🛠️ All DevTools

[Other] A clean, responsive, and modern JSON Formatter. A clean, responsive, and modern JSON Formatter. Paste unformatted JSON, format it with syntax highlighting, copy the result, or clear the editor.

[Other] Opensource nuxt saas boilerplate The NuxtJS boilerplate with all the stuff you need to get your product in front of customers. From idea to production in 1 hour.

[Other] Fastest way to learn! Unlock the full power of Regular Expressions with an interactive learning experience designed for all skill levels. Whether you're a developer, data analyst, or just curious, this app makes learning regex easy, fun, and practical.

[Testing] No code. No records of steps. No prompts. Just a URL Drop in a URL and our AI scans your site, generates end-to-end tests, and runs them — no code, no recording of steps, no setup. Built for real projects: for engineers by engineers.

[Other] Create an IPhone/Android app without coding Mobilable.dev transforms your app idea into a native iOS/Android app in minutes using AI. No coding needed, generate React Native code, UI, backend, and deploy to app stores instantly. Build and launch your app effortlessly at mobilable.dev!

[Other] Show HN: MCP Security Suite Hi HN!<p>We kept seeing devs get pwned through MCP tools in ways that security scanners completely miss. So we built an open-source analyzer to catch these attacks. Our first OSS by Mighty team.<p>The problem: At Defcon, we saw MCP exploits with 100% success rate against Claude and Llama. Three attack patterns:<p>Hidden Unicode in &quot;error messages&quot; - Paste a colleague&#x27;s error into Claude, your SSH keys get exfiltrated Trusted tool updates - That database tool you&#x27;ve used for months? Last week&#x27;s update added credential theft Tool redefinition - Malicious tool redefines &quot;deploy to prod&quot; to run attacker&#x27;s script<p>Traditional scanners (CodeQL, SonarQube) catch &lt;15% of these. They&#x27;re looking for SQLi, not prompt injections hidden in tool descriptions.<p>What we built: git clone <a href="https:&#x2F;&#x2F;github.com&#x2F;NineSunsInc&#x2F;mighty-security" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;NineSunsInc&#x2F;mighty-security</a><p>python analyzers&#x2F;comprehensive_mcp_analyzer.py &#x2F;path&#x2F;to&#x2F;your&#x2F;mcp&#x2F;tool<p>Scans for prompt injection, credential exfil, suspicious updates, tool shadowing. Runtime wrapper adds &lt;10ms overhead. Fully local, no telemetry.<p>Why this matters: 43% of MCP tools have command injection vulns. GitHub&#x27;s own MCP server was exploitable. We found Fortune 500s running database-connected MCP tools that hadn&#x27;t been audited since installation. We went from paranoid code review to &quot;AI said it works&quot; in 18 months. The magic is real, but so are the vulnerabilities.<p>Demo: <a href="https:&#x2F;&#x2F;www.loom.com&#x2F;share&#x2F;e830c56d39254a788776358c5b03fdc3" rel="nofollow">https:&#x2F;&#x2F;www.loom.com&#x2F;share&#x2F;e830c56d39254a788776358c5b03fdc3</a><p>GitHub: <a href="https:&#x2F;&#x2F;github.com&#x2F;NineSunsInc&#x2F;mighty-security" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;NineSunsInc&#x2F;mighty-security</a><p>Would love feedback - what MCP security issues have you seen?

