Alternatives to Insignary Clarity
Compare Insignary Clarity alternatives for your business or organization using the curated list below. SourceForge ranks the best alternatives to Insignary Clarity in 2025. Compare features, ratings, user reviews, pricing, and more from Insignary Clarity competitors and alternatives in order to make an informed decision for your business.
-
1
ZeroPath
ZeroPath
ZeroPath (YC S24) is an AI-native application security platform that delivers comprehensive code protection beyond traditional SAST. Founded by security engineers from Tesla and Google, ZeroPath combines large language models with advanced program analysis to find and automatically fix vulnerabilities. ZeroPath provides complete security coverage: 1. AI-powered SAST for business logic flaws & broken authentication 2. SCA with reachability analysis 3. Secrets detection and validation 4. Infrastructure as Code 5. Automated patch generation. any more... ZeroPath delivers 2x more real vulnerabilities with 75% fewer false positives. Our research team has been successful in finding vulns like critical account takeover in better-auth (CVE-2025-61928, 300k+ weekly downloads), identifying 170+ verified bugs in curl, and discovering 0-days in production systems at Netflix, Hulu, and Salesforce. Trusted by 750+ companies and performing 200k+ code scans monthly. -
2
Kiuwan Code Security
Kiuwan
Kiuwan is an end-to-end application security platform that integrates seamlessly into your development process. Our toolset includes Static Application Security Testing (SAST), Software Composition Analysis (SCA), Software Governance and Code Quality, empowering your team to quickly identify and remediate vulnerabilities. Integrating into your CI/CD pipeline, Kiuwan enables early detection and remediation of security issues. Kiuwan supports strict compliance with industry standards including OWASP, CWE, MISRA, NIST, PCI DSS, and CERT, among others. ✅ Large language support: 30+ programming languages. ✅ Detailed action plans: Prioritize remediation with tailored action plans. ✅ Code Security: Seamless Static Application Security Testing (SAST) integration. ✅ Insights: On-demand or continuous scanning Software Composition Analysis (SCA) to help reduce third-party threats. ✅ One-click Software Bill of Materials (SBOM) generation Code Smarter. Secure Faster. Ship Sooner. -
3
Finite State
Finite State
Finite State manages risk across the software supply chain with comprehensive SCA and SBOMs for the connected world. By providing end-to-end SBOM solutions, Finite State enables Product Security teams to meet regulatory, customer, and security demands. Finite State's best-in-class binary SCA creates visibility into any-party software that enables Product Security teams to understand their risk in context and shift right on vulnerability detection. With visibility, scalability, and speed, Finite State correlates data from all of your security tools into a single pane of glass for maximum visibility. -
4
Snyk
Snyk
Snyk is the leader in developer security. We empower the world’s developers to build secure applications and equip security teams to meet the demands of the digital world. Our developer-first approach ensures organizations can secure all of the critical components of their applications from code to cloud, leading to increased developer productivity, revenue growth, customer satisfaction, cost savings and an overall improved security posture. Snyk’s Developer Security Platform automatically integrates with a developer’s workflow and is purpose-built for security teams to collaborate with their development teams. Snyk is used by 1,200 customers worldwide today, including industry leaders such as Asurion, Google, Intuit, MongoDB, New Relic, Revolut and Salesforce. Snyk is recognized on the Forbes Cloud 100 2021, the 2021 CNBC Disruptor 50 and was named a Visionary in the 2021 Gartner Magic Quadrant for AST.Starting Price: $0 -
5
CodeSentry
CodeSecure
CodeSentry is a Binary Composition Analysis (BCA) tool designed to provide detailed insights into the components of binaries, including open-source software, firmware, and containers. It helps identify vulnerabilities within these components by generating Software Bill of Materials (SBOMs) in formats like SPDX and CycloneDX. By mapping components to a comprehensive vulnerability database, CodeSentry enables organizations to mitigate risks and improve software security. It is effective for both pre-production analysis and post-production monitoring, allowing teams to track vulnerabilities throughout the software lifecycle. The tool is flexible in deployment, supporting SaaS and on-premise configurations. -
6
DeepSCA
Deepbits Technology
DeepSCA is a free online AI-powered software composition analysis service for software risk management. It supports various inputs such as binary, APK, JavaScript, Python, docker image, etc., and no source code is required.Starting Price: $0 -
7
Fink
Fink
The Fink project wants to bring the full world of Unix open source software to Darwin and Mac OS X. We modify Unix software so that it compiles and runs on Mac OS X ("port" it) and make it available for download as a coherent distribution. Fink uses Debian tools like dpkg and apt-get to provide powerful binary package management. You can choose whether you want to download precompiled binary packages or build everything from source. The project offers precompiled binary packages as well as a fully automated build-from-source system. Mac OS X includes only a basic set of command-line tools. Fink brings you enhancements for these tools as well as a selection of graphical applications developed for Linux and other Unix variants. With Fink the compile process is fully automated; you'll never have to worry about Makefiles or configure scripts and their parameters again. The dependency system automatically takes care that all required libraries are present.Starting Price: Free -
