Products

Production tools and hosted applications built by Orygn.

Security scanners, cryptographic provenance, metadata forensics, federal due diligence, AI discoverability audits. These are the production tools Orygn builds and operates. Some have open-source SDKs. All of them are live and free to use.

Jump to examples Get in touch

How to read this page

The hosted apps below are working examples of the kinds of systems Orygn builds. They make it easier to see how the work takes shape in software, from file handling and vendor workflow to web security, access control, and due diligence.

01 Hosted tool

BitSeal

A cryptographic provenance system that seals files with BLAKE3 Merkle trees, Ed25519 signatures, and Bitcoin-anchored timestamps via OpenTimestamps.

bitseal.orygn.tech Production tool and SDK

bitseal.orygn.tech

BitSeal landing page screenