oops.zone

Open
Source
Tools

Infrastructure scanning and dependency security. Built for engineers who run their own servers and ship their own code.

3
Tools
7
Ecosystems
25
Threats
GitHub @esenkalumut

Tools

3 Active
New — Claude Code Skill
Server
Scout

Run once, use forever. Scans your entire server and generates a persistent knowledge base. Claude auto-loads it every session — zero discovery overhead, instant context.

12+
Services
1
Command
Auto-update
Learn More ↓
Security Scanner
Supply
Chain

Multi-ecosystem supply chain attack scanner. Detects compromised packages, malware artifacts, and C2 connections across your entire dependency tree.

25
Threats
7
Ecosystems
5
Methods
Learn More ↓
AI-Powered Discovery
Discover

AI-scored GitHub repository discovery. Finds trending repos, scores them across 5 dimensions with LLM, and tweets the best ones daily.

5
AI Dimensions
24/7
Scanning
Auto
Tweets
Learn More ↓

Server Scout

Claude Code Skill
01
Scan Once

One command scans every service, port, config, database, domain, SSL cert, and .env file. Single bash call, single permission prompt.

02
Generate

Creates a persistent CLAUDE.md + per-service docs. Auto-loaded every session. Claude knows your server without re-discovering anything.

03
Save Tokens

Without this: 50-100K tokens burned on discovery per session. With this: zero. Claude reads the docs and starts working immediately.

04
Stay Secure

Credentials in gitignored .credentials file. Optimization report flags security risks, performance issues, and expiring SSL certs.

Nginx sites
PostgreSQL dbs
Redis config
Docker containers
SSL certs
Mail system
DNS zones
Monitoring stack
01
CLAUDE.md Index

80 lines max. Domain map, service table, architecture link. Everything Claude needs at a glance without wasting context.

02
Service Files

One .md per service: nginx.md, postgresql.md, redis.md. TL;DR header, config tables, dependency graph. Read only when needed.

03
Optimization Report

Critical / Important / Nice-to-have. Checks shared_buffers, SSL expiry, security headers, fail2ban, SSH config, disk usage.

Install & Run
# one-liner install (auto-updates every 6h)
curl -fsSL https://raw.githubusercontent.com/oopsalldev/server-scout/main/install.sh | bash

# run in claude code
/server-scout

# output
CLAUDE.md                    # lean index
.server-docs/services/*.md   # per-service details
.server-docs/optimizations.md # recommendations
.server-docs/.credentials    # passwords (gitignored)

Supply Chain Scanner

25 Active Threats
01
Load Threats

JSON threat database with compromised versions, C2 IPs, malware hashes, and IOCs.

02
Scan Deps

Checks node_modules, pip, Gemfile.lock, Cargo.lock, go.sum, composer.lock.

03
Hunt

Malware files on disk. Active C2 connections. Malicious CDN refs. Bad lockfile shasums.

04
Report

CLEAN / WARNING / COMPROMISED verdict. Remediation steps per threat.

npm 9
PyPI 5
RubyGems 3
Cargo 2
Go 3
Composer 1
NuGet 2

Threat Database

25 Active
PyPI2026
TeamPCP
LiteLLM + Telnyx. K8s lateral movement, systemd backdoor, cascading CI/CD
Go2026
Fake x/crypto
Rekoobe backdoor deploys via typosquatted golang.org/x/crypto
npm2025
Shai-Hulud
Self-replicating worm. 1000+ packages. Cloud token theft
npm2025
Nx Stealer
AWS admin takeover in 72h via OIDC trust chain abuse
npm2025
Axios RAT
Cross-platform remote access trojan via plain-crypto-js
Go2025
Disk Wiper
Overwrites /dev/sda. Linux systems destroyed completely
CDN2024
Polyfill.io
380K+ websites. Domain hijacked. North Korea linked
PyPI2024
Ultralytics
XMRig cryptominer via GitHub Actions cache poisoning
Multi2018—24
+17 More
ua-parser-js, coa/rc, event-stream, Solana, torchtriton, colorama, rest-client, bootstrap-sass...
Quick Start
# clone and scan
git clone https://github.com/oopsalldev/npm-supply-chain-scanner
./scripts/scan.sh --path /your/project

# github action
uses: oopsalldev/npm-supply-chain-scanner@main

# claude code
/scan

Discover

AI-Powered Repo Discovery
01
Fetch

Scans GitHub every 30 minutes for trending repos across AI, security, devtools, and infrastructure topics. Filters by stars, recency, and growth.

02
Score

LLM analyzes each repo across 5 dimensions: usefulness, code quality, documentation, innovation, and community. Weighted overall score 0-100.

03
Curate

Categorizes into ai-coding, ai-agents, llm-tools, security, web, devtools, infra, and more. Filterable and searchable web interface.

04
Share

Top repos (score 70+) are automatically tweeted daily from @esenkalumut with AI-generated descriptions. No manual curation needed.

AI Agents repos
LLM Tools repos
Security repos
DevTools repos
Infra repos
Web repos
Try It
# browse curated repos
https://discover.oops.zone

# filter by category, language, sort by score
https://discover.oops.zone/?category=ai-agents&sort=score

# follow for daily top repos
@esenkalumut on X

Built with Claude Code by oops.zone