8
IDA Pro
Hex-Rays
IDA Pro as a disassembler is capable of creating maps of their execution to show the binary instructions that are actually executed by the processor in a symbolic representation (assembly language). Advanced techniques have been implemented into IDA Pro so that it can generate assembly language source code from machine-executable code and make this complex code more human-readable. The debugging feature augmented IDA with the dynamic analysis. It supports multiple debugging targets and can handle remote applications. Its cross-platform debugging capability enables instant debugging, easy connection to both local and remote processes and support for 64-bit systems and new connection possibilities. IDA Pro allows the human analyst to override its decisions or to provide hints so that the analyst can work seamlessly and quickly with the disassembler and analyze binary code more intuitively. -
9
Troy
BigBear.ai
Troy is an AI-powered, machine-assisted binary analysis platform developed by BigBear.ai to enhance cybersecurity vulnerability assessment and testing. It automates the process of binary reverse engineering, providing better visibility into the code running on sensors and devices. By intelligently automating common tools and techniques, Troy extracts significant data and produces unique insights, accelerating the identification of software vulnerabilities. A key feature of Troy is its ability to generate a reverse Software Bill of Materials (SBOM) for binaries lacking available source code, reducing manual labor and increasing analysis speed. The platform's modular and customizable design allows for the integration of new tools, techniques, and AI-backed analysis into expanding workflows, offering a scalable and flexible framework for cybersecurity professionals. -
10
OpenJDK
Oracle
The place to collaborate on an open-source implementation of the Java platform, standard edition, and related projects. Download and install the latest open-source JDK. Oracle’s free, GPL-licensed, production-ready OpenJDK JDK 21 binaries for Linux, macOS, and Windows are available, Oracle’s commercially-licensed JDK 21 binaries, based on the same code, are available as well. Browse the code on the web, clone a repository to make a local copy, and contribute a patch to fix a bug, enhance an existing component, or define a new feature. OpenJDK provides source code that developers can use to build their binaries. Consequently, users are responsible for compiling the code and generating the Java runtime tailored to their specific platform. The JDK is a complex software project. Building it requires a certain amount of technical expertise, a fair number of dependencies on external software, and reasonably powerful hardware.Starting Price: Free -
11
Sonatype Nexus Repository
Sonatype
Sonatype Nexus Repository is a robust binary repository manager designed to store, manage, and distribute open-source components, dependencies, and artifacts across the software development lifecycle (SDLC). It supports over 20 formats, including Maven, npm, PyPI, and Docker, allowing for seamless integration with build tools and CI/CD pipelines. With advanced features like high availability, disaster recovery, and scalability across cloud platforms, Nexus Repository ensures secure and efficient management of your software artifacts. The platform enhances collaboration, automates workflows, and improves visibility into your software supply chain, helping teams manage dependencies and improve software quality. -
12
DropBear
Matt Johnston
Dropbear is a relatively small SSH server and client. It runs on a variety of Unix platforms. Dropbear is open-source software, distributed under an MIT-style license. Dropbear is particularly useful for "embedded"-type Linux (or other Unix) systems, such as wireless routers. If you want to be notified of new releases, or for general discussion of Dropbear, you can subscribe to the relatively low-volume mailing list. With a small memory footprint suitable for memory-constrained environments, Dropbear can compile to a 110kB statically linked binary with uClibc on x86 (only minimal options selected) Dropbear server implements X11 forwarding and authentication-agent forwarding for OpenSSH clients. The server, client, keygen, and key converter can be compiled into a single binary (like busybox) Features can easily be disabled when compiling to save space. The multi-hop mode uses SSH TCP forwarding to tunnel through multiple SSH hosts in a single command.Starting Price: Free -
13
ObjectSecurity BinLens
ObjectSecurity
