30 open-source projects similar to rustdesk/rustdesk-server, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Rustdesk Server alternative.
RustDesk is a cross-platform remote desktop client that enables users to initiate and receive remote sessions. It provides a complete infrastructure for self-hosted remote access, utilizing a signaling and relay server architecture to maintain connectivity when direct peer-to-peer links are unavailable. The software is designed to function across desktop and mobile environments, offering native remote control, screen sharing, and file management capabilities. What distinguishes the platform is its centralized administrative control plane, which allows for granular management of security polic
Pangolin is a zero-trust remote access platform designed to provide secure, identity-aware connectivity to private network resources. It functions as a cloud-native network controller that orchestrates encrypted tunnels, traffic routing, and access policies across distributed environments. By leveraging WireGuard for secure data transport, the platform enables authenticated access to internal web applications, terminal sessions, and remote desktops without exposing services to the public internet. The platform distinguishes itself through a declarative infrastructure model that synchronizes n
Firezone is a zero trust network access platform that uses WireGuard to provide identity-based connectivity to internal network resources. It functions as a virtual private network that synchronizes authentication and user groups via OpenID Connect providers. The system implements a group-based access control engine to enforce least privilege by restricting network resources to specific user groups. It utilizes holepunching and relay protocols for NAT traversal to establish encrypted tunnels through firewalls without requiring inbound ports. The platform includes a control plane for managing
Octelium is a zero-trust network access platform and identity-aware proxy designed to secure private HTTP, SSH, and SQL resources. It functions as a secure gateway that validates human and workload identities using OIDC, SAML, and FIDO2 passkeys before granting access to internal applications and SaaS APIs. The system is distinguished by its secretless access broker, which injects credentials—such as API keys, passwords, and AWS Sigv4 signatures—at the gateway level so users can access databases and cloud resources without managing secrets. It further specializes in AI gateway administration,
gost is a multi-protocol proxy tunnel and secure tunneling server designed to route network traffic through encrypted connections. It functions as a traffic obfuscation gateway and a transparent proxy server capable of intercepting TCP and UDP traffic at the IP level. The project also includes a virtual network interface manager for creating TUN and TAP devices to intercept operating system packets. The system distinguishes itself through a chain-based request routing model, allowing traffic to pass through an ordered sequence of proxy nodes. It provides extensive transport-layer encapsulatio
EasyTier is a decentralized peer-to-peer virtual private network and mesh networking tool. It functions as a layer 3 network overlay that establishes secure tunnels between devices without requiring a centralized server or coordinator. It also serves as a WireGuard-compatible VPN, capable of acting as a server for standard WireGuard clients. The project distinguishes itself through multipath latency-based routing and the use of KCP or QUIC proxies to mitigate packet loss and stabilize connections in high-loss environments. It provides a virtual networking manager featuring a web management co
This project is a comprehensive technical documentation site and reference manual for configuring and deploying WireGuard VPN tunnels and interfaces. It serves as a guide for establishing encrypted network connections between peers using public key authentication to secure data traffic across untrusted networks. The documentation provides specific technical manuals for implementing NAT traversal solutions, including UDP hole punching and the use of bounce servers to connect peers behind restrictive firewalls. It also includes detailed guides on tunnel implementation and protocol references fo
Authboss is a modular authentication framework designed to manage user identity and account orchestration. It provides a comprehensive system for handling user registration, email verification, and the full lifecycle of user profiles. The framework distinguishes itself through a focused suite of security and identity tools, including multi-factor authentication via time-based passwords and SMS, and identity integration with external providers using OAuth1 and OAuth2 protocols. It also includes a dedicated account security manager that implements brute-force protection through credential-based
Kubo is a peer-to-peer implementation of the InterPlanetary File System (IPFS) designed for decentralized data storage and content delivery. It uses content-addressing, directed acyclic graphs, and distributed hash tables to identify, distribute, and retrieve data across a network without relying on central servers. The project differentiates itself by providing a virtual filesystem via FUSE, which maps decentralized network namespaces to local operating system directories for direct file access. It also includes integrated HTTP gateways that translate peer-to-peer content into standard web t
This project is a community-curated directory of open-source software designed for deployment in private server environments and home labs. It serves as a comprehensive resource for discovering independent, self-hosted alternatives to mainstream cloud services, enabling users to maintain full data ownership and control over their digital infrastructure. The directory is structured through a hierarchical taxonomy that organizes a vast collection of applications into logical categories, ranging from media management and data analytics to private communication and team productivity tools. It dis
