Effectiveness of ARMO CTRL for Cloud Readiness Testing?

Testing ARMO CTRL this month for cloud readiness really curious how effective the attack simulations are in finding weak spots in security tools.

https://redd.it/1pgbvxl
@r_opensource

An interview with freeCodeCamp Founder Quincy Larson

https://lijie2000.substack.com/p/an-interview-with-quincy-larson-from

Quincy shared the story behind freeCodeCamp, his philosophy on building vibrant communities, his special connection with China, and his thoughtful perspectives on the future of open source education.



https://redd.it/1pgcl27
@r_opensource

mini-init-asm - tiny container init (PID 1) in pure assembly (x86-64 + ARM64)

Hey everyone,

I've just open-sourced a small but fairly low-level project and would love feedback/eyes on it.

**mini-init-asm** is a tiny PID1 for Linux containers:

* written in **x86-64 NASM** and **ARM64 GAS**
* runs as PID1 inside the container
* creates a new session + process group for your app
* forwards signals to the whole group
* reaps zombies (with optional subreaper mode)
* optionally restarts the app on crash (simple supervisor behavior)
* uses only Linux syscalls (no libc, static binaries)

It's heavily inspired by [Tini](https://github.com/krallin/tini), but with a different implementation and a strong focus on:

* being **small & auditable**
* being a good **educational example** of "real" assembly project structure
* exposing behavior mostly via env vars, with minimal CLI

GitHub repo --> [mini-init-asm](https://github.com/roots666/mini-init-asm)

I'm especially looking for:

* feedback from people who've worked on init / PID1 / container runtimes
* issues / PRs around missing edge cases or portability
* suggestions on how to keep it minimal but more production-friendly

If this sounds interesting and you'd like to hack on it, I'd be happy to discuss ideas in issues or PRs.

reddit auto-mod didn't like my original post with the full write-up, so I add link as a comment.

https://redd.it/1pgfyuc
@r_opensource

I do my own take on a free, open-source junk remover tool for Windows to help you squeeze more Gigabytes from your drives, since the current consumer market for storage related hardware has become expensive.

Hello everyone,

All of us who can't stand having our drives filled with junk have our own ways and tools to identify and manage this problem. I enjoy building small utilities that solve everyday PC problems like this (even though sometimes others might exist already), so I’ve been working on my own take on a cleaner — something fast, safe, and lightweight that anyone can use.

It’s called Cleanse, and it’s a free, open-source tool for Windows, focused on clearing leftover files from the directories that tend to silently bloat over time. Cleanse also includes detailed stats and graphs so you can see exactly what was cleaned and how your disk usage changes over time. I’m building it as a minimal, ad-free, bloat-free alternative driven entirely by community feedback. Anyone can suggest features, report issues, or even modify the code themselves — the project is licensed under GNU GPLv3, so the whole thing stays open and transparent.

Right now, Cleanse is in a working but bare-bones state. It can already:

estimate junk on your system
clean it instantly
run scheduled automatic cleanups
update itself automatically.

Planned features include:

emergency file restore (a safe rollback)
deeper-clean (filter by file size/type/folder)
advanced logs
and possibly a system for detecting leftover files from uninstalled apps

I’d love for people to try it out, break it, give feedback, and help shape where it goes. The idea of a small community improving this tool together is the part that motivates me most!

Thanks in advance to anyone who checks it out! Code: https://github.com/Drimiteros/Cleanse

https://redd.it/1pghzl0
@r_opensource

[Open Source] MiraKate : nouvelle messagerie P2P expérimentale (clé locale, protocole simple, stockage local, objectif post-quantique)

Salut à tous 👋

Je lance un nouveau projet open-source appelé MiraKate.
C’est une messagerie expérimentale, conçue pour explorer des idées différentes de celles des messageries classiques.

L’objectif n’est pas de remplacer Signal ou Matrix, mais de créer une base technique simple**,** documentée et modifiable sur laquelle la communauté peut construire, apprendre ou expérimenter.

Concept de MiraKate

MiraKate teste plusieurs idées intéressantes :

1) Échange de clés uniquement en local

Par QR code, Bluetooth, NFC, USB…
Aucune clé ne transite sur Internet.