Conventional cybersecurity approaches are insufficient to protect today’s IT/OT/ICS software and devices. SBOM generation is limited to detecting only known vulnerabilities in published software. Source code analysis and static application security testing (SAST) produce too many false-positives, slowing down remediation. Network scanning fails in cases where devices are not connected to the network. Unlock deeper security insights with BinLens™— your all-in-one solution for advanced binary analysis. BinLens™ (formerly ObjectSecurity OT.AI Platform) uses an integrated approach, combining multiple techniques to uncover potential zero-days with unmatched precision. Powered by automated symbolic execution, it excels at detecting memory-safety violations and other undefined behaviors in binary programs, delivering a dramatically lower false-positive rate than competing tools. BinLens™ automates key manual reverse engineering tasks like static analysis, disassembly, and decompilation. -
14
BitKeeper
BitKeeper
BitKeeper is the original distributed source management system. Now available as Open Source under the Apache 2.0 License. BitKeeper is a fast, enterprise-ready, distributed SCM that scales up to very large projects and down to tiny ones. Nested Repositories are submodules done right! Version control collections of repositories. Hybrid mode for binary files that uses a cloud of server for binaries instead of bloating the source repositories. All file accesses validate checksums for integrity. All file writes include redundancy for error correction. High performance and scales to very large repositories.Starting Price: Free -
15
ccminer
ccminer
ccminer is an open-source project for CUDA compatible GPUs (nVidia). The project is compatible with both Linux and Windows platforms. This site is intended to share cryptocurrencies mining tools you can trust. Available open-source binaries will be compiled and signed by us. Most of these projects are open-source but could require technical abilities to be compiled correctly. -
16
JFrog Xray
JFrog
DevSecOps Next Generation – Securing Your Binaries. Identify security vulnerabilities and license violations early in the development process and block builds with security issues from deployment. Automated and continuous governance and auditing of software artifacts and dependencies throughout the software development lifecycle from code to production. Additional functionalities include: - Deep recursive scanning of components drilling down to analyze all artifacts and dependencies and creating a graph of relationships between software components. - On-Prem, Cloud, Hybrid, or Multi-Cloud Solution - Impact analysis of how an issue in one component affects all dependent components with a display chain of impacts in a component dependency graph. - JFrog’s vulnerabilities database, continuously updated with new component vulnerability data, includes VulnDB, the industry’s most comprehensive security vulnerability database. -
17
pgAdmin
pgAdmin
pgAdmin is a free software project released under the PostgreSQL/Artistic licence. The software is available in source and binary format from the PostgreSQL mirror network. Because compiling from source requires technical knowledge, we recommend installing binary packages whenever possible. pgAdmin is the most popular and feature rich Open Source administration and development platform for PostgreSQL, the most advanced Open Source database in the world. pgAdmin is a management tool for PostgreSQL and derivative relational databases such as EnterpriseDB's EDB Advanced Server. It may be run either as a web or desktop application. As pgAdmin is a web application, it can only interact with the local filesystem in ways that are allowed by modern web browsers. This limits what is possible for security; essentially files can only be "downloaded" or "uploaded" (through a form). -
18
Binarly
Binarly
Detect and remediate known and unknown vulnerabilities at every step of the device and software supply chain. That's why, instead of merely mapping binaries to a list of known vulnerabilities, we go beneath the surface to understand how the code executes, enabling us to detect defects, not just the binaries. This approach allows Binarly to identify entire classes of defects, beyond just known issues, and to do so more rapidly with near-zero false positives. Identifying known and previously unknown vulnerabilities and malicious behavior – not just hashes or signature matching. Extending insight beyond the CVE, showing which vulnerabilities exist at the binary level. Reducing alert fatigue through the use of machine learning to achieve near-zero false positives. -
19
DivFix++
DivFix++
DivFix++ is a video repair tool for AVI files. Sometimes you can't convert your AVI video files for your PSP or smartphone due to slight corruption. Because most "video conversion" software doesn't like corrupted AVI files. You can fix corruptions on your AVI file before starting the conversion. Also, you can't watch your video/movie properly on your favorite "video player" due to corruption. Sometimes downloaded videos/movies are corrupted too. You can fix them with DivFix++ if they are in AVI format. You can also preview "video download" with this tool, fix the file adds the seeking ability to the video and you can watch currently downloaded parts. So you can decide if you are continuing to download that video or not. It's a good thing if you are a heavy P2P user. Windows users can download ming32 compiled Win32 and ming64 compiled Win64 binaries. Mac OSX users can download precompiled static Universal binary.Starting Price: Free -
20
Telegraf
InfluxData
