Open-source alternatives to Passbolt Api

Velociraptor is a digital forensics and incident response platform, endpoint detection and response system, and visibility tool. It provides a query engine and remote forensic collector used to hunt for indicators of compromise and perform triage across a fleet of hosts. The system is distinguished by its specialized query language for interrogating host state and parsing binary files. It features a notebook environment that combines markdown documentation with executable query cells to standardize investigative workflows and enable collaborative reporting. The platform covers a wide range o

Kanboard is a self-hosted Kanban project management tool and productivity suite designed for tracking software tasks and team collaboration. It provides a visual system for managing workflows through the use of boards, columns, and cards. The project features an extensible plugin framework and a comprehensive API for programmatic task and project administration. It includes specialized identity management through LDAP integration, allowing for the synchronization of user accounts and group permissions from directory servers. The system covers a wide range of capabilities, including event-dri

This project is a self-hosted forum software and extensible community platform designed to facilitate online discussions and member engagement. It functions as a REST API discussion engine, providing a backend that manages community interactions and forum data via a standardized JSON interface for external applications. The platform is distinguished by a modular architecture that allows for deep customization through a package-based extension system and an interface extension framework. It employs an extender-based customization model, enabling external modules to modify internal system behav

LoopBack Next is a Node.js API framework used for building REST and multi-protocol APIs. It functions as an OpenAPI server implementation that can either generate machine-readable specifications from code or produce implementation controllers and models from existing specifications. The framework distinguishes itself through a central dependency injection container and a repository-pattern data access layer. This architecture decouples application logic from component construction and persistent storage, allowing for a pluggable system where data sources and business logic are isolated throug

This project is a community-curated directory of open-source software designed for deployment in private server environments and home labs. It serves as a comprehensive resource for discovering independent, self-hosted alternatives to mainstream cloud services, enabling users to maintain full data ownership and control over their digital infrastructure. The directory is structured through a hierarchical taxonomy that organizes a vast collection of applications into logical categories, ranging from media management and data analytics to private communication and team productivity tools. It dis

This project is a containerized build automation system and self-hosted DevOps platform provided as a Docker image. It serves as a distributed build orchestrator and a Dockerized continuous integration and delivery server, ensuring consistent execution environments across different infrastructure. The system distinguishes itself through a distributed execution model that separates a primary controller from multiple remote agents connected via SSH, TCP, or web sockets. It utilizes a modular extensibility framework that allows the core system functionality to be augmented through the installati

GAM is a command-line tool for administering Google Workspace and Cloud Identity. It translates command-line arguments into structured API calls, enabling administrators to manage users, groups, organizational units, and domain settings across a Google Workspace environment. The tool handles authentication through OAuth2 flows, service accounts, and workload identity federation, and supports multi-tenant configurations for managing multiple domains or cloud projects from a single installation. GAM distinguishes itself through its batch processing and automation capabilities. It can process la

Buildbot is a Python-based continuous integration framework and distributed build orchestrator. It functions as a build automation engine that coordinates the retrieval of source code, the execution of build steps, and the reporting of results through a central controller and a network of remote worker agents. The system is distinguished by a plugin-based extensibility architecture and a master-worker distribution model. It allows for dynamic build modification at runtime and supports a pluggable database backend for persisting system state and historical build data. The project covers a bro

The AWS Cloud Development Kit is an infrastructure-as-code framework that enables developers to define and provision cloud resources using familiar programming languages. By utilizing construct-based synthesis, it translates high-level, object-oriented code into declarative templates, allowing for the automated management of complex cloud environments through a centralized, code-driven control plane. The framework distinguishes itself through its ability to model infrastructure as a dependency-aware resource graph, ensuring that components are provisioned and updated in the correct order. It

KeeWeb is a web-based password manager and vault that allows users to open and edit encrypted databases through a browser interface. It functions as a cross-platform tool for managing password vaults using the KeePass database format. The application provides a self-hosted password vault that can be deployed as a single HTML file or via Docker. It integrates with remote storage providers using OAuth to synchronize encrypted database files across multiple devices. The system includes capabilities for secure credential generation, two-factor authentication management through time-based one-tim

OctoPrint is a web-based platform for remotely controlling and monitoring 3D printers. It provides a browser dashboard to start, pause, cancel, and track print jobs, while streaming real-time printer status, temperature, and progress updates. The system is built around a plugin-based architecture that allows extending core functionality, and it offers a documented REST API for programmatic printer control and data management. The platform distinguishes itself through its comprehensive automation and extensibility capabilities. It supports event-driven workflows that automatically execute cust

Budibase is a low-code application platform and enterprise internal tool builder used to create custom business applications for organizational processes and reporting. It functions as a self-hosted backend as a service, providing the infrastructure to manage database integrations and expose public data interfaces for external application access. The platform includes an AI agent orchestrator for deploying autonomous agents that interact with business data and execute operational tasks. It differentiates itself through self-hosted infrastructure management, allowing the system to run on priva

KodExplorer is a web-based file manager and remote server administration tool that provides a desktop-like interface for organizing and managing files in a browser. It functions as an enterprise file sharing platform and an online document previewer, allowing users to view hundreds of file formats without local software installations. The system is distinguished by a plugin-based API gateway that exposes RESTful endpoints for third-party integrations and custom functional extensions. It also includes a browser-based code editor with syntax highlighting and autocomplete for over 120 languages,

This project is a comprehensive starter kit for building subscription-based web applications using Next.js and TypeScript. It provides a structural foundation for developing software-as-a-service platforms, incorporating integrated user authentication, payment tiers, and multi-tenant organization management. The framework distinguishes itself with a dedicated multi-tenant application architecture that organizes users into teams and organizations with workspace switching. It includes a built-in monetization layer via Stripe subscription integration for managing pricing tiers and billing cycles

