Autonomous red team tool for MCP servers. Finds exploitable vulnerabilities before attackers do.
Security tripwires and local MCP proxy for AI agents. Detect prompt injection and enforce tool-call policy.
Security scanner for MCP server configurations. Finds risky tools, vulnerable packages, and suspicious servers across Claude Desktop, Cursor, VS Code, and more.
Open source JavaScript framework for detecting AI-generated content, fraud, scams and bots on any webpage, TikTok, Instagram, Facebook and social media platforms
Proxy objects, keeping track of mutations to commit/rollback
Deniable encryption - AES-256 with plausible deniability via control files
Griptonite Motherboard, Tindeq Progressor, PitchSix Force Board, CTS500, WHC-06, Entralpi, Climbro, mySmartBoard: Bluetooth API Force-Sensing strength analysis for climbers
Auto-updating GeoJSON dataset of Aurora Climbing board locations: Kilter, Tension, Grasshopper, Decoy, So iLL, Touchstone and Aurora.
Simple HTTP mocks and fakes - running on Fastify
SD-JWT implementation in typescript
Simple HTTP mocks and fakes
Model Context Protocol server for deny.sh deniable encryption. Lets any MCP-compatible AI agent call deny.sh tools.
A captcha generator by using skia-canvas module.
Simple HTTP mocks and fakes - running on Koa
Utilities for identifying aspects of your code's execution environment and respectfully interacting with the DOM
One passcode. Your browser storage, encrypted. Zero dependencies.
<p align="center" role="heading" aria-level="1"><picture><source srcset="https://codeberg.org/colingourlay/react-decoy/raw/branch/master/assets/logo-block.svg" media="(max-width: 640px)" /><img title="React Decoy" alt="React Decoy" src="https://codeberg.o
Decoy is a mocking framework designed to get out of your way.
Web Decoy middleware for Express.js
Knex-backed RecordCollection for Duck Decoy
The Token Decoy package is designed to enhance the security of tokens by generating decoy patterns and mutations. It splits tokens into chunks and manipulates the keys associated with these chunks, applying different patterns and mutations to protect the
React component to inject misleading meta tags and hidden instructions to deter AI/webcrawler indexing.
Threat-response primitives for noy-db — multi-attempt lockout, duress-passphrase data destruction, duress-passphrase honeypot decoy. Pure stateful helpers; the caller coordinates keyring + audit-ledger integration. Part of the @noy-db/on-* authentication
A function that removes an HTML element but keeps the tab position