Telegraf is the open source server agent to help you collect metrics from your stacks, sensors and systems. Telegraf is a plugin-driven server agent for collecting and sending metrics and events from databases, systems, and IoT sensors. Telegraf is written in Go and compiles into a single binary with no external dependencies, and requires a very minimal memory footprint. Telegraf can collect metrics from a wide array of inputs and write them into a wide array of outputs. It is plugin-driven for both collection and output of data so it is easily extendable. It is written in Go, which means that it is a compiled and standalone binary that can be executed on any system with no need for external dependencies, no npm, pip, gem, or other package management tools required. With 300+ plugins already written by subject matter experts on the data in the community, it is easy to start collecting metrics from your end-points.Starting Price: $0 -
21
Microsoft Cognitive Toolkit
Microsoft
The Microsoft Cognitive Toolkit (CNTK) is an open-source toolkit for commercial-grade distributed deep learning. It describes neural networks as a series of computational steps via a directed graph. CNTK allows the user to easily realize and combine popular model types such as feed-forward DNNs, convolutional neural networks (CNNs) and recurrent neural networks (RNNs/LSTMs). CNTK implements stochastic gradient descent (SGD, error backpropagation) learning with automatic differentiation and parallelization across multiple GPUs and servers. CNTK can be included as a library in your Python, C#, or C++ programs, or used as a standalone machine-learning tool through its own model description language (BrainScript). In addition you can use the CNTK model evaluation functionality from your Java programs. CNTK supports 64-bit Linux or 64-bit Windows operating systems. To install you can either choose pre-compiled binary packages, or compile the toolkit from the source provided in GitHub. -
22
QShield
Quarkslab
Obfuscate your highly valuable source code and protect your sensitive assets thanks to QShield compiler-obfuscator. Protect your applications against static and dynamic analysis. Software running on untrusted environments is at risk of reverse-engineering, an application running on a device that is available to an attacker is vulnerable to a wide range of techniques used to try and extract secrets, and intellectual property. To prevent unauthorized parties from gaining insight, tampering with or even recovering the source code from the binary, software protection mechanisms must be implemented to preserve revenues and intellectual property. 30+ obfuscation schemes are available. Granular control of the protection profile thanks to a file-based policy or comments throughout the code. Build diversification, each compiled application is different with a user-controlled randomness seed. Integrity checks and detection of debuggers, emulators, and hooking frameworks. -
23
The Code Registry
The Code Registry
The Code Registry is an AI-powered code intelligence and analysis platform that gives businesses and non-technical stakeholders full visibility into their software codebase, even if they don’t write code themselves. Upon connecting your code repository (GitHub, GitLab, Bitbucket, Azure DevOps, or uploading a zipped archive), the platform creates a secure “IP Vault” and runs a comprehensive automated analysis across your entire codebase. It produces a range of reports and dashboards, including a code-complexity score (revealing how intricate or maintainable your code is), open-source component analysis (detecting dependencies, license status, outdated or vulnerable libraries), security analysis (identifying potential vulnerabilities, insecure configurations or risky dependencies), and a “cost-to-replicate” valuation, estimating how much effort or resources it would take to rebuild or replace the software from scratch.Starting Price: $2 per month -
24
RunMat
Dystr
RunMat (by Dystr) is a fast, free, open-source alternative for running MATLAB code. Users can run their existing MATLAB code with complete language grammar and core semantics. No license fees, no lock-in. RunMat is built with a modern compiler, which enables blazing-fast calculations. It boots in 5 milliseconds, GPU optimization is enabled by default, and it's a single, compact, cross-platform binary. Typical engineering use cases - Controls/signal processing & numerics: accelerate MATLAB-style loops plus heavy linear algebra; enjoy faster iteration due to instant startup and tiered JIT. - Batch/CI & serverless jobs: snapshots + compact binaries make it easy to run .m workloads in containers or ephemeral runners at scale. - Plot-heavy workflows: interactive GPU plots for exploratory analysis and reportable exports for stakeholders. - Education: remove license friction and start labs instantly; Jupyter kernel supports reproducible worksheets.Starting Price: $0 -
25
Java
Oracle
The Java™ Programming Language is a general-purpose, concurrent, strongly typed, class-based object-oriented language. It is normally compiled to the bytecode instruction set and binary format defined in the Java Virtual Machine Specification. In the Java programming language, all source code is first written in plain text files ending with the .java extension. Those source files are then compiled into .class files by the javac compiler. A .class file does not contain code that is native to your processor; it instead contains bytecodes — the machine language of the Java Virtual Machine1 (Java VM). The java launcher tool then runs your application with an instance of the Java Virtual Machine.Starting Price: Free -
26
Gogs
Gogs
