architect mode that separates high-level design from low-level implementation, and it can automatically trigger test suites and linting commands to verify code modifications. The system is highly configurable, offering hierarchical settings management and a programmatic interface for scripting complex coding tasks. - [bitwarden/clients](https://awesome-repositories.com/repository/bitwarden-clients.md) (12,269 ⭐) — This project is a comprehensive zero-knowledge security suite designed for enterprise credential management, secrets orchestration, and password management. It provides a secure, end-to-end encrypted vault that allows users to store, synchronize, and manage sensitive information, including passwords, passkeys, and infrastructure secrets, across desktop, mobile, and browser environments. The platform distinguishes itself through a strict zero-knowledge architecture where all encryption and decryption occur locally on the client, ensuring that plaintext data remains inaccessible to the server. It supports flexible deployment models, allowing organizations to choose between managed cloud services or self-hosted infrastructure to meet specific data sovereignty and compliance requirements. Furthermore, the system integrates with external identity providers to streamline user provisioning and authentication, while offering advanced administrative controls for policy enforcement and security auditing. Beyond core storage, the platform provides extensive tools for DevOps and automated workflows, including command-line interfaces for secret injection and programmatic SDKs for custom integrations. It also includes robust collaboration features for secure data sharing, team resource management, and credential health monitoring to help organizations maintain a strong security posture. - [huginn/huginn](https://awesome-repositories.com/repository/huginn-huginn.md) (49,480 ⭐) — Huginn is a self-hosted automation platform that functions as an event-driven workflow engine. It allows users to build autonomous agents that monitor web services, scrape data, and execute complex tasks by propagating events through a directed graph. By running on your own server infrastructure, it provides a private environment for orchestrating workflows without relying on third-party automation services. The platform distinguishes itself through a modular, plugin-based architecture that enables the development of custom agents to handle specific data processing needs. Each agent maintains persistent memory across execution cycles, allowing for stateful tracking of information over time. The system supports both scheduled background tasks and real-time event ingestion via webhooks, providing flexibility in how automation triggers are handled and processed. Beyond its core engine, the project includes a comprehensive suite of tools for managing agent lifecycles, including logging, debugging, and configuration validation. Users can extend the system's capabilities by integrating external packages or creating custom user interface views directly within the dashboard. The platform is designed for deployment across various environments, including containerized setups and cloud hosting platforms, with support for granular resource scaling and database-backed configuration management. Detailed installation guides and documentation are available to assist with setting up the required system dependencies, database servers, and environment variables for both manual and containerized deployments. - [smmr-software/privacy-redirect-safari](https://awesome-repositories.com/repository/smmr-software-privacy-redirect-safari.md) (183 ⭐) — A Safari extension that redirects Twitter, YouTube, Reddit, and more to privacy friendly alternatives. - [bitwarden/server](https://awesome-repositories.com/repository/bitwarden-server.md) (18,074 ⭐) — This project provides a comprehensive, self-hosted platform for zero-knowledge credential management and enterprise secrets orchestration. It functions as a secure vault that ensures all encryption and decryption processes occur exclusively on the client side, preventing the server from ever accessing plaintext data. By combining identity federation with robust access controls, the system enables organizations to centralize the management of passwords, passkeys, and sensitive infrastructure credentials. The platform distinguishes itself through its focus on both human-centric security and automated machine-to-machine workflows. It supports advanced authentication methods including hardware security keys, passkeys, and biometric unlocking, while simultaneously offering programmatic interfaces for injecting secrets directly into development pipelines and automated infrastructure deployments. This dual-purpose design allows teams to maintain strict data sovereignty through local hosting and containerized deployments while enforcing granular governance across their entire user base. Beyond core storage, the system includes extensive observability and compliance tools, such as immutable audit logging, credential risk analysis, and integration with external security information and event management platforms. It also facilitates secure collaboration through encrypted information sharing, emergency access delegation, and automated identity provisioning. The software is designed for flexible deployment across diverse infrastructure environments and includes command-line utilities for administrative tasks, bulk data migration, and secret retrieval. - [searxng/searxng](https://awesome-repositories.com/repository/searxng-searxng.md) (32,180 ⭐) — This project is a privacy-focused, self-hosted metasearch engine that aggregates results from a wide array of web, academic, and media sources into a single, unified interface. By acting as a proxy between the user and external search providers, it strips identifying headers and tracking parameters from requests, ensuring that search activity remains anonymous and protected from third-party profiling. The platform distinguishes itself through a modular, plugin-based architecture that allows for extensive customization of search behavior, result filtering, and interface branding. It supports advanced privacy features such as routing traffic through the Tor network and proxying external assets like images and favicons to prevent IP address leakage. Users can manage their own instances, configuring search engines, language preferences, and security policies to suit specific deployment needs. The service includes a comprehensive suite of tools for managing search aggregation, including sliding-window rate limiting to prevent abuse and persistent key-value caching to improve response latency. It supports diverse content types, rendering specialized results for academic papers, media, and structured data, while providing administrative APIs for programmatic control over instance settings and engine availability. The software is designed for flexible deployment, supporting containerized environments and providing automated scripts for installation and maintenance. Detailed documentation and configuration files allow for granular control over the search experience, from defining custom search shortcuts to enforcing strict access controls on specific engines.