2) Protocole minimaliste : PING → PONG → MSG → ACK

L’émetteur n’envoie un message que si le destinataire est présent.
Sinon, le message reste stocké en local et sera réessayé plus tard.

3) Stockage des messages uniquement sur les appareils

Aucun serveur central, aucun cloud.
Tout se fait pair-à-pair ou via simples relais neutres.

4) Clé différente pour chaque conversation

Isolation complète entre conversations dérivée d’un secret partagé.

5) Objectif futur : cryptographie post-quantique

via liboqs (Kyber, NTRU, etc.).

État actuel

* README et CONTRIBUTING prêts
* Architecture conceptuelle claire
* Repo GitHub créé
* Le projet est ouvert aux idées, prototypes, discussions et contributions

Repo ici : [https://github.com/warofwar2011-dev/MiraKate](https://github.com/warofwar2011-dev/MiraKate)

Contributeurs bienvenus !

MiraKate cherche :

* développeurs (débutants ou confirmés)
* amateurs de P2P
* passionnés de crypto / PQC
* designers UI/UX
* gens qui aiment écrire de la doc
* étudiants en dev cherchant un projet motivant

Aucune compétence avancée n’est nécessaire pour commencer.
Même un mini prototype ou une idée d’architecture aide beaucoup.

Idées de contributions simples :

* créer un prototype PING/PONG en Python / Go / Rust
* implémenter la file locale de messages en attente
* proposer une structure réseau (TCP simple, libp2p, WebRTC…)
* commencer l’intégration PQ via liboqs
* proposer une interface CLI simple
* aider au design du protocole

Pourquoi “MiraKate” ?

Inspiré du suricate (meerkat) :
un animal social, vigilant, discret et rapide.
Une belle métaphore pour une messagerie expérimentale.

Merci !

Si le projet vous intéresse, n’hésitez pas à :

* laisser une étoile sur GitHub,
* ouvrir une Issue,
* proposer une Pull Request,
* discuter du protocole,
* ou juste donner des idées !



https://redd.it/1pghmam
@r_opensource

I got tired of hitting API limits while testing payments, so I built my own open-source mock gateway (FastAPI + Postgres)

Wsp r/opensource!

I’ve been building e-commerce apps for a while, and testing payment integrations is always a bit of a headache. Stripe’s test mode is great, but sometimes you hit rate limits, your internet cuts out, or you just want a completely isolated Docker container that simulates a "success" or "fail" state instantly without configuring an external dashboard.

I couldn't find a self-hosted tool that simulated the entire flow (including the redirect to a payment page and 2FA), so I decided to build one myself.

It’s called AcquireMock.

The idea is simple: It’s a payment processor simulator that runs locally. It mimics the behavior of a real PSP (Payment Service Provider) like Stripe or Fondy, but gives you full control.

What it actually does:

Checkout UI: It generates a realistic payment page (supports Dark Mode and multi-language). You can enter the classic `4444...` test card.
Simulates 2FA: It triggers an OTP verification flow. It can send the code to your email or just log it to the console if you don't want to set up SMTP.
Webhooks: This was the hardest part to get right. It sends HMAC-SHA256 signed webhooks to your app. If your app crashes or returns a 500 error, AcquireMock implements retry logic with exponential backoff.
Tokenization: It supports "saving" cards for future one-click payments.

The Tech Stack: I wanted to keep it modern but stable:

Backend: Python 3.12, FastAPI, SQLModel (SQLAlchemy + Pydantic).
DB: PostgreSQL for production, but works fine with SQLite for dev.
Frontend: Just Jinja2 templates and Vanilla JS. I didn't want a heavy React build step for a dev tool.
Deployment: Docker Compose (one command to start).

Why use this? If you are teaching developers how payment flows work, building an MVP without signing up for a provider yet, or just want to run integration tests offline — this is for you.

License & Repo: It’s open source under Apache 2.0.

Repository:https://github.com/illusiOxd/acquiremock

Thanks for checking it out!

https://redd.it/1pgjvpq
@r_opensource

C ++ Standard Library implementer explains why they can't include source code licensed under the MIT license
https://www.reddit.com/r/cpp/comments/1pb6573/standard_library_implementer_explains_why_they/

https://redd.it/1pglsdm
@r_opensource

Numla - Smart Math Notes
https://numla.app

https://redd.it/1pgn1h3
@r_opensource

Can anyone Help!