The Gogs project aims to build a simple, stable, and extensible self-hosted Git service that can be set up in the most painless way. With Go, this can be done with an independent binary distribution across all platforms that Go supports. Simply run the binary for your platform. Or ship Gogs with Docker or Vagrant, or get it packaged. Gogs runs anywhere Go can compile for Windows, Mac, Linux, ARM, etc. Gogs has low minimal requirements and can run on an inexpensive Raspberry Pi. Some users even run Gogs instances on their NAS devices. Gogs is 100% open source and free of charge. All source code is available under the MIT License on GitHub. User dashboard, user profile, and activity timeline. Access repositories via SSH, HTTP, and HTTPS protocols. User, organization, and repository management. Repository and organization webhooks, including Slack, Discord, and Dingtalk. Repository Git hooks, deploy keys, and Git LFS. Repository issues, pull requests, wiki, and protected branches.Starting Price: Free -
27
Black Duck's Mobile Application Security Testing (MAST) service offers on-demand assessments designed to address the unique security risks of mobile applications. It enables detailed analysis of client-side code, server-side code, and third-party libraries, identifying vulnerabilities even without requiring access to source code. Combining proprietary static and dynamic analysis tools, MAST provides two levels of testing depth: Standard, which integrates automated and manual analysis to detect vulnerabilities in application binaries, and Comprehensive, which adds extended manual testing to uncover issues in both mobile application binaries and their server-side functionalities. This flexible and thorough approach helps organizations reduce the risk of breaches and ensure the security of their mobile application ecosystems.
-
28
Thorium
Thorium
Thorium uses many modifications to the compiler configuration file, which highly optimizes the browser, at the cost of size. Thorium uses the official builds of Chrome and Chromium also uses Profile Guided Optimization (PGO), this optimization technique uses a profile data file, which is generated by a profiler to optimize the entire binary. The profiler does a test run of the binary, and records which parts of code are accessed most frequently, their memory access patterns, and what data they frequently fetch. There are many Chromium-based browsers out there with subsets of these optimizations, but only Thorium uses all of them together to bring the most performant browsing experience on Linux, Windows, MacOS, and Raspberry Pi.Starting Price: Free -
29
osquery
osquery
osquery is an operating system instrumentation framework for Windows, OS X (macOS), and Linux. The tools make low-level operating system analytics and monitoring both performant and intuitive. Frequently, attackers will leave a malicious process running but delete the original binary on disk. This query returns any process whose original binary has been deleted, which could be an indicator of a suspicious process. Our build infrastructure ensures that newly introduced code is benchmarked and tested. We perform continuous testing for memory leaks, thread safety, and binary reproducibility on all supported platforms.Starting Price: Free -
30
OpenModelica
OpenModelica
OpenModelica is an open source modeling and simulation environment based on the Modelica language, intended for industrial and academic use. Its development is supported by the Open Source Modelica Consortium (OSMC), a non-profit organization. The platform aims to provide a comprehensive Modelica modeling, compilation, and simulation environment distributed in both binary and source code forms for research, teaching, and industrial applications. OpenModelica supports the Modelica Standard Library and is compatible with various operating systems, including Windows, Linux, and macOS. It is designed to facilitate the development and execution of both low-level and high-level numerical algorithms, making it suitable for control system design, solving nonlinear equation systems, and developing optimization algorithms applied to complex applications. The platform also offers tools for debugging, visualization, and animation, enhancing the user experience in modeling and simulation tasks.Starting Price: Free -
31
Modsurfer
Dylibso
Modsurfer provides ops & dev teams with the first system-of-record and diagnostics application to search, browse, validate, audit, and investigate WebAssembly binaries. At-a-glance insights into WebAssembly module data (code size & complexity, imports/exports & more). Search for details about modules (hash, ID, function names, strings, namespaces, errors & more). Easily audit and track all the WebAssembly code in your stack. Debug & triage issues otherwise difficult to pinpoint in opaque WebAssembly format. Write or generate a "check file" to track binary requirements. If a module fails validation, a helpful report is created to get things back on track. Validate your modules for import/export existence, function signature, security compliance, runtime complexity, & more. The CLI puts all your Modsurfer data at your fingertips and is the easiest way to interact with the Modsurfer desktop or enterprise server.Starting Price: Free -
32
OpenMake Meister
OpenMake Software