This project is a remote desktop software suite and administration tool designed for controlling remote devices via web browsers or desktop applications across different operating systems. It functions as a secure remote access gateway and device manager, providing a centralized backend for auditing sessions and deploying private infrastructure to target machines. The system distinguishes itself through the use of GPU-accelerated video streaming and hardware encoding to reduce latency. It enables multi-device monitoring via a screen wall and supports the creation of virtual display emulations
goflyway is an encrypted traffic relay and HTTP TCP tunneling proxy. It encapsulates TCP traffic within HTTP POST or WebSocket requests to bypass restrictive firewalls and network proxies. The system provides a SOCKS5 proxy server that routes traffic via a WebSocket relay and includes a UDP over TCP tunnel to enable transport across networks that block UDP traffic. It also functions as a TCP traffic interceptor for capturing and inspecting data passing through relayed connections. Capabilities cover network tunneling and traffic proxying through various transport protocols, including HTTP PO
This project is a cross-platform implementation of the WebRTC standard, providing a comprehensive library for building real-time audio, video, and data communication applications. It functions as a peer-to-peer networking framework and media processing engine, enabling direct, low-latency connections between devices without relying on central servers. By strictly adhering to official protocol specifications, the library ensures interoperability with browsers and other native communication software across mobile, desktop, and server environments. The engine distinguishes itself through a modul
GameNetworkingSockets is a UDP networking library providing secure transport, peer discovery, and traffic control systems. It implements a networking layer for reliable and unreliable messaging over UDP, including tools for message fragmentation and reassembly. The project features a peer-to-peer NAT traversal tool for establishing direct host-to-host connections by punching through firewalls and network address translation layers. It secures network traffic through encrypted transport and secure key exchange. The library includes a traffic manager to organize data into prioritized lanes to
This project is a GitOps infrastructure framework designed for managing bare metal servers, container clusters, and networking. It serves as a declarative system for orchestrating the deployment and lifecycle of self-hosted services, using Git as the source of truth to synchronize the desired state of the environment. The framework differentiates itself through a comprehensive automation suite that covers the entire hardware-to-service pipeline. It includes a PXE-based bare metal provisioner for network booting and operating system installation, alongside a lightweight container orchestration
Filepizza is a web-based peer-to-peer file sharing application that enables direct browser-to-browser data exchange. It utilizes WebRTC to establish connections between devices, allowing files to be sent without uploading data to a central server. The project provides a password-protected file sharing mechanism that secures transmissions via symmetric-key stream encryption. It includes a containerized signaling server that can be self-hosted to coordinate connections between peers and facilitate NAT traversal across restrictive networks and firewalls. The application supports multi-file tran
This project is a public key infrastructure management system designed to automate the issuance, renewal, and revocation of X.509, TLS, and SSH certificates. It functions as a machine identity provider and certificate authority, enabling the establishment of private PKI to secure inter-service communication and remote access. The system distinguishes itself through hardware-bound identity attestation, which ties cryptographic keys to physical device silicon or TPMs to prevent credential exfiltration. It supports a wide array of identity verification mechanisms, including OIDC, cloud-provider
go-libp2p is a Go implementation of the libp2p modular networking stack, providing a library for building peer-to-peer applications. It functions as a decentralized application framework that separates transport, security, and discovery layers into pluggable modules for cross-platform interoperability. The library establishes peer-to-peer connections through a modular transport abstraction that supports multiple protocols, while using public key cryptography for peer identity and protocol-agnostic security transports for encrypting and authenticating all traffic. It enables distributed peer d
apprtc is a WebRTC video chat application and signaling server designed to establish peer-to-peer audio and video communication between browsers. It provides a coordination layer using a websocket-based signaling server to exchange session descriptions and network candidates. The project is delivered as a dockerized communication app, allowing for a containerized deployment of the calling service for local development or cloud hosting. It includes a network gateway that integrates STUN and TURN servers to facilitate media flow through firewalls and NATs. The implementation covers peer discov
alt-sendme is an accountless peer-to-peer file transfer tool designed for sending files and folders directly between devices. It operates as a decentralized sharing service that utilizes portable access tickets for identity exchange instead of centralized user accounts. The project distinguishes itself through NAT and firewall traversal capabilities, using UDP hole punching and relay-based fallback routing to establish direct connections between remote devices. It supports multi-device data broadcasting, allowing a single file or folder to be shared with multiple recipients simultaneously thr