Hey i am currently hoping from one Project to another in order to find bugs to resolve but i am not able to because some are outdated and many are already resolved just by others because i am too slow to capture and make a PR. can anybody please become my mentor so that i can learn to make PRs and practices to how to resolves issues and make actual worthy PRs and code solutions. please help me.

https://redd.it/1pgnws0
@r_opensource

I built HumanoidOS: An open-source control stack for bipedal robots (Python/PyBullet, 1kHz control loop)

After 5+ years in robotics , I kept rebuilding the same bipedal control foundations. So I open-sourced it.

# What It Is

HumanoidOS \- A modular control stack for bipedal robots that implements walking algorithms from first principles.


https://github.com/user-attachments/assets/32c3d915-4a07-40b2-9bd8-c78669f05bd6

Current features:

Real-time control loop (1kHz in PyBullet)
ZMP-based balance controller
7 gait patterns (walk, run, sidestep, turn)
Automatic push recovery (Capture Point dynamics)
Custom IK solver with NumPy optimization

# Why I Built This

Most bipedal resources are either:

Academic papers (math-heavy, no code)
Black-box libraries (can't learn internals)
Proprietary systems (can't access)

Wanted something in between: production-quality code that's educational and hackable.

# Architecture

humanoid-os/
├── core/ # 1kHz control loop
├── locomotion/ # Balance + gaits + recovery
├── simulation/ # PyBullet integration
└── tests/ # 100% coverage

Tech stack: Python + NumPy (optimized for sim), C++ bindings planned for hardware

Next up: Full walking demo with gravity

# Try It

git clone https://github.com/ashishjsharda/humanoid-os
pip install -r requirements.txt
python examples/kinematicsdemo.py # Zero-G test
python examples/walkingdemo.py # Walking sim

Repository: https://github.com/ashishjsharda/humanoid-os

https://redd.it/1pgmns9
@r_opensource

BeeCount - One Month Update: Dark Mode, Tags, Budget Management, AI Assistant & More

It's been a month since the last update. Thanks everyone for the continued support!

In the past month, we've iterated from v1.11.0 to v2.2.0, bringing tons of new features and improvements.

# Major Updates

# 1. Dark Mode

Finally supports dark mode! Pure black background + theme color borders:

* OLED-friendly, saves battery and protects eyes
* All pages, dialogs, and keyboards fully adapted
* Auto-switch with system or manual setting

# 2. Tag System (New!)

You can now tag your transactions - more flexible than categories:

* Multiple tags per transaction
* Custom tag colors
* Tag detail page with statistics
* Import/export supports tags

Use cases: reimbursement, travel expenses, project costs, etc.

# 3. Budget Management (New!)

Finally has budget features:

* Set monthly total budget
* Set budgets by category
* Real-time spending progress
* Over-budget alerts

# 4. Recurring Transactions (New!)

Auto-record fixed income/expenses:

* Daily/Weekly/Monthly/Yearly
* Salary, rent, subnoscriptions, etc.
* Supports transfer type
* Import/export supports recurring

# 5. Discover Page

New Discover page with quick access:

* Budget management
* Recurring transactions
* Tag management
* AI assistant
* Log center

# 6. AI Assistant Upgrade

* New AI chat feature - smart bookkeeping assistant
* Custom prompts support
* Voice recording: hold to speak, auto record
* Improved image recognition accuracy
* Shortcuts support

# 7. iCloud Sync (iOS Users)

Long-awaited feature for iOS users:

* Zero config, works out of the box
* Uses your own iCloud storage
* Multi-device auto sync (iPhone/iPad)
* Full data control

# 8. S3 Protocol Storage Support

Besides Supabase, WebDAV, and iCloud, now supports S3:

* Cloudflare R2 (10GB free, recommended)
* AWS S3
* MinIO (self-hosted)
* Aliyun OSS (S3 compatible mode)

More flexible storage options.

# 9. Independent Accounts (v2.0 Major Update)

The core change in v2.0:

* Each account tracks balance independently (cash, bank cards, credit cards, etc.)
* Transfer between accounts, auto-update both balances
* New account detail page with transaction history
* Choose income/expense account when recording

Real "account" concept, not just a label.

