40 GitHub Repos That Feel Like Jewels—No-Code, Privacy, Security & More
Some open-source projects change how you work. They replace paid tools, unlock privacy, or automate work you didn't know you could automate. We keep a curated list internally for tool ideas and client work—and we're sharing the best of it here.
These 40 GitHub repos span no-code builders, design tools, media and privacy proxies, self-hosted stacks, security and forensics, ad-blocking, and terminal tools. Each one has real use cases. Use them to build internal dashboards, lock down your data, or simply work smarter. No fluff—just tools that earn their place.
If you run a site or a team, proactive maintenance plus the right stack reduces fires. Several of these fit that stack.
No-Code & Internal Tools
NocoDB — github.com/nocodb/nocodb
Turns any MySQL, PostgreSQL, or other SQL database into an Airtable-like UI. Grid, Kanban, Calendar, Forms; auto-generated REST APIs; webhooks; self-hosted. Use it for internal CRMs, project trackers, or client admin panels without writing code.
ToolJet — github.com/ToolJet/ToolJet
Retool-style low-code platform: 60+ components, 70+ integrations (DBs, APIs, OpenAI), built-in DB, Git sync, RBAC. Build internal dashboards, admin panels, and workflow automations. Self-hosted, enterprise-ready.
AppFlowy — github.com/AppFlowy-IO/AppFlowy
Notion alternative that runs 100% offline. Wikis, notes, tables, Kanban, calendars; optional self-host and local AI (Mistral, Llama) or cloud models. Import from Notion. Good for internal knowledge bases and client-facing docs.
Design & Media Creation
Penpot — github.com/penpot/penpot
Open-source Figma alternative. Design in SVG/CSS; real-time collaboration; Inspect tab for dev handoff. Self-host or use Penpot cloud. Unlimited files.
Photopea — github.com/photopea/photopea
Browser-based Photoshop-like editor. PSD, XCF, Sketch support; layers, masks, adjustments; processes files locally. Star the repo to support the project. Handy for quick image prep and OG assets.
Media, Streaming & Downloads
Audius — github.com/AudiusProject/audius-protocol
Decentralized music streaming protocol. Artists get paid directly; IPFS-based storage; discovery and content nodes. Research angle: alternatives to Big Tech streaming.
yt-dlp — github.com/yt-dlp/yt-dlp
Feature-rich CLI video/audio downloader. 1000+ sites; ad-free; SponsorBlock; format selection, subtitles, cookies-from-browser. yt-dlp -U to update. Use for backups, CLI automation, or "download any video" workflows.
Invidious — github.com/iv-org/invidious
Privacy-focused YouTube front-end. No ads, no tracking, optional account-free use; SponsorBlock; REST API. Self-host (Docker) or use public instances.
NewPipe — github.com/TeamNewPipe/NewPipe
Android YouTube client with no Google deps. Background audio, popup player, offline downloads; also PeerTube, SoundCloud, Bandcamp. F-Droid.
Social & Privacy Proxies
Libreddit — github.com/libreddit/libreddit
Lightweight Reddit front-end in Rust. No JS, no ads, no tracking; requests proxied. Reddit API changes have hit reliability; Redlib is an active fork.
Nitter — github.com/zedeus/nitter
Twitter/X proxy. No ads, no JS, no tracking; RSS; ~15× lighter. Use Nitter instances or browser extensions to redirect. AGPL-3.0.
ProxiTok — github.com/pablouser1/ProxiTok
TikTok proxy front-end. View without account; watermark-free downloads. PHP-based; public instances or self-host. Some instances can be unstable.
PagerMaid-Modify — github.com/TeamPGM/PagerMaid-Modify
Telegram UserBot with plugins. Automation, filters, custom commands; Telethon-based. Self-hosted; GPL-3.0.
Automation & Download Managers
qBittorrent — github.com/qbittorrent/qBittorrent
Open-source uTorrent replacement. No ads; built-in search, RSS, web UI; DHT, PEX, encryption. Cross-platform.
Sonarr — github.com/Sonarr/Sonarr
PVR for TV shows. Automates torrent/Usenet downloads; quality profiles, calendar, notifications. Pairs with Jackett and Radarr.
Radarr — github.com/Radarr/Radarr
Same idea as Sonarr, for movies. Library management, quality profiles, Jackett integration. Staple of self-hosted media stacks.
Jackett — github.com/Jackett/Jackett
Tracker proxy for Sonarr/Radarr. Single API for many torrent trackers. Critical for *arr automation.