OpenMake Meister® delivers a highly reusable and accelerated build solution that can quickly adapt to changing development demands. It gives you control over the logic that drives your compile/link/archive process and eliminates the need for one-off scripts that are brittle and error prone. It accelerates builds, relieves congestion, stores binaries and gathers critical dependency information that can be used for release packaging. Accelerate CI with fast compiles and parallel processing using reliable dependency management across thousands of server pools. Meister reduces build times from hours to minutes. Standardize binary assembly for software builds that dynamically adapt to each version update. Our model-driven approach reduces or eliminates ad hoc scripting. Expose all artifacts of your release candidate, even those not managed by a version control solution. Meister Impact Analysis and Audit Reports eliminate guesswork. -
33
Grammatech Proteus
Grammatech
Proteus is an advanced software testing system for automatically finding and fixing vulnerabilities, with no false alarms, aimed at development groups, testing organizations, and cybersecurity teams. It discovers vulnerabilities that could be triggered by potentially malicious files or network inputs, including many common entries in the Common Weakness Enumeration (CWE). The tool supports Windows and Linux native binaries. By integrating and simplifying the use of state-of-the-art tools for binary analysis and transformation, Proteus lowers the costs and increases the efficiency and effectiveness of software testing, reverse engineering, and maintenance. Binary analysis, mutational fuzzing, and symbolic execution without the need for source code, and a professional-grade user interface for result aggregation and presentation. Advanced exploitability reporting and reasoning capability, and deployment in a virtualized environment or on a host system.Starting Price: Free -
34
Qwiet AI
Qwiet AI
The Fastest Code Analysis, Hands Down. 40X faster scan times so developers never have to wait for results after submitting pull requests. The Most Accurate Results. Qwiet AI has the highest OWASP Benchmark score, which is nearly triple the commercial average and more than double the 2nd highest score. Developer-Centric Security Workflows. 96% of developers report that disconnected security and development workflows inhibit their productivity. Implementing developer-centric AppSec workflows decreases mean-time-to-remediation (MTTR), typically by 5X - enhancing both security and developer productivity. Automatically Find Business Logic Flaws in Dev. Identify vulnerabilities that are unique to your code base before they reach production. Achieve Compliance. Demonstrate and maintain compliance with security and privacy regulations such as SOC 2, PCI-DSS, GDPR, and CCPA.Starting Price: Free -
35
Rudix
Rudix
Rudix is a build system target on macOS (formerly known as Mac OS X) with minor support to OpenBSD, FreeBSD, NetBSD, and Linux. The build system (also called "ports") provides step-by-step instructions for building third-party software, entirely from source code. Rudix provides more than a pure ports framework, it comes with packages, and precompiled software bundled up in a nice format (files *.pkg) for easy installation on your Mac. If you want to collaborate on the project, visit us at GitHub/rudix-mac or at our mirror at GitLab/rudix. Use the GitHub issue tracker to submit bugs or request features. Similar projects or alternatives to Rudix are Fink, MacPorts, pkgsrc, and Homebrew. Packages are compiled and tested on macOS Big Sur (Version 11, Intel only!), Catalina (Version 10.15) and OS X El Capitan (Version 10.11). Every package is self-contained and has everything it needs to work. The binaries, libraries, and documentation will be installed under /usr/local/.Starting Price: Free -
36
WebAssembly
WebAssembly
WebAssembly (abbreviated Wasm) is a binary instruction format for a stack-based virtual machine. Wasm is designed as a portable compilation target for programming languages, enabling deployment on the web for client and server applications. The Wasm stack machine is designed to be encoded in a size- and load-time-efficient binary format. WebAssembly aims to execute at native speed by taking advantage of common hardware capabilities available on a wide range of platforms. WebAssembly describes a memory-safe, sandboxed execution environment that may even be implemented inside existing JavaScript virtual machines. When embedded in the web, WebAssembly will enforce the same-origin and permissions security policies of the browser. WebAssembly is designed to be pretty-printed in a textual format for debugging, testing, experimenting, optimizing, learning, teaching, and writing programs by hand. The textual format will be used when viewing the source of Wasm modules on the web.Starting Price: Free -
37
VSCodium
VSCodium
Microsoft’s vscode source code is open source (MIT-licensed), but the product available for download (Visual Studio Code) is licensed under this not-FLOSS license and contains telemetry/tracking. The VSCodium project exists so that you don’t have to download+build from source. This project includes special build scripts that clone Microsoft’s vscode repo, run the build commands, and upload the resulting binaries for you to GitHub releases. These binaries are licensed under the MIT license. Telemetry is disabled. Note for Mac OS X Mojave users, if you see “App can’t be opened because Apple cannot check it for malicious software” when opening VSCodium the first time, you can right-click the application and choose Open. This should only be required the first time opening on Mojave. The most up-to-date information on migrating from Visual Studio Code and other quirks you might encounter are documented. -