# 10. Sub-categories

Categories now support hierarchy:

* Parent-child structure (e.g., Food → Breakfast/Lunch/Dinner)
* Flat or hierarchical display mode
* Drag & drop sorting
* Category migration feature

# 11. Other Important Updates

**Import/Export Enhancements**:

* Supports categories, accounts, tags, budgets, recurring transactions
* Easier cross-device config migration

# Stats

**One Month Progress** (v1.11.0 → v2.2.0):

* Released **24 versions**
* Now on App Store (official release)

# Download

**iOS**:

* App Store: [BeeCount on App Store](https://apps.apple.com/app/id6754611670)
* TestFlight: [Join Beta](https://testflight.apple.com/join/Eaw2rWxa) (Global)

**Android**:

* GitHub Release: [Latest Release](https://github.com/TNT-Likely/BeeCount/releases/latest)

**Website & Docs**:

* Official Site: [https://f4b91a7e.beecount-website.pages.dev/en/](https://f4b91a7e.beecount-website.pages.dev/en/)

**Source Code**:

* GitHub: [https://github.com/TNT-Likely/BeeCount](https://github.com/TNT-Likely/BeeCount)

# What's Next

* Android release on major app stores
* Continuous UI/UX improvements
* HarmonyOS version (separate repo exists)
* More data analysis features
* Iterate based on community feedback

# Final Words

24 versions in one month - been quite a grind. This project will continue to be maintained. Feel free to open issues and suggestions!

**GitHub**: [https://github.com/TNT-Likely/BeeCount](https://github.com/TNT-Likely/BeeCount)

**Website**: [https://f4b91a7e.beecount-website.pages.dev/en/](https://f4b91a7e.beecount-website.pages.dev/en/)

Thanks for reading!

https://redd.it/1pgko4j
@r_opensource

Successfully built a business around OSS? What works in 2025?

I'm building a developer tool in the SEO space and seriously considering going open source, but I'm trying to figure out if and how that could be sustainable as a business.

I'd love to hear from people who've actually done it. What's working now? What looked good on paper but didn't pan out? How did you think about the decision early on? What business models are feasible?

For context: I'm a solo founder, the tool is technical enough that the audience would be developers, and I'm not VC-backed or chasing hypergrowth. I simply want to build something useful and make a living from it.

https://redd.it/1pgt7vm
@r_opensource

Looking for an Open-Source color E-Ink reader to read epub and pdf books

Hey, I'm looking for a Open-source (software side) color E-ink reader like a Kindle e-Reader because I have a hard time reading books on my pc. I would mainly use it for .epub and PDF files.

I found one but it doesn't have color: https://pine64.org/devices/pinenote/

thanks

https://redd.it/1pgu762
@r_opensource

I created an open source web app with ASP.NET and ML.NET backend

If somebody likes the .NET platform, and wants to contribute to a project, this is a good opportunity. You can find the github repository link on the website. My goal is to build a complex health manager platform. This is just the first test release, so it is under development when I have time for that.

Important: now the website allows photos only under 1 megabyte, because of I don't want to overload the server.

Link: https://openhealthweb.eu/

https://redd.it/1pgua1k
@r_opensource

MyCTiger: Use the Ring programming language for generating and building C programs (Prototype of the idea).
https://github.com/ringpackages/MyCTiger

https://redd.it/1pgxj97
@r_opensource

Is there a shortage of open-source tools in the the security awareness industry? Do you know any?

I've been following discussions when people requested free phishing simulation tools, LMS platforms, and security awareness training materials. It seems like open-source options in this space are surprisingly limited.

When it comes to training — haven't found any training materials at all with a decent quality.

Is this really the state of things? Maybe I'm bad at googling, but it seems like there should be more open-source alternatives available.

https://redd.it/1pgwqfy
@r_opensource

Nojoin - A self-hosted meeting intelligence app and an alternative to Otter, Firefly, Jamie, Granola, etc.
https://github.com/Valtora/Nojoin

https://redd.it/1ph0w1a
@r_opensource

user-scanner a CLI tool written on python that lets you choose unique username in all popular sites, by checking the username availability, actively looking for contributions⚡
https://github.com/kaifcodec/user-scanner

https://redd.it/1ph2aug
@r_opensource

Don't we need to shift existing and new open source projects to memory, CPU and GPU efficient code?