Apostrophe is an open-source Node.js headless content management system that delivers structured content through REST APIs while providing a visual in-context page editor for live editing. It is built on a module-based plugin architecture that extends CMS functionality through reusable modules, each encapsulating logic, configuration, and templates. The system uses schema-driven content modeling to define data structures and validation rules through configurable schemas and custom field types, with all content stored as flexible JSON-like documents in MongoDB. The platform distinguishes itsel

Qor is a Go admin framework and backend toolkit used for building administrative interfaces, headless content management systems, and REST API generators. It provides a structured environment for implementing business application backends, specializing in the management of structured content and media assets. The project distinguishes itself through comprehensive multi-language content management, featuring locale-based data versioning and a dedicated system for internationalization and translation administration. It further differentiates its offering with a built-in state machine implementa

React-admin is a framework for building data-driven administrative interfaces that connect to REST or GraphQL backends. It provides a comprehensive suite of tools for managing the full lifecycle of administrative applications, including resource-oriented routing, declarative form scaffolding, and context-driven state management. By utilizing a modular adapter-based architecture, the framework abstracts backend communication, allowing developers to build consistent CRUD interfaces that handle data fetching, authentication, and synchronization automatically. The project distinguishes itself thr

PasswordPusher is a self-hosted secret sharing service and file sharing platform used to create encrypted, self-destructing links for sensitive text and files. It functions as a white-label security gateway, allowing organizations to manage the distribution of secrets on their own internal infrastructure. The system supports corporate white-labeling through custom domain mapping and branding customization to align the interface with a professional identity. It provides a RESTful API and command-line interface for the automated distribution of secrets within external scripts and workflows. Th

Casdoor is a centralized identity and access management platform that functions as an OAuth 2.0 authorization server. It provides a comprehensive suite of services for managing user identities, authentication sessions, and access policies across both web and machine-to-machine applications. Built with a decoupled frontend-backend architecture in Go, the platform supports high-concurrency environments and offers a web-based management interface for administrative tasks. The platform distinguishes itself through its extensive support for federated identity management, allowing integration with

Sqlpad is a web-based SQL client and multi-tenant workbench used for writing, executing, and saving queries across multiple relational and analytical databases. It functions as an ODBC database manager that enables users to manage database connections and explore schemas through a browser interface. The platform distinguishes itself as a collaborative environment where users can share SQL documents and coordinate data analysis. It integrates identity federation via OpenID Connect, SAML, LDAP, and OAuth, and provides a visualization system that renders query results into charts and tables. Th

Faraday is a vulnerability management platform and security tool aggregator designed to centralize security findings from multiple scanners into a single dashboard. It utilizes a relational security database to catalog hosts, services, and security flaws, enabling users to track remediation and analyze organizational risk. The platform distinguishes itself through a plugin-based system that normalizes diverse security tool outputs into a unified data model. It supports deep integration with a wide array of scanners and CLI tools, intercepting shell command output or parsing report files to ag

Scanopy is a self-hosted infrastructure inventory and network discovery tool. It identifies hosts, services, and workloads across subnets to build a live model of network infrastructure, maintaining a searchable catalog of assets. The system features an interactive network topology visualizer that generates physical, logical, and application dependency diagrams. It maps the nesting chain from physical hardware and hypervisors down to virtual machines and containers, utilizing SNMP for hardware metadata and container APIs for workload discovery. The platform supports distributed network scann

This is a Vue.js admin dashboard built with Element UI that provides a backend management interface for overseeing stores, products, users, and system settings. The project combines Vue's reactive component model with Element-UI's pre-built widget library to construct a consistent admin interface, using Vue Router for client-side navigation and Vuex for centralized state management. The admin panel enforces role-based access control, checking user permissions at route entry points and component boundaries to block unauthorized actions before they execute. It includes authentication and sessio

Overseerr is a self-hosted request portal and media automation orchestrator designed to manage the discovery and acquisition of movies and television series. It serves as a media discovery platform and a dedicated request manager for Plex media servers, providing a centralized interface for users to find content and submit requests. The system coordinates the media request workflow by connecting user submissions to automated download services. It synchronizes with media servers to track existing library content and prevent duplicate requests, while providing administrators with a dashboard to

osTicket is an open-source help desk software and ticket management system designed to centralize customer support inquiries from emails, web forms, and API requests. It functions as a multi-channel support tool that converts incoming communications into a structured queue for agent resolution and IT help desk management. The platform features a dedicated customer support portal where users can submit requests, track ticket status, and access a self-service knowledgebase of help articles and FAQs. It integrates secure OAuth2 email authentication to retrieve and send messages without storing l

Sandstorm is an open-source platform that packages and runs web applications in security-hardened sandboxes on a personal server, functioning as a self-hosted web app operating system. It provides a curated app store where users discover and install sandboxed web applications with one-click ease, while each application runs in an isolated container that uses Linux kernel security features to separate it from the host and other apps. The platform includes a centralized authentication layer so users sign in once and gain access to all installed applications without managing separate accounts per

WeKnora is a multi-tenant retrieval-augmented generation (RAG) knowledge platform and autonomous AI agent framework. It transforms raw documents into queryable knowledge bases and integrates large language models with vector databases to provide grounded AI responses. The system also functions as a Model Context Protocol (MCP) tool server, exposing knowledge search and agentic capabilities to external AI clients. The platform distinguishes itself through an autonomous agent framework that utilizes iterative reasoning, tool calling, and web search to solve multi-step tasks. It implements a sta