30 open-source projects similar to splunk/attack_range, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Attack Range alternative.
Home Assistant is a local home automation platform and server that acts as an IoT device orchestrator. It integrates diverse smart home hardware by wrapping third-party APIs into a standardized logic layer and stores all system state and historical statistics on local hardware to eliminate cloud dependencies. The system functions as a Matter IoT controller and an MQTT home automation bridge, allowing for local interoperability between different manufacturers. It features a state-based entity model and an internal event bus that decouple physical device logic from system automation. The platf
CrowdSec is a collaborative, distributed security engine designed for threat detection and infrastructure protection. It functions as an intrusion detection system that parses logs and network traffic to identify malicious patterns, utilizing a bucket-based threshold detection model to aggregate events and trigger alerts. The platform is built on a modular architecture that includes a centralized local API server for managing security signals and a relational database for persistent storage of remediation decisions. What distinguishes the project is its decoupled enforcement model, which offl
This project provides a framework for managing multi-agent systems, designed to automate complex software development, infrastructure, and business workflows. It functions as a multi-agent workflow orchestrator that routes tasks to domain-specific workers while maintaining state persistence and infrastructure automation. By leveraging large language models, the system decomposes high-level objectives into actionable plans, ensuring that complex operations are executed with consistency and reliability. The framework distinguishes itself through its hierarchical agent registry and policy-driven
The Serverless Framework is a declarative infrastructure-as-code tool designed to automate the deployment, scaling, and lifecycle management of cloud-native applications. It provides a unified command-line interface that translates high-level configuration files into provider-specific resource templates, enabling developers to orchestrate complex architectures, event-driven functions, and cloud resources within a single project structure. What distinguishes this framework is its focus on developer experience and multi-environment parity. It supports local function invocation and event proxyin
Boto3 is the AWS SDK for Python, providing a programmatic interface for managing and automating AWS cloud infrastructure and services. It serves as a cloud management API client and resource manager for provisioning, configuring, and scaling virtual servers, databases, and storage. The library enables the implementation of infrastructure-as-code through declarative templates and scripts, allowing for the deployment of identical resource stacks across multiple accounts and geographic regions. It also provides a framework for coordinating distributed workflows, serverless functions, and contain
Pangolin is a zero-trust remote access platform designed to provide secure, identity-aware connectivity to private network resources. It functions as a cloud-native network controller that orchestrates encrypted tunnels, traffic routing, and access policies across distributed environments. By leveraging WireGuard for secure data transport, the platform enables authenticated access to internal web applications, terminal sessions, and remote desktops without exposing services to the public internet. The platform distinguishes itself through a declarative infrastructure model that synchronizes n
Olares is a comprehensive suite of self-hosted identity, storage, AI, and orchestration services designed for private infrastructure management. It functions as a Kubernetes home server orchestrator, enabling the deployment of containerized applications, AI models, and GPU resources on local hardware to replace third-party cloud services. The platform distinguishes itself through a combination of self-hosted AI infrastructure for running large language models and image generators, alongside a decentralized identity manager that uses cryptographic keys and OIDC for trustless authentication. It
OpenMediaVault is a Debian-based network attached storage (NAS) operating system that turns a computer into a dedicated storage appliance, managed entirely through a browser-based control panel. It provides a unified configuration interface for managing file sharing protocols, RAID arrays, user permissions, and network services, with extensibility through a modular plugin system that adds new capabilities without modifying the core installation. The platform supports setup and management of multiple RAID levels for data redundancy or performance, and exposes file storage over protocols includ
Ethical-Hacking-Labs is a comprehensive cybersecurity training curriculum and lab suite designed for learning penetration testing, network analysis, and offensive security techniques. It provides a structured environment for practicing the full attack lifecycle, from initial reconnaissance and scanning to exploitation and post-compromise analysis. The project provides instructional materials and guided exercises that cover specific technical domains, including open source intelligence research and network security courseware. It includes a practical workbook for identifying system vulnerabili
DetectionLab is a reproducible Windows Active Directory security lab designed for testing detection capabilities. It uses an automation framework based on Vagrant and Packer to provision virtualized networks across multiple hypervisors and cloud platforms. The project utilizes Ansible for the declarative installation and configuration of domain services and endpoint security tools. It incorporates a browser-based remote access interface via Apache Guacamole to manage laboratory hosts without requiring standalone remote desktop clients. The environment includes a telemetry pipeline that aggre