There was a time when operating systems and various programs required minimal resources (memory, storage, CPU) to run. I see a stark difference in the response of applications like VS Code that are built on Electron, versus IDE's like Zed that is built on Rust. I miss the nimble and fast response of Windows XP. The fast execution and response of games and programs built with C++. I know any language can be compiled to machine language and it'll automatically become fast, but the point I'm trying to make is that there was a time when engineers dedicated at least some effort to ensuring the resource efficiency of their programs. Today, that seems to be lost, with the focus shifting to quick delivery.

Programs written in C and C++ have their issues with memory safety, and I've heard that many Ubuntu modules are being re-written in Rust. That's one good choice. But when I see various other frameworks like React, Flutter, many Python frameworks (even when it's a wrapper around C++), or even just in time compilation, etc, and I see how slow and bulky they are, I realize that it not only creates a poor user experience of getting annoyed at the slowness of the program, it also consumes a lot more resources on the server, thus massively increasing the cost of running operations. Perhaps another optimization would be to have modules that automatically detect various types of GPU's and APU's and are able to not only shift a lot of the processing to the GPU, but also able to detect the GPU and recommend an appropriate driver if the user has not yet installed the right one (that can happen with users like me who did not know that AMD APU's needed a separate, specific ROCm driver).

It would be nice if the open source community considered slowly migrating to (and building) resource efficient code everywhere. I'm already doing that, by migrating my latest open source program from Python to C++.

Another important aspect to consider is syntax and semantics. Recently introduced languages have such weird syntax and nested code that it's mind-numbing to have to keep learning new syntax that was created based on the whims of some developer.

https://redd.it/1ph71nb
@r_opensource

is there who will start with me this project

# Social Media & Digital Accounts Marketplace — Full Project Cheat Sheet

# 1️⃣ Project Concept

**Goal:**
Build a **secure multi-vendor marketplace** for **buying and selling social media and digital accounts** (Instagram, TikTok, Facebook, Twitter, YouTube, etc.) with:

* AI-powered account evaluation (authenticity, engagement, potential value)
* Escrow system for safe transactions
* Multi-store support (each seller has their own store)
* Escrow moderators (limited admin) for disputes
* Analytics and KPI tracking for sellers and mods
* Buyer reviews and comments

**Target Audience:**

* Sellers: People who own social media accounts
* Buyers: People looking to buy verified, high-quality social media accounts
* Admin & Mods: Ensure security and trust

# 2️⃣ Project Roadmap (Step-by-Step)

# Phase 1 — Planning & Requirements

* Define target social platforms
* List core features & user stories
* Create role hierarchy (Admin, MOD, Seller, Buyer)
* Determine payment gateways & escrow rules
* Define analytics & reporting requirements

# Phase 2 — Tech Stack & Architecture

* Frontend: Next.js + Tailwind CSS + shadcn/ui
* Backend: NestJS + TypeORM/Prisma
* Database: PostgreSQL
* Cache / Queue: Redis + BullMQ
* Storage: AWS S3 / MinIO
* Payments: PayPal, Binance Pay, Paystack/Flutterwave, Internal Wallet + Escrow
* Realtime: WebSockets / [Socket.io](http://socket.io/)
* AI: GPT-4.1/5-mini for account evaluation

# Phase 3 — Database & API Design

* Tables: users, roles, stores, listings, orders, escrows, disputes, reviews, permissions\_mods
* Role-based access control (RBAC)
* RESTful APIs (or GraphQL if preferred) for all operations

# Phase 4 — Core Marketplace Features

* Multi-vendor stores
* List/edit/delete social/digital accounts
* AI account evaluation
* Buy Now / Auction / Silent Bid (future)
* Escrow system with MOD approval
* Buyer comments & ratings
* Automated notifications (email/push)

# Phase 5 — Escrow & Moderator System

* Lock funds in escrow when order is placed
* Escrow MOD reviews disputes & can release/refund/hold
* Fraud flags & internal notes
* Escalation to admin if unresolved

# Phase 6 — Analytics & Reporting

* Seller Dashboard: total sales, successful/failed, disputes, buyer comments, average rating, success rate
* Escrow MOD Dashboard: total escrows, active/resolved disputes, fraud flags, top sellers with disputes