This project is a peer-to-peer networking tool and communication client designed for exchanging messages and sharing screen control between computers without a central server. It functions as a decentralized system for exchanging data and control signals directly between nodes. The application uses WebRTC for peer-to-peer messaging and remote desktop administration. It incorporates STUN-based NAT traversal and rendezvous servers to establish direct connections between peers hidden behind restrictive firewalls or routers. The software provides capabilities for remote desktop control, includin
Croc is a command-line utility for sending files and folders between computers using end-to-end encrypted peer-to-peer connections. It employs elliptic curve encryption and key agreement to secure data transmission between remote endpoints. The tool allows users to coordinate transfers using a shared code phrase and supports the operation of custom relay servers to facilitate connections without relying on public infrastructure. It also includes a proxy client to route encrypted traffic through SOCKS5 proxies. Additional capabilities include resumable data transmission for unstable connectio
NetBird is a zero-trust networking platform that builds secure, encrypted peer-to-peer overlay networks using the WireGuard protocol. It functions as a software-defined perimeter, connecting distributed infrastructure across cloud environments and physical locations while hiding network resources from the public internet. By integrating with external identity providers, the platform enforces granular access control and identity-based segmentation for every user and device. The platform distinguishes itself through extensive automation and programmatic management capabilities. It provides a ce
Toxcore is a peer-to-peer networking library that implements a decentralized communication protocol for secure messaging and media calls without the use of central servers. It provides a core engine for establishing direct encrypted connections between devices using a public-key identity system where unique identifiers serve as both addresses and authentication keys. The project features a decentralized network architecture that utilizes a distributed hash table for peer discovery and Kademlia-based routing to locate participants. To maintain connectivity across restrictive network environmen
react-native-firebase is a modular set of libraries that integrates Firebase cloud services into cross-platform mobile applications. It serves as a native-SDK wrapper, mapping JavaScript method calls to native iOS and Android Firebase SDKs via the React Native bridge to provide a type-safe interface for mobile backend integration. The project enables connectivity to a wide array of cloud services, including user authentication and identity management, NoSQL cloud databases with real-time synchronization, and scalable cloud storage for media files. It also provides tools for sending push notif
Polis is a self-hosted identity provider designed to manage federated authentication and user lifecycle operations within private infrastructure. It functions as a centralized hub for identity management, enabling organizations to maintain control over user data while enforcing security policies across diverse environments. The platform distinguishes itself by acting as a protocol-bridging gateway that converts complex enterprise authentication standards, such as SAML and OIDC, into a unified OAuth 2.0 flow. It further automates administrative tasks by synchronizing user and group information
WVP-GB28181-Pro is a video surveillance platform built around the GB28181 standard, functioning as a streaming media server that manages GB28181-compliant cameras and NVRs. It also serves as a JT/T 808 vehicle gateway, bridging JT/T 808 and JT/T 1078 vehicle devices into the surveillance network, and acts as a multi-protocol video aggregator that unifies GB28181, JT/T 808, JT/T 1078, and ONVIF protocols under a single management interface. The platform supports NAT traversal for connecting devices across different network segments and ingests video from GB28181, ONVIF, and RTSP sources, output
websocket-sharp is a C# library implementation of the WebSocket protocol used for building bidirectional client and server applications. It enables real-time data exchange between endpoints via persistent connections. The library provides specialized networking capabilities, including SSL encrypted networking for secure transport and certificate validation. It also features HTTP proxy tunneling to route traffic through intermediary servers using basic or digest authentication. The project covers a broad range of capabilities, including the implementation of both WebSocket clients and servers
This project is a Node.js WebSocket library that provides a high-performance client and server implementation for the WebSocket protocol. It functions as a transport layer for real-time bidirectional communication, supporting both UTF-8 strings and binary data transport through the use of TCP socket wrappers. The library enables the creation of WebSocket servers that manage full-duplex connections and broadcast messages to multiple clients, as well as WebSocket clients that establish persistent links to remote servers. It handles the protocol upgrade process via TCP-based handshake negotiatio
This project is a comprehensive computer networking textbook and instructional resource. It serves as a technical guide for the design and implementation of network layers, protocols, and hardware architecture, covering the spectrum from physical links to application-layer protocols. The content provides a detailed study of standards for congestion control, reliable data delivery, and internetwork routing. It includes specialized technical material on network security, public-key infrastructure, and the operation of modern cloud infrastructure and data centers. The material covers a broad ra