The OpenDevSecOps project mission is to provide a world-class resource for implementing complete devsecops and secops programs within organizations of any shape and size using off-the-shelf tools and access to our vibrant community.


Pown.js is an experimental security framework for node. It aims to be security driven with contributions via NPM package registry. The project is currently in its infancy.


SecApps is a security testing toolkit which runs directly from your own web browser leveraging the capabilities of a browser extension available for both Chrome and Firefox. SecApps is a very mature web application security testing framework with capabilities on par with other products like Burp and ZAP but without the overhead, these tools bring with them. SecApps also distributes several desktop and server tools (AppBandit Attack Proxy, WebReaver Security Scanner, and Cohesion CI testing tooling) which are also part of the online suite.

SecApps is under Websecurify's management.


Websecurify is an application security company based in London. Websecurify was initially founded to support the Websecurify automated security scanner which was open source. Due to lack of contributions, the tool was canceled and SecApps was born which offers many free features but it also has a commercial aspect.

Vulnerability Researchers

Vulnerability Researchers is one of the larger security groups on LinkedIn. The group was founded 2008-2009 it is still active thanks to the active community support.

House Of Hackers (defunct)

The first and the only one hacker social network. The network was formed in May 2008 and quickly reached over 30,000 members. Due to many reasons, we had to shut it down. This is bar far one of the most regretful decisions ever made by GNUCITIZEN staff.

Blogsecurify (defunct)

Back in the days blogging platforms were a no match to seasoned hackers and the GNUCITIZEN team were really good at it. So we decided to fix it by creating a set of Wordpress plugins and tools to protect Wordpress blog all over the world. This as far as we know were the first security tooling made specifically to protect Wordpress installations.

Securls (defunct)

We bought to create an alternative to While the project was interesting it never gained any tractions. The domain expired and someone else bought it under our busy nose.

Agile Hacking (defunct)

The idea behind Agile Hacking was to create the first crowdsourced information security resource - essentially an alternative to all information security books combined. The project existed briefly and never materialized to anything other than a few small contributions. We have created a GitHub organization in memory of this project. Feel free to contact us if you want to take the lead.

Exploit Sweatshop (defunct)

This was a failed attempt to create a public vulnerability acquisition program. There is more about this over here.