# Phase 7 — Security & Compliance

* KYC / Identity verification (optional)
* GDPR / Cookie policy compliance
* Recaptcha + security best practices
* Payment & wallet security

# Phase 8 — Testing & Deployment

* Unit tests & integration tests
* Security audit
* Docker deployment + CI/CD (GitHub Actions)
* Cloudflare CDN / WAF for protection
* Production monitoring & logs

# 3️⃣ Roles & Permissions

|Role|Permissions|
|:-|:-|
||
|Admin|Full control: users, stores, categories, payments, mods, system settings|
|Escrow MOD|Manage disputes & escrows only|
|Seller|CRUD listings, manage store, view analytics, respond to comments|
|Buyer|Browse, buy, report issues, leave reviews/comments|
|Guest|Browse only|

# 4️⃣ Database Structure (Key Tables)

# users → id, role_id, name, email, password, wallet_balance, created_at

# roles → id, name (admin, mod, seller, buyer)

# stores → id, seller_id, name, denoscription, created_at

# listings → id, store_id, noscript, platform, price, details, status, ai_score, created_at

# orders → id, buyer_id, seller_id, listing_id, amount, status, created_at

# escrows → id, order_id, buyer_id, seller_id, mod_id, status, locked_amount, created_at

# disputes → id, order_id, mod_id, status, decision, notes, created_at

# reviews → id, order_id, buyer_id, seller_id, rating, comment, created_at

# permissions_mods → id, mod_id, permission (escrow.view, escrow.decide, dispute.manage, listing.flag, user.flag)

# 5️⃣ API Endpoints (Essential)

**Seller**

GET /api/seller/{seller_id}/stats
GET /api/seller/{seller_id}/listings
POST /api/seller/listing
PUT /api/seller/listing/{id}
DELETE

/api/seller/listing/{id}

**Buyer**

GET /api/listings
POST /api/order
POST /api/order/{order_id}/report
POST /api/order/{order_id}/review

**Escrow Moderator**

GET /api/mod/escrow
GET /api/mod/escrow/{id}
POST /api/mod/escrow/{id}/release
POST /api/mod/escrow/{id}/refund
POST /api/mod/escrow/{id}/hold
GET /api/mod/disputes
POST /api/mod/dispute/{id}/resolve
POST /api/mod/dispute/{id}/escalate

**Admin**

GET /api/admin/users
GET /api/admin/stores
POST /api/admin/category
PUT /api/admin/settings

# 6️⃣ Analytics Formulas

* **Success Rate** = `(successful_sales / total_sales) * 100`
* **Dispute Rate** = `((active_disputes + closed_disputes) / total_sales) * 100`

# 7️⃣ Workflow (Buyer → Seller → MOD → Admin)

1. Buyer buys → funds locked in escrow
2. Seller delivers credentials
3. Buyer confirms → release funds
4. If dispute → MOD reviews: release/refund/hold
5. Escalate to Admin if unresolved/fraud detected

# 8️⃣ Tech Stack Summary

|Layer|Tech|
|:-|:-|
||
|Frontend|Next.js + Tailwind CSS + shadcn/ui|
|Backend|NestJS + TypeORM / Prisma|
|Database|PostgreSQL|
|Cache / Queue|Redis + BullMQ|
|Storage|AWS S3 / MinIO|
|Payments|PayPal, Binance Pay, Paystack/Flutterwave, Internal Wallet + Escrow|
|Realtime|WebSockets / [Socket.io](http://socket.io/)|
|AI|GPT-4.1/5-mini, OCR for screenshots|
|DevOps|Docker, Nginx, CI/CD, Cloudflare|

# 9️⃣ Optional / Future Enhancements

* Auction / Silent Bid system
* Multi-language
* Seller subnoscription (one-time/monthly)
* AI auto-validation of credentials/screenshots
* Export CSV/PDF of sales & disputes
* Fraud prediction AI
* Mobile app integration (React Native or Flutter)

✅ **Cheat Sheet Purpose:**

* Gives devs **full scope of the project**
* Defines **roles, DB, API, tech, workflows, dashboards**
* Can be used as a **roadmap + reference** during development

https://redd.it/1ph8qbw
@r_opensource