38
Q-mast
Quokka
Q-mast is Quokka’s automated mobile application security testing solution built for teams that need deep visibility, operational speed, and strong compliance across both in-house and/or third-party mobile apps. Q-mast performs full-spectrum testing across the mobile software development lifecycle—from design to deployment—covering static, dynamic, and interactive analysis, even in obfuscated or binary-only builds. The solution generates a complete, version-specific software bill of materials (SBOM), including embedded libraries, to surface vulnerable components and dependencies with pinpoint accuracy. Designed to fit into modern pipelines, Q-mast automates mobile app testing within CI/CD workflows like GitHub, GitLab, and Jenkins. -
39
XMRig
XMRig
High performance, open source, cross platform RandomX, KawPow, CryptoNight and AstroBWT CPU/GPU miner, RandomX benchmark and stratum proxy. The preferred way to configure XMRig is the JSON config file as it is more flexible and human friendly. The command line interface does not cover all features, such as mining profiles for different algorithms. Important options can be changed during runtime without miner restart by editing the config file or executing API calls. Wizard helps you create initial configuration for the miner. Workers helps manage your miners via HTTP API. Default donation 1% (1 minute in 100 minutes) can be increased via option donate-level or disabled in source code. XMRig source code available on GitHub under terms of GPLv3 license. Binary downloads and build instructions available for most popular platforms. We use a self hosted buildbot to create binaries for every commit. -
40
FOSSA
FOSSA
Scalable, end-to-end management for third-party code, license compliance, and Open Source has become the critical supplier for modern software companies, changing everything about how people think about their code. FOSSA builds the infrastructure for modern teams to be successful with open source. FOSSA's flagship product helps teams track the open source used in their code and automate license scanning and compliance. Since then, over 7,000 open source projects (Kubernetes, Webpack, Terraform, ESLint) and companies ( Uber, Ford, Zendesk, Motorola) rely on FOSSA's tools to ship software. If you are in the software industry today, you're now using code that runs FOSSA. FOSSA is a venture-funded company backed by Cosanoa Ventures, Bain Capital Ventures, etc. with affiliate angels including Marc Benioff (Salesforce), Steve Chen (YouTube), Amr Awadallah (Cloudera), Jaan Tallin (Skype), and Justin Mateen (Tinder).Starting Price: $230 per month -
41
Emojicode
Emojicode
Emojicode is an open-source, full-blown programming language, consisting of emojis. As a multi-paradigm language, Emojicode features object orientation, optionals, generics, closures, and protocols. Emojicode compiles native machine code using lots of optimizations that make your code fast. Emojicode comes with a comprehensive set of default packages. And you can easily write your own. We believe that Emojis have expressive force. Let’s use that to make programming more fun and accessible. Emojicode is a straightforward language to learn, whatever background you have. Our documentation is known to be excellent and stuffed with walk-through guides and examples. You can help Emojicode grow! Development takes place on GitHub and you’re invited to drop in. Before you install Emojicode make sure you have a C++ compiler and linker installed. clang++ or g++ is fine, for instance. The Emojicode compiler can only link binaries if such a compiler is available.Starting Price: Free -
42
Sonatype Intelligence
Sonatype
Sonatype Intelligence provides a powerful platform for managing open-source security risks with advanced tools for vulnerability identification and remediation. It uses cutting-edge technology like Advanced Binary Fingerprinting (ABF) to scan deployed applications for embedded third-party components, minimizing false positives. Sonatype Intelligence goes beyond public data sources, continuously monitoring GitHub commits, advisory sites, and vulnerability databases to offer real-time insights into emerging threats. With expert-curated guidance for developers, it helps teams quickly identify and fix vulnerabilities, ensuring the security of their open-source components and enhancing their software supply chain security. -
43
Rubber Duck
Rubber Duck
Rubber Duck is a pre-submission app-review scanner designed to help developers avoid rejections from the Apple App Store by catching common issues before submission. Developers upload their compiled app, and Rubber Duck runs automated scans followed by human QA, testing real device compatibility (including older iPhone models), verifying in-app purchase (IAP) flows, checking for missing metadata or placeholder content, detecting crashes on launch or during use, and ensuring privacy-policy and data-collection compliance. Within about four hours, users receive a detailed “Duck Report” listing every detected issue with severity ratings and exact repro steps, enabling them to fix problems before submitting to Apple. Scans are run in a secure, isolated sandbox; uploads are encrypted in transit and at rest; the compiled binary is the only thing analyzed (not source code); and builds are automatically deleted after 30 days (or sooner on request).Starting Price: $29 per month -