This project is a comprehensive educational resource and curriculum focused on site reliability engineering, distributed systems, and infrastructure operations. It provides technical guides, a systems engineering course, and instructional manuals designed to teach the principles of managing large-scale computing environments. The curriculum covers high-level architectural design for scalability and resilience, including fault-tolerant infrastructure, high-availability patterns, and microservices decomposition. It emphasizes the practical application of site reliability engineering through the
This project is a community-curated directory of open-source software designed for deployment in private server environments and home labs. It serves as a comprehensive resource for discovering independent, self-hosted alternatives to mainstream cloud services, enabling users to maintain full data ownership and control over their digital infrastructure. The directory is structured through a hierarchical taxonomy that organizes a vast collection of applications into logical categories, ranging from media management and data analytics to private communication and team productivity tools. It dis
all-in-one is a containerized deployment system designed to install and manage a complete suite of productivity and collaboration services. It functions as a cloud suite deployer that orchestrates the installation of a self-hosted content platform, incorporating necessary dependencies via Docker or Kubernetes. The project distinguishes itself by providing a web-based dashboard for orchestrating, updating, and monitoring the lifecycle of service containers. It also serves as a local AI inference server, enabling the execution of generative text models, image diffusion, and speech processing on
This is a GitHub Action designed to automate the deployment of production assets to GitHub Pages or other external repositories. It functions as a CI/CD deployment tool and Git branch synchronizer that mirrors a local directory of build artifacts to a remote branch. The tool distinguishes itself by performing difference-based file pruning, which removes stale files from the destination branch that no longer exist in the source folder. It also supports cross-project workflows by allowing deployments to external repositories using personal access tokens or SSH keys. The action covers broad cap
Quarkus is a Kubernetes-native Java framework designed for building high-performance, memory-efficient applications. It utilizes ahead-of-time native compilation to transform Java code into standalone, optimized binaries that eliminate the need for a virtual machine, enabling rapid startup and reduced memory consumption. By performing code augmentation during the build phase, it shifts heavy processing tasks away from runtime, ensuring that applications are optimized for cloud-native environments. The framework distinguishes itself through a unified approach to reactive and imperative program
Grav is a flat-file content management system that eliminates the need for a traditional database by storing site content and configuration in human-readable Markdown and YAML files. Built as a modular PHP web framework, it uses a hierarchical page routing system where the physical directory structure directly determines the site's URL paths. The platform is distinguished by its event-driven plugin architecture and a command-line interface that prioritizes system administration, deployment, and maintenance tasks. It utilizes a blueprint-driven system to generate administrative forms from stru
Meshery is a service mesh management plane and cloud native infrastructure orchestrator. It provides a visual design-as-code environment for modeling microservices and infrastructure components through declarative blueprints, functioning as a centralized platform for designing, deploying, and managing service mesh infrastructure. The platform is distinguished by its ability to translate visual designs into active deployments and its use of gRPC-based adapters to integrate with diverse infrastructure providers. It features a multi-tenant architecture that manages shared workspaces and role-bas
OpenTofu is a declarative infrastructure orchestrator that automates the provisioning and management of cloud resources. It functions as a platform-agnostic interface, allowing users to define their desired environment state in configuration files, which the system then reconciles against live infrastructure to calculate and execute necessary updates. The project utilizes a graph-based execution engine to determine the optimal sequence for resource operations, enabling the parallel processing of independent components to reduce deployment times. To support complex, multi-platform environments
This project is a centralized library of community-contributed, declarative configuration files designed for automating the deployment of cloud infrastructure and services. It serves as a repository of machine-readable templates that define the desired state of cloud environments, enabling consistent and repeatable resource provisioning. The collection provides pre-configured scripts that streamline the setup of virtual machines, databases, and networking components. By utilizing these templates, users can standardize the deployment of cloud services and automate the creation of development,
Terraform is a declarative infrastructure-as-code tool designed to manage the lifecycle of cloud and on-premises resources. It functions as a workflow engine that reconciles a defined desired state against real-world infrastructure, using a persistent state-tracking layer to maintain consistency and visibility across distributed environments. By mapping infrastructure components into a directed acyclic graph, the system calculates the optimal order for provisioning, updating, or destroying resources. The platform is distinguished by its extensible plugin-based architecture, which decouples co