Search, Archive & Monitoring
SearXNG — github.com/searxng/searxng
Privacy metasearch engine. Aggregates 70+ engines; strips tracking; categories (web, images, news); bangs. Self-host or use instances (e.g. searx.space).
Anna's Archive — github.com/annas-archive/annas-archive
Search across shadow libraries (LibGen, Sci-Hub, Z-Library, etc.). Use only where legally compliant in your jurisdiction.
changedetection.io — github.com/dgtlmoon/changedetection.io
Monitors web pages for changes and sends alerts (Discord, Slack, Telegram, email, etc.). Price drops, restocks, content or keyword changes; conditional actions. Self-host or SaaS. We use similar ideas for monitoring and recovery workflows.
Self-Hosted & Infrastructure
emailwiz (Luke Smith) — github.com/LukeSmithxyz/emailwiz
One-command email server setup: Postfix, Dovecot, SpamAssassin, OpenDKIM, Certbot, fail2ban. Debian/Ubuntu. curl -LO lukesmith.xyz/emailwiz.sh and run. Use with Thunderbird, mutt.
Nextcloud — github.com/nextcloud/server
Self-hosted Google Drive / collaboration. Files, calendar, contacts, Nextcloud Office; migration from Google/Dropbox. Full data ownership.
PhotoPrism — github.com/photoprism/photoprism
AI photo manager you self-host. Face recognition, maps, RAW, Live Photo; Docker, NAS, Raspberry Pi. Privacy-first.
Paperless-ngx — github.com/paperless-ngx/paperless-ngx
Document management with OCR (Tesseract). Scan → tag → searchable archive; PDF/A; Office + PDF. Multi-user; local storage only.
Security, Pentesting & Forensics
Use pentesting and recon tools only on systems you own or have explicit authorization to test. When in doubt, don't.
CyberChef — github.com/gchq/CyberChef
Browser "cyber Swiss army knife." Encode/decode, encrypt, parse, analyse; Base64, hex, URL, JSON, regex; chainable "recipes." GCHQ; public.
Depix — github.com/beurtschipper/Depix
Recovers text from pixelized screenshots (linear box filter). Shows pixelization ≠ secure redaction. Use solid redaction instead.
TruffleHog — github.com/trufflesecurity/trufflehog
Scans repos (and other sources) for leaked secrets; verifies active credentials. CLI, GitHub Action, enterprise. AGPL-3.0. Essential for secure ops and CI.
gitrob — github.com/michenriksen/gitrob
Finds sensitive files (keys, configs) in org/member GitHub repos. Original archived; forks exist. Pair with TruffleHog.
BruteX — github.com/1N3/BruteX
Automated brute-forcer across services (Hydra, nmap). Pentesting only; authorized targets only.
sqlmap — github.com/sqlmapproject/sqlmap
Automated SQL injection detection and exploitation. 30+ DBs; authorized tests only. Use defensively: fix SQLi before someone else finds it.
aircrack-ng — github.com/aircrack-ng/aircrack-ng
Wi‑Fi security suite: monitor, inject, crack WEP/WPA-PSK. Kali staple. Use only on networks you own or are authorised to test.
Privacy, Ad-Blocking & Certs
uBlock Origin — github.com/gorhill/uBlock
Wide-spectrum blocker (ads, trackers). Firefox, Chromium-based; Chrome has Lite due to MV3. Static + dynamic filtering; ABP-compatible lists.
mkcert — github.com/FiloSottile/mkcert
Local HTTPS certs trusted by OS/browsers. mkcert -install then mkcert example.com localhost. Dev only; never share rootCA-key.pem or use in production.
AdGuard Home — github.com/AdguardTeam/AdGuardHome
Network-wide DNS filter. Block ads/trackers; DoH/DoT/DoQ; per-device apps. Raspberry Pi, Docker.
Pi-hole — github.com/pi-hole/pi-hole
DNS-level ad blocker for the whole LAN. Gravity, blocklists; often on Raspberry Pi. DoH/DoT via helpers. Compare with AdGuard Home.
Terminal & Developer Tools
Hyper — github.com/vercel/hyper
Terminal built on web tech. Extensible, themes, npm plugins; WebGL renderer. macOS, Windows, Linux. MIT.
Windows Terminal — github.com/microsoft/terminal
Modern Windows terminal. Tabs, panes, GPU rendering; WSL, PowerShell, Cmd. Microsoft Store, winget. MIT.
