aicoolies logo
NetBird logo

NetBird

Open-source zero-trust networking with WireGuard

Share
freemiumOpen Source
Visit Website →

NetBird is an open-source zero-trust networking platform that creates encrypted WireGuard overlay networks between devices without opening ports or configuring firewalls. It provides peer-to-peer connectivity with NAT traversal, access control policies, DNS management, and a web dashboard for team management. NetBird replaces traditional VPNs with a simpler, more secure mesh networking approach for self-hosted infrastructure and remote teams.

NetBird eliminates the complexity of traditional VPN setups by creating encrypted WireGuard tunnels between devices automatically. Devices register with a management server that handles peer discovery and NAT traversal, then establish direct peer-to-peer connections wherever possible. This means self-hosters can securely access their home lab services from anywhere without exposing ports to the internet, configuring dynamic DNS, or wrestling with OpenVPN configurations.

The platform provides enterprise-grade access control through policies that define which devices and users can communicate with each other. Integration with identity providers like Google Workspace, Azure AD, Okta, and Keycloak enables SSO-based authentication. The web-based management dashboard visualizes the network topology, shows device status, and allows administrators to create and manage access policies. DNS management enables devices to reach each other by name rather than IP address across the mesh network.

With over 24,000 GitHub stars and active development under a BSD-3-Clause license, NetBird has become the go-to solution for developers and small teams who need secure remote access without the overhead of enterprise VPN products. The client runs on Linux, macOS, Windows, Android, and iOS, and the entire management infrastructure can be self-hosted. Recent development has focused on MCP server integration, making NetBird accessible to AI agents that need to interact with private network resources.

Pricing

Free for up to 5 users — paid plans from $7/user/mo

Platforms

Linux, macOS, Windows, Android, iOS — self-hostable

Categories

Tags

Use Cases

Alternatives

Related Tools

KubeAI

Kubernetes operator for serving AI inference workloads

KubeAI is an Apache-2.0 Kubernetes operator for deploying and scaling AI inference workloads, including LLMs, embeddings, reranking, and speech-to-text. It gives platform teams OpenAI-compatible endpoints, model proxy/controller primitives, model caching, scale-from-zero behavior, and cluster-native resource management for self-hosted inference on Kubernetes.

open-sourceOpen Source
Agent Governance Toolkit logo

Agent Governance Toolkit

Microsoft’s public-preview runtime governance toolkit for policy, identity, sandboxing, audit, and MCP security around AI agents.

Agent Governance Toolkit is Microsoft’s MIT-licensed public-preview toolkit for governing AI agent runtimes. It adds policy enforcement, zero-trust identity, execution sandboxing, audit, reliability, and MCP security-gateway patterns around tool calls and autonomous actions, helping platform teams move beyond prompt-only guardrails while preserving architecture review requirements.

open-sourceOpen SourceTelemetry

CLIProxyAPI

Self-hosted proxy API for routing AI CLI accounts into OpenAI-compatible endpoints

CLIProxyAPI is an open-source Go proxy server that wraps Gemini CLI, Claude Code, OpenAI Codex, Grok Build, and related CLI account flows behind OpenAI/Gemini/Claude-compatible API endpoints. Use it carefully: it can touch OAuth sessions, auth files, logs, and provider account policies, so production use needs credential and ToS review.

open-sourceOpen SourceTelemetry
Baz logo

Baz

Telemetry-aware AI code reviewer that checks how pull requests may affect real services.

Baz is an AI code-review platform focused on production-aware pull requests. Instead of only reading the diff, Baz connects code changes to application telemetry so reviewers can understand what endpoints, services, and runtime behavior may be affected. That makes it a useful complement to existing AI PR bots when the question is not just whether a change looks correct, but whether it could break a live system.

freemiumTelemetry
rampart

Rampart

Microsoft’s pytest-native red teaming framework for turning AI agent safety findings into CI tests.

RAMPART is an open-source Microsoft framework for safety and security testing of agentic AI applications. It brings red-team findings into a pytest-native workflow so teams can turn prompt injection, unsafe tool use, and behavioral boundary failures into repeatable regression tests. The strongest aicoolies angle is developer workflow: RAMPART makes agent safety part of CI/CD instead of a one-off security review.

open-sourceOpen Source
Statewright logo

Statewright

State-machine guardrails for controlling which tools AI coding agents can use at each phase.

Statewright is a guardrail layer for AI coding agents that uses explicit state machines to control what an agent can do at each stage of a workflow. Instead of relying only on prompt instructions, teams can model phases such as plan, implement, test, and review, then constrain tool access for clients like Claude Code, Codex, Cursor, opencode, and related MCP workflows.

open-sourceOpen Source

Used in Stacks