ੴ Sikh University
ਸਿੱਖ ਯੂਨੀਵਰਸਿਟੀ
Education / Sikhi
◆Live Ongoing
A free, open online university for Sikhi — from the basics to the depths.
Sikh University is a free, open online university where anyone, anywhere can study Sikhi — from its basics to its depths. 200+ courses across 19 subjects (theology, history, philosophy, ethics, comparative religion, apologetics, science, language, music, the arts and more), each drawn from the works of a named Sikh scholar acting as the course professor, with tests, certificates, learning paths and magic-link accounts. It also has a read-along reader for the complete Sri Guru Granth Sahib Ji, Dasam Granth and Sri Sarbloh Granth Sahib with Santhya audio. Built free and open on Cloudflare, alongside the Sikh Archive.
- 200+ courses across 19 subjects, each attributed to a real Sikh scholar, with key terms in Punjabi (Gurmukhi) and Chicago-style citations.
- A read-along reader for the complete SGGS, Dasam Granth and Sri Sarbloh Granth Sahib, plus a beginner Gurmukhi primer (Baal Updesh).
- A full platform: magic-link accounts, 80%-to-pass tests, printable certificates, learning paths, search, and one site-wide light/dark theme — on Cloudflare (Workers + D1 + R2), in Astro + Tailwind.
AstroTailwindCloudflare WorkersD1 / R2
S Sightline
Compliance / GRC
◆Live Published Jun 7, 2026
Know your compliance before an auditor — or an attacker — does.
Sightline is a compliance platform that continuously checks your security posture against 22+ frameworks — NIST CSF 2.0, HIPAA, SOC 2, PCI DSS, ISO 27001, CMMC, FERPA, GDPR, and more. It connects to the identity, device, cloud, and ticketing tools you already run and tells you, in plain English, exactly where you stand — before a gap turns into a failed audit or a breach.
- Continuous, plain-English verdicts on controls across 22+ regulatory frameworks at once.
- Connects to your existing identity, MDM, cloud, and ticketing tools to gather evidence automatically.
- Board-ready executive summaries with drill-down findings and licensed-professional GRC sign-off.
ComplianceGRCNIST / SOC 2 / HIPAASecurity Posture
B Bastion
Cybersecurity / GRC
◆Live Published Jun 12, 2026
CMMC Level 2, without the consultant.
Bastion walks defense suppliers through all 110 NIST 800-171 controls, calculates a live DoD SPRS score, and generates an audit-ready System Security Plan and POA&M — entirely in the browser, so sensitive CUI never leaves the machine. Built for the small and mid-size suppliers that primes like Boeing now require to reach CMMC Level 2.
- Guided 110-control NIST 800-171 self-assessment with a live, methodology-accurate DoD SPRS score.
- Auto-generates the SSP and POA&M assessors expect, and prioritizes the highest-impact gaps to fix first.
- Integrates with Sightline (compliance posture) and Cairn (asset inventory) to auto-evidence controls.
NIST 800-171CMMCGRCJavaScript
◆Live Published Jun 13, 2026
Prove HIPAA compliance before an auditor — or 2026 — does.
Ward is a guided, plain-English HIPAA Security Risk Assessment plus a full compliance program: SRA, risk register, policy and BAA management, training records, and a one-click 2026 Security Rule readiness gap report. Local-first so PHI never leaves the machine, with optional cloud sync for multi-device and MSP multi-client management.
- Guided HIPAA Security Risk Assessment across all 7 ONC sections with a plain-English risk register.
- One-click 2026 HIPAA Security Rule gap report with a prioritized POA&M.
- Local-first (PHI never leaves the machine) with optional cloud sync and an MSP multi-client console.
HIPAASecurity Risk AssessmentGRCLocal-First
◆Live Published Jun 13, 2026
Write, version, and prove your security policies.
Charter is a guided security-policy generator plus a version-controlled, audit-ready policy library and full attestation workflow — draft, review, approve, publish, assign, attest. Real version diffs, framework-mapped clauses (HIPAA, FERPA, CMMC/800-171, SOC 2, ISO 27001, CIS, NIST), and machine-readable evidence that flows into Sightline, Bastion, and Ward.
