More from MSP Reboot: depl0y · st0r
Open source · Self-hosted · MIT License

IT documentation
without the invoice.

A full IT Glue replacement that runs on your hardware. AES-GCM encrypted vault, TOTP 2FA, 42 permission levels, 8 PSA integrations — no subscription, no vendor lock-in.

Get started View on GitHub →
ClientSt0r dashboard
$0 per year
42 permission levels
8 PSA integrations
3 RMM providers
AES-GCM encryption
Credential Management

Your password vault.
Not theirs.

AES-GCM encrypted storage with per-record access control. Separate personal vault. Full audit log on every read. Your keys stay on your server.

  • AES-256-GCM encryption at rest
  • Per-organization vault isolation
  • Secure notes with field-level access control
  • Full audit trail with user attribution
Password vault interface
Security dashboard
Security & Compliance

Snyk. OS patches. Uptime.
All in one place.

Continuous vulnerability scanning with Snyk integration, OS package security checks across your fleet, SSL certificate expiration tracking, and website uptime monitoring — built in, not bolted on.

  • Snyk vulnerability detection
  • OS package security scanning
  • SSL and domain expiration alerts
  • Website uptime monitoring
Network & Infrastructure

Assets, racks, subnets,
patch panels.

Comprehensive asset tracking from the rack to the endpoint. Network discovery via nmap, IPAM with subnet visualization, VLAN management, and patch panel mapping — all linked to your client organizations.

  • Network discovery via nmap
  • IPAM and subnet management
  • Rack and network closet layouts
  • VLAN and patch panel tracking
Asset management
Knowledge base
Documentation

Version-controlled docs.
Draw.io diagrams. Floor plans.

A real knowledge base with version history, embedded Draw.io network diagrams, MagicPlan floor plan imports, and workflow automation. Everything your techs need, organized by client.

  • Version-controlled documentation
  • Native Draw.io diagram editor
  • MagicPlan floor plan import
  • Configurable workflows
Multi-Organization

One login.
Every client.

Full multi-organization support with per-org data isolation, granular permission sets, and role-based access down to individual records. Built for MSPs managing dozens of clients under one roof.

  • Complete org-level data isolation
  • 42 granular permission levels
  • Azure AD / Entra ID SSO
  • LDAP / Active Directory integration
Organization management

Forty-six screens deep.

A mature, fully-built product — not a prototype.

Asset list Rack management IPAM subnets Network closets
Security dashboard Password vault Vulnerability scans Expiration tracking
Knowledge base Draw.io diagrams Floor plans Workflows
Organizations Access management Integrations System updates

Connects to what you already run.

PSA Platforms
ConnectWise Manage Autotask Halo PSA Syncro RepairShopr ServiceNow Freshdesk Zendesk
RMM Providers
NinjaRMM Datto RMM ConnectWise Automate
Network Controllers
UniFi Meraki pfSense
Built on solid ground
Django 6.0 Python 3.12 MariaDB / MySQL Nginx + Gunicorn Bootstrap 5 REST + GraphQL API
Security

Security built in.

Security-First Design
Role-based access control, least-privilege service accounts, 2FA/MFA, and full audit logging of sensitive actions — built in, not bolted on.
CVE & Dependency Monitoring
Recurring checks against OS packages and application dependencies. Known-vulnerable components flagged and prioritized by severity and real-world exposure.
Scanning & Hardening
Internal checklists and automated scans covering exposed services, weak configurations, and insecure headers. Defaults favor security over convenience.
Access & Abuse Protection
Login rate limiting, lockout controls, failed-attempt tracking, and GeoIP-based blocking or allowlisting to reduce exposure of admin interfaces.
Logging & Monitoring
Auth events, admin changes, and failed attempts logged. Suspicious activity surfaced for operator review, with optional alerting.
Secure Deployment
HTTPS/TLS, secure headers, secrets management, restricted service exposure, and patch-aware configuration review as standard practice.
Internal security tooling

ExploitHound

We use ExploitHound — our internal security intelligence and vulnerability correlation platform — alongside other scanning tools and review processes to identify CVEs, suspicious behavior, exposed services, and potential risks before they become bigger problems.

exploithound.com →

Own your documentation.
Own your data.

Deploy on your hardware in under an hour. One-click web-based updates. No phone home, no telemetry, no lock-in.

Installation guide Star on GitHub