Coder is a self-hosted platform for provisioning and managing isolated, containerized development environments. It provides a centralized infrastructure for teams to deploy ephemeral workspaces on private cloud or on-premises hardware, ensuring consistent toolchains and dependencies across distributed development environments. The platform distinguishes itself through its focus on secure, infrastructure-as-code governance and autonomous agent integration. It allows organizations to define reusable, versioned environment templates that integrate with existing identity providers and role-based
This repository is a comprehensive educational resource covering the full spectrum of DevOps practices, including continuous integration and delivery, containerization, orchestration, configuration management, and infrastructure as code. It provides structured content that walks through automating the build, test, and deployment lifecycle using multi-stage pipelines with Jenkins and Azure DevOps. The material covers declarative server configuration and state management through automated Ansible playbooks, enabling consistent system environments across machines. It also addresses container lif
InsForge is a backend-as-a-service platform that provides an integrated suite of tools for managing relational databases, identity provision, object storage, and serverless compute. It functions as an open-source identity provider and a PostgreSQL database manager featuring integrated vector storage and row-level security. The platform serves as an LLM orchestration gateway, offering a unified endpoint to route requests across various AI providers through an OpenAI-compatible interface. It enables AI-driven application generation and connects AI agents to backend resources using a standardize
Vagrant is a virtual machine environment manager and development environment provisioner. It functions as an infrastructure as code tool and multi-hypervisor orchestrator, allowing for the definition and automation of virtualized development environments through a single configuration file. The project enables the creation of portable, virtualized development environments to ensure consistency across different host operating systems. It supports deploying these environments across various backends, including local hypervisors, cloud providers, and container runtimes, using a unified interface
Semaphore is a web interface and API for running and scheduling Ansible playbooks and other infrastructure automation tools. It serves as an infrastructure automation dashboard and DevOps task scheduler for orchestrating deployments. The platform functions as a multi-tool automation hub, providing a centralized dashboard for managing infrastructure as code using Ansible, Terraform, OpenTofu, and Terragrunt. It includes an inventory management tool for organizing target servers and containers, alongside a secret management service for storing sensitive environment variables required during exe
This project is a serverless full-stack framework and infrastructure-as-code tool designed for deploying and managing full-stack applications. It functions as a cloud-native deployment orchestrator that synchronizes application code and environment variables across frontend content delivery networks and backend API endpoints. The platform enables the deployment of complete application architectures on either private or cloud infrastructure. It allows for the orchestration of self-hosted applications without the need to manage traditional virtual servers. The system covers serverless infrastr
pyinfra is an agentless infrastructure automation framework that turns declarative Python code into idempotent shell commands to manage servers, containers, and local machines over SSH without requiring any pre-installed software on target hosts. It operates by comparing the desired state of a system against its current state, using a dry-run simulation mode to preview changes and a fact-based conditional execution engine to gather host attributes at runtime and control which operations run. The tool compiles Python operations into optimized shell commands and executes them in parallel across
Komodo is a remote server orchestrator and container deployment platform. It provides a centralized interface for managing multiple remote hosts through lightweight agents, coordinating Docker Swarm and Kubernetes clusters, and automating software delivery via integrated CI/CD pipelines. The system distinguishes itself with a TypeScript-based automation engine that executes typed scripts against the system API for complex operational workflows. It supports infrastructure-as-code through TOML-based declarative configuration synchronization and provides ephemeral build infrastructure that provi
Terragrunt is an infrastructure as code orchestrator and a thin wrapper for Terraform. It serves as a configuration manager designed to reduce code duplication and manage the execution and deployment order of infrastructure across complex cloud architectures. The tool facilitates scaling cloud deployments across multiple environments, such as development, staging, and production, while keeping configurations consistent. It focuses on organizing large-scale deployments into manageable components to avoid monolithic state files and limit the blast radius of changes. Its capabilities cover infr
zrok is a zero trust networking service that provides a secure overlay mesh to expose local services and files through firewalls and NAT without the need for manual port forwarding. It functions as a zero trust network manager, orchestrating identities, policies, and routers to establish secure connectivity between applications and users. The project distinguishes itself through the use of identity-based routing and hardened HTTP frontends that integrate with external identity providers. These capabilities allow for the creation of identity-aware proxies and secure reverse proxies that authen