- Generates 25+ framework-mapped security policies from a plain-English questionnaire.
- Built-in version control with real clause-level diffs and an employee attestation workflow.
- Approved policies and attestations become evidence that feeds Sightline, Bastion, and Ward.
Policy ManagementAttestationVersion ControlGRC
◆Live Published Jun 13, 2026
Vendor & third-party risk + BAA tracking.
Covenant tracks third-party risk, security reviews, and Business Associate Agreements across every vendor — so you always know who touches your data, what they signed, and when each agreement expires. Risk scoring, questionnaire workflows, and BAA lifecycle management in one console.
- One register for every vendor: risk tier, security review status, and BAA on file.
- BAA lifecycle tracking with renewal and expiry alerts so no agreement lapses.
- Multi-tenant MSP console with white-label vendor portals and bulk reporting.
TPRMBAA TrackingVendor RiskGRC
W Watchword
Awareness / Phishing
◆Live Published Jun 13, 2026
Phishing simulation + security-awareness training.
Watchword runs phishing simulations and delivers security-awareness training that actually changes behavior — with per-user risk scores that prove your workforce is getting harder to fool. Scheduled campaigns, branded landing pages, and compliance training tracks.
- Realistic phishing simulations with per-user risk scoring over time.
- SCORM courses and compliance training tracks with completion reporting.
- Per-user pricing with a volume MSP tier and cross-client benchmarking.
Phishing SimulationSecurity AwarenessTrainingReporting
◆Live Published Jun 13, 2026
IT onboarding & offboarding, automated.
Passage automates the IT side of onboarding and offboarding so nothing — and no access — slips through the cracks. Provision, transfer, and revoke across every app on day one and last day, with approval workflows, app connectors, and a full audit trail.
- Automated provisioning and deprovisioning across your app stack via connectors.
- Approval workflows, role templates, and SSO/SCIM sync for clean access control.
- Per-user pricing with a multi-tenant MSP console and per-client runbooks.
IT LifecycleOnboarding / OffboardingProvisioningIT Ops
◆Live Published Jun 13, 2026
Continuous vuln & external attack-surface scanner.
Perimeter continuously scans your external attack surface and known vulnerabilities, and tells you what to fix first — discovering the assets, domains, and exposures attackers can already see. Continuous scanning, vuln prioritization, and ticketing integrations.
- Discovers your external attack surface — domains, assets, and exposures.
- Continuous scanning with vulnerability prioritization and Slack/email alerts.
- Ticketing integrations, scheduled reports, and a multi-tenant MSP tier.
Attack SurfaceVulnerability ScanningSecurityContinuous Monitoring
◆Live Published Jun 13, 2026
Incident response + breach notification playbook.
Klaxon gives you guided incident-response and breach-notification playbooks so you know exactly who to tell, and when — with jurisdiction-aware HIPAA and all-50-state notification timelines built in. Runbook builder, evidence log, tabletop exercises, and SLA timers.
- Jurisdiction-aware HIPAA and all-50-state breach-notification timelines.
- Runbook builder, evidence log, and notification templates for live incidents.
- Tabletop exercises, SLA timers, and a multi-tenant MSP IR dashboard.
Incident ResponseBreach NotificationHIPAASecurity
◆Live Published Jun 13, 2026
Turn an Obsidian vault into a governed company documentation hub.
Ledger turns an Obsidian vault into a governed, company-grade documentation hub: a shared org vault with roles and permissions, review/approval governance, org-wide search, read-only published portals, and a full audit trail. Everything stays Obsidian-compatible Markdown — no lock-in. Run it hosted, or self-host the open-source core.
- Shared org vault with roles, permissions, and review/approval governance over every doc.
- Org-wide search, read-only published portals for readers, and a complete audit trail.
- Obsidian-compatible Markdown with no lock-in — hosted, or self-host the open-source core.