[Other] Show HN: Modelence – Supabase for MongoDB Hi all, Aram and Eduard here - authors of Modelence (<a href="https:&#x2F;&#x2F;github.com&#x2F;modelence&#x2F;modelence" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;modelence&#x2F;modelence</a>), an all-in-one backend platform for teams that love TypeScript + MongoDB. Think Supabase, but for MongoDB: auth, cron jobs, email, monitoring, without glue code before you can ship.<p>As Karpathy (and many of us) noted, getting from prototype to production is mostly painful integration work. The pieces exist, but stitching them together reliably is the hard part: <a href="https:&#x2F;&#x2F;x.com&#x2F;karpathy&#x2F;status&#x2F;1905051558783418370" rel="nofollow">https:&#x2F;&#x2F;x.com&#x2F;karpathy&#x2F;status&#x2F;1905051558783418370</a>. YC AI Startup School talk about this - <a href="https:&#x2F;&#x2F;www.youtube.com&#x2F;watch?feature=shared&amp;t=1940&amp;v=LCEmiRjPEtQ" rel="nofollow">https:&#x2F;&#x2F;www.youtube.com&#x2F;watch?feature=shared&amp;t=1940&amp;v=LCEmiR...</a><p>We intend to fill those gaps! What you get out of the box:<p>- Authentication &#x2F; user management<p>- Database<p>- Email integration (3rd party, but things like user verification emails work out of the box)<p>- AI integration<p>- Cron jobs<p>- Monitoring &#x2F; Telemetry<p>- Configs &amp; secrets<p>- Analytics (coming soon)<p>- File uploads (coming soon)<p>How it runs: A Node.js backend with MongoDB. It&#x27;s frontend-agnostic, so you can use our minimal Vite + React starter or drop Modelence behind an existing Next.js (or any) frontend.<p>We&#x27;re also building a managed cloud, similar to what Vercel is for Next.js, except Modelence focuses on the backend instead of the frontend (Vercel is great for content sites like landing pages, blogs, etc, but things like persistent connections and complex backend logic outgrow it quickly). You can find a quick demo here: <a href="https:&#x2F;&#x2F;www.youtube.com&#x2F;watch?v=S4f22FyPpI8" rel="nofollow">https:&#x2F;&#x2F;www.youtube.com&#x2F;watch?v=S4f22FyPpI8</a><p>We&#x27;re looking for early users (especially TS teams on MongoDB). Tell us what&#x27;s missing, what&#x27;s confusing, and what you&#x27;d want before trusting this in prod. Happy to answer anything!

[Other] I Made a Realtime C/C++ Build Visualizer

[CLI Tool] Show HN: OWhisper – Ollama for realtime speech-to-text Hello everyone. This is Yujong from the Hyprnote team (<a href="https:&#x2F;&#x2F;github.com&#x2F;fastrepl&#x2F;hyprnote" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;fastrepl&#x2F;hyprnote</a>).<p>We built OWhisper for 2 reasons: (Also outlined in <a href="https:&#x2F;&#x2F;docs.hyprnote.com&#x2F;owhisper&#x2F;what-is-this" rel="nofollow">https:&#x2F;&#x2F;docs.hyprnote.com&#x2F;owhisper&#x2F;what-is-this</a>)<p>(1). While working with on-device, realtime speech-to-text, we found there isn&#x27;t tooling that exists to download &#x2F; run the model in a practical way.<p>(2). Also, we got frequent requests to provide a way to plug in custom STT endpoints to the Hyprnote desktop app, just like doing it with OpenAI-compatible LLM endpoints.<p>The (2) part is still kind of WIP, but we spent some time writing docs so you&#x27;ll get a good idea of what it will look like if you skim through them.<p>For (1) - You can try it now. (<a href="https:&#x2F;&#x2F;docs.hyprnote.com&#x2F;owhisper&#x2F;cli&#x2F;get-started" rel="nofollow">https:&#x2F;&#x2F;docs.hyprnote.com&#x2F;owhisper&#x2F;cli&#x2F;get-started</a>)<p><pre><code> bash brew tap fastrepl&#x2F;hyprnote &amp;&amp; brew install owhisper owhisper pull whisper-cpp-base-q8-en owhisper run whisper-cpp-base-q8-en </code></pre> If you&#x27;re tired of Whisper, we also support Moonshine :) Give it a shot (owhisper pull moonshine-onnx-base-q8)<p>We&#x27;re here and looking forward to your comments!