44
Power365
Quest Software
Binary Tree Power365® Migration by Quest lets you migrate mailboxes, archives, and content for Office 365 tenant migrations, all built on Microsoft Azure, for a secure, cloud-based transformation experience. With Binary Tree Power365 Migration, you also have the option to migrate OneDrive, OneNote, and SharePoint content as well as migrate from on-premises or hosted Exchange environments. With Binary Tree Power365 Migration, you can maintain data integrity and user confidence from start to finish. It is a truly unlimited cloud migration tool — so you don’t have to worry about data caps, archive restrictions or limits on passes — for a fast, complete migration. Binary Tree Power365 Migration ensures your end-users will have a positive Office 365 tenant migration experience, as you can schedule processes and synchronization events to occur when it is convenient for your organization, minimizing impacts to your business. -
45
Online 3D Viewer
Online 3D Viewer
Online 3D Viewer is a free and open-source web solution to visualize and explore 3D models right in your browser. This repository contains the source code of the website and the library behind it. The website supports several file formats for import and export. If a file format has text and a binary version, usually it's recommended to use the binary version. There are several ways to load models. You can use files from your computer or load files hosted on an external web server. You can load models from your computer. In this case, the model won't be uploaded to any web server, the entire process happens in your browser. You can load models by URL with the open URL button on the toolbar. Sometimes you see missing files in the tree. It means that your model refers to another file, but they are not selected to import. To solve the issue you have to import the model again together with the referenced files, or just import the missing files on their own.Starting Price: Free -
46
Deepbits
Deepbits Technology
Deepbits Platform, built on years of top-notch academic research, generates software bill of materials (SBOMs) directly from application binaries to firmware images and continuously protects digital assets by integrating itself into the software supply chain lifecycle. - without accessing any source codeStarting Price: $0 -
47
afl-unicorn
Battelle
afl-unicorn lets you fuzz any piece of binary that can be emulated by Unicorn Engine. If you can emulate the code you’re interested in using the Unicorn Engine, you can fuzz it with afl-unicorn. Unicorn Mode works by implementing the block-edge instrumentation that AFL’s QEMU mode normally does into Unicorn Engine. Basically, AFL will use block coverage information from any emulated code snippet to drive its input generation. The whole idea revolves around the proper construction of a Unicorn-based test harness. The Unicorn-based test harness loads the target code, sets up the initial state, and loads in data mutated by AFL from disk. The test harness then emulates the target binary code, and if it detects that a crash or error occurred it throws a signal. AFL will do all its normal stuff, but it’s actually fuzzing the emulated target binary code. Only tested on Ubuntu 16.04 LTS, but it should work smoothly with any OS capable of running both AFL and Unicorn.Starting Price: Free -
48
Rainforest
Rainforest
Achieve higher cyber security protection with the Rainforest platform. Trust Rainforest to safeguard your innovations and provide you with the confidence to navigate the digital world securely, with quick implementation, and faster results. Traditional solutions are too complex to implement for companies that don't waste time and money. Frictionless integration, so you can use your time more fixing than implementing our solutions. Our trained models use AI to suggest fixes, empowering your team to resolve issues easily. 7 different application analyses with comprehensive application security, local code analysis, and AI-driven fix suggestions, ensure seamless integration, rapid vulnerability detection, and effective remediation for robust application protection. Continuous cloud security posture management, identifying misconfigurations and vulnerabilities in real-time enhancing cloud security effortlessly. -
49
GraalVM
GraalVM
Discover libraries and frameworks that work out-of-the-box with Native Image. Apply Graal, an advanced optimizing compiler, that generates faster and leaner code requiring fewer compute resources. Compile Java applications ahead of time to native binaries that start up instantly and deliver peak performance with no warmup time. Leverage the best features and libraries of popular languages in a single app with no overhead. Debug, monitor, profile, and optimize resource consumption in Java and across multiple languages. GraalVM’s high-performance JIT compiler generates optimized native machine code that runs faster, produces less garbage, and uses less CPU thanks to a battery of advanced compiler optimizations and aggressive and sophisticated inlining techniques. The end results are applications that run faster and consume fewer resources, reducing cloud and infrastructure costs.Starting Price: Free -
50
OpenBoard
dslul
OpenBoard is a 100% foss keyboard based on AOSP, with no dependency on Google binaries, that respects your privacy.