DocumentationObsidianMarkdownKnowledge Base
ਗ GurmukhiFix
Python / OCR / NLP
◆Live Published Jun 11, 2026
Safe, evidence-gated OCR correction for Gurmukhi & Indic scripts.
An OCR post-processing engine that repairs the systematic Unicode-order and diacritic errors OCR makes on Gurmukhi (Punjabi), Hindi and Devanagari — and is built so it can never silently corrupt correct text, including Gurbani. Every automatic change must clear an evidence gate: verbatim scripture is locked, and any substitution needs a validity gain or a dictionary hit. It is engine-agnostic, reading Tesseract, Surya, Gemini and Google Vision output alike.
- An evidence gate plus a 67,000-word Gurbani lexicon lock scripture and refuse any blind, unsupported edit — proven by property-based tests across every supported script.
- OCR-engine-agnostic input (Tesseract JSON/TSV/hOCR, ALTO, Surya, Google Vision), so it survives the shift beyond Tesseract.
- On 300 real Sri Guru Granth Sahib lines with OCR errors injected, character error rate drops to 0.00 — with zero corruption of clean text.
- Live on PyPI — pip install gurmukhifix — with the Gurbani lexicon bundled inside the wheel.
PythonUnicodeGurbani lexiconPyPI
L Lookout
Infrastructure / Monitoring
◆Live Published Jun 11, 2026
Know your servers are healthy — before they’re not.
Lookout is infrastructure monitoring built for humans. Lightweight agents report each server’s health to one dashboard in plain English — “disk /data is 94% full” instead of a wall of raw metrics — so anyone can tell what needs attention at a glance.
- Single, dependency-free agent for Linux, Windows, and macOS — outbound-only, no open ports.
- Plain-English OK / WARNING / CRITICAL alerts via email, Slack, or webhooks, with deduplication and escalation.
- Nagios-plugin compatible, with managed and on-prem deployment options.
MonitoringAgentsAlertingCross-Platform
C Cairn
IT Asset Reconciliation
◆Live Published Jun 10, 2026
Every device. One source of truth.
Cairn reconciles your device fleet across every tool you already run — Jamf, Intune, Kandji, JumpCloud, CrowdStrike, Defender, and more — and syncs one authoritative inventory into Snipe-IT. It resolves conflicting records by serial number, previews every change with a dry run, and finally makes your asset system of record actually accurate. Open-source under AGPL-3.0.
- Pulls from 12+ MDM and EDR sources and writes one reconciled source of truth to Snipe-IT.
- Serial-based reconciliation with a trust-priority system and a dry-run preview before any change.
- Single cross-platform binary (macOS, Windows, Linux) with a guided GUI — no YAML required.
Snipe-ITMDM / EDR SyncOpen Source (AGPL)Cross-Platform
S Sikh Library — Living Dataset
NLP / Dataset
◆Live Published May 31, 2026
The open corpus underneath it all.
A continuously updated multilingual corpus of Sikh manuscripts, scripture, and classical literature spanning English, Punjabi, Urdu, Hindi, and Devanagari script — over 758 million words across a 9 GB corpus. Curated to support RAG pipelines, semantic search, and NLP research on underrepresented South Asian languages.
- Structured to power RAG pipelines, semantic search, and NLP research.
- Focused on underrepresented South Asian languages and rare historical texts.
- Open-access — built to preserve and democratize Sikh heritage for the global community.
DatasetHuggingFaceMultilingualOpen Access
ੴ SikhArchive.net
Collaboration · Digital Heritage
◆Live Ongoing
Five centuries of Sikh literature, open to the world.
SikhArchive.net is a collaborative, open-access archive that makes centuries of Sikh manuscripts and literature freely searchable. This isn’t my own project — I contribute to it as a developer, helping push the platform forward alongside the team.
- Working on integrating the 758M+ word Sikh Library dataset into the platform.
- Built Gurbani search and an AI-powered search engine, plus design improvements.
- Patching security vulnerabilities and shipping mobile web-app improvements.
WebAI SearchSecurityMobile Web