Oh My Zsh — github.com/ohmyzsh/ohmyzsh
Zsh config framework. 300+ plugins (git, docker, node, php, etc.), themes. plugins=(git docker) in ~/.zshrc.
tmux — github.com/tmux/tmux
Terminal multiplexer. Persistent sessions; detach/attach; survive SSH drops. Ctrl+b d detach. Essential for remote dev.
Neovim — github.com/neovim/neovim
Vim fork focused on extensibility. Lua config; LSP, Tree-sitter; plugins. Nightly releases. Embeddable in GUIs and browsers.
Quick Reference by Category
| Category | Top Picks |
|---|---|
| No-Code / Internal | NocoDB, ToolJet, AppFlowy |
| Design & Media | Penpot, Photopea |
| Media & Downloads | yt-dlp, Invidious, NewPipe |
| Privacy Proxies | Libreddit, Nitter, ProxiTok |
| Automation | qBittorrent, Sonarr, Radarr, Jackett |
| Search & Monitoring | SearXNG, changedetection.io |
| Self-Hosted | Nextcloud, PhotoPrism, Paperless-ngx, emailwiz |
| Security & Forensics | CyberChef, TruffleHog, Depix |
| Privacy & Certs | uBlock Origin, mkcert, AdGuard Home, Pi-hole |
| Terminal & Dev | Hyper, Windows Terminal, Oh My Zsh, tmux, Neovim |
How to Use This List
- Pick one category. Start with no-code, privacy, or self-hosted if you're building internal tools or locking down data.
- Clone or self-host. Most repos support Docker or simple installs. Run them on a VPS or homelab you control.
- Combine tools. e.g. changedetection.io + NocoDB for "watch pages, log changes, dashboards." Sonarr + Radarr + Jackett for media.
- Star and contribute. Stars and feedback help maintainers. Report bugs, improve docs, or sponsor where it matters.
- Stay legal and authorised. Use pentesting and recon tools only on systems you own or have explicit permission to test.
We use several of these for client projects and our own stack—from monitoring and maintenance to secure ops and tooling. For more curated dev resources, see our PHP boilerplates roundup and 100 free PHP resources.
Conclusion
These 40 GitHub repos are gems: they replace paid tools, unlock privacy, and automate real work. Whether you need no-code dashboards, design tools, media downloads, privacy proxies, self-hosted stacks, or a better terminal—there's something here for you.
Use the table and links to jump to what matters. Clone, self-host, and build. And if you run a site or a team, pair the right stack with proactive maintenance—fewer fires, more control.
Frequently Asked Questions
Are these GitHub repos free to use?
Yes. All projects listed are open-source. Check each repo's license (MIT, GPL, AGPL, etc.) for use and redistribution. Some offer optional paid hosting or support.
Which repo should I start with for no-code internal tools?
Start with NocoDB if you already have a MySQL or PostgreSQL database—you get an Airtable-like UI and REST APIs fast. Use ToolJet if you need full dashboards, workflows, and 70+ integrations. AppFlowy fits wikis and notes, especially offline.
How do I use changedetection.io for monitoring?
Add URLs to watch; set check interval and filters. When content or keywords change, you get alerts via Discord, Slack, Telegram, email, or others. Self-host with Docker or use the SaaS. Good for price drops, restocks, or site change monitoring.
Is it safe to use pentesting tools like sqlmap or aircrack-ng?
Only on systems you own or have explicit written authorization to test. Using them on others' systems or networks without permission is illegal. Use them for defensive audits, authorized pen tests, or learning in lab environments.
What's the difference between AdGuard Home and Pi-hole?
Both are DNS-level ad blockers for your network. AdGuard Home has built-in DoH/DoT/DoQ and per-device apps. Pi-hole uses Gravity and blocklists; encrypted DNS usually needs an extra helper. Both run on Raspberry Pi and Docker; choice often comes down to UI and feature preference.
Can I self-host all of these?
Most yes: NocoDB, ToolJet, Penpot, Invidious, SearXNG, changedetection.io, Nextcloud, PhotoPrism, Paperless-ngx, AdGuard Home, Pi-hole, and others. Some are browser-only (Photopea, CyberChef) or OS-level (Windows Terminal, mkcert). Check each repo's docs for deploy options.
Where can I find more curated tool lists?
We publish roundups like PHP boilerplates and 100 free PHP resources. Our tools page has free utilities (redirect checker, SSL checker, etc.). Bookmark the repo links above and check their GitHub "Used by" and discussions for more ideas.