[API/SDK] Show HN: I built a free alternative to Adobe Acrobat PDF viewer I built EmbedPDF: an MIT-licensed, open-source PDF viewer that aims to match all of Adobe Acrobat’s paid features… for free.<p>Already working:<p>- Annotations (highlight, sticky notes, free text, ink)<p>- True redaction (content actually removed)<p>- Search, text selection, zoom, rotation<p>- Runs fully in the browser, no server needed<p>- Drop-in SDK for React, Vue, Preact, vanilla JS<p>Why? Acrobat is heavy, closed, and pricey. I wanted something lightweight, hackable, and embeddable anywhere.<p>Demo: <a href="https:&#x2F;&#x2F;app.embedpdf.com&#x2F;" rel="nofollow">https:&#x2F;&#x2F;app.embedpdf.com&#x2F;</a> Website: <a href="https:&#x2F;&#x2F;www.embedpdf.com&#x2F;" rel="nofollow">https:&#x2F;&#x2F;www.embedpdf.com&#x2F;</a> GitHub: <a href="https:&#x2F;&#x2F;github.com&#x2F;embedpdf&#x2F;embed-pdf-viewer" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;embedpdf&#x2F;embed-pdf-viewer</a><p>Feedback, bug reports, and feature requests welcome!

[Other] Modern YouTube downloader with a clean PySide6 interface. Download videos in any quality, extract audio, fetch subtitles, sponserBlock, and view video metadata. Built with yt-dlp for reliable performance.

[Other] Component infrastructure and Material Design components for Angular

[DevOps] External Secrets Operator reads information from a third-party service like AWS Secrets Manager and automatically injects the values as Kubernetes Secrets.

[Other] Python ETL framework for stream processing, real-time analytics, LLM pipelines, and RAG.

[Other] Show HN: E-commerce data from 100k stores that is refreshed daily Hi HN! I&#x27;m building Agora, an AI search engine for e-commerce that returns results in under 300ms. We&#x27;ve indexed 30M products from 100k stores and made them easy to purchase using AI agents.<p>After launching here on HN, a large enterprise reached out to pay for access to the raw data. We serviced the contract manually to learn the exact workflow and then decided to productize the &quot;Data Connector&quot; to help us scale to more customers.<p>The Data Connector enables developers to select any of our 100k stores in the index, view sample data, format the output, and export the up-to-date data. Data can be exported as CSV or JSON.<p>We&#x27;ve built crawlers for Shopify, WooCommerce, Squarespace, Wix, and custom built stores to index the store information, product data, stock, reviews, and more. The primary technical challenge is to recrawl the entire dataset every 24 hours. We do this with a series of servers that &quot;recrawl&quot; different store-types with rotating local proxies and then add changes to a queue to be updated in our search index. Our primary database is Mongo and our search runs on self-hosted Meilisearch on high RAM servers.<p>My vision is to index the world&#x27;s e-commerce data. I believe this will create market efficiencies for customers, developers, and merchants.<p>I&#x27;d love your feedback!

[Other] Maximize the power of colors Chromo is a powerful color analysis tool that instantly gives you detailed info from any HEX code. See multiple color formats, contrast checks, shades, tones, and related colors — perfect for designers, developers, and anyone working with colors.

[Other] Complete coding platform DormData is the ultimate coding practice and competition platform designed for developers who want to level up their skills through real challenges, real competition, and real results.

[IDE/Editor] One tool that solves all your coding needs! Coding Assistant offers Personalized Coding Tutor, Code Generator, Explainer, Refactor, Convertor, Debugger, beginner-level coding interview problems, Compiler, and Daily News in Tech and Programming. It acts like your ultimate coding companion.

[Other] Modern toggle switches built with pure CSS A collection of sleek, animated CSS toggle switches ready to copy and paste. Fully responsive and customizable without any JavaScript. Perfect for developers and designers looking to enhance UI forms. 🔗 https://www.themedevhub.com/tools/css-switch-collection

[Other] Interactive game worlds from a single image Hunyuan-GameCraft by Tencent is an open-source model for generating playable, high-dynamic game videos from a single image and user actions. It offers fine-grained control and impressive realism for creators and developers.