S4E is committed to transparency and community collaboration. Core agent, playbook, and utility projects that support the S4E ecosystem are released as open source software, enabling developers to extend, inspect, and contribute to the security community.
What is Open Source
The following projects are open source under the s4e-io GitHub organization:
- Opservant Spark - Autonomous security agent that executes playbooks and actions in real time, built for continuous, AI-powered defense.
- Opservant Playbooks - Community-driven security playbooks and automation workflows for continuous, AI-powered defense.
- Captcha Bypass - A utility tool that automates work using known captcha bypass methods.
What Remains Proprietary
| Component | License |
|---|---|
| opservant-spark | AGPL-3.0 |
| opservant-playbooks | AGPL-3.0 |
| captcha-bypass | GPL-3.0 |
Supported & Sponsored Projects
S4E actively supports and sponsors key open source security projects used by the global community.
nuclei-templates (Contributor - Top 4 Worldwide)
S4E is one of the top 4 contributors worldwide to nuclei-templates, the community-curated template library for the Nuclei vulnerability scanner by ProjectDiscovery. With 12,000+ stars, 69,000+ commits, and nearly 12,000 templates covering CVEs, misconfigurations, and exposures, nuclei-templates is the largest open source vulnerability detection template repository in the world.
- Repository: github.com/projectdiscovery/nuclei-templates
- License: MIT
- S4E's role: Active contributor (top 4 globally)
Wapiti (Sponsor)
S4E is a sponsor of Wapiti, an open source web application vulnerability scanner written in Python. Wapiti performs black-box scanning by crawling web pages and injecting payloads to detect vulnerabilities including SQL injection, XSS, SSRF, XXE, Log4Shell, and more.
- Repository: github.com/wapiti-scanner/wapiti
- License: GPL-2.0
- S4E's role: Sponsor
Why Open Source
- Transparency - Security tools should be inspectable. Open source projects let you verify the code that protects your infrastructure.
- Community contributions - Developers can submit playbooks, actions, and automation workflows that benefit the entire S4E community.
- Extensibility - Build custom integrations and security workflows using the same agent that powers the platform.
- Interoperability - Open standards (CACAO-aligned playbooks) and open code enable integration with other security tools.
Community Channels
- GitHub - All open source repositories are hosted under the s4e-io organization.
- GitHub Discussions - Ask questions, share ideas, and discuss features in the Discussions tab of each repository.
- Contact - General inquiries at [email protected].
How to Get Involved
- Use the tools - Deploy Opservant Spark, run community playbooks, and integrate them into your workflow.
- Report issues - Found a bug? Open a GitHub Issue with reproduction steps.
- Submit pull requests - Contribute fixes, features, or documentation improvements.
- Share playbooks - Publish your custom playbooks and automation workflows to the community library.
- Join discussions - Participate in architecture decisions and feature planning in GitHub Discussions.
Tip
New contributors should start with issues labeled good first issue in any S4E repository. These are curated for approachability and include clear context.
Next Steps
- Repositories for a complete list of open source projects.
- Contributing Guide for the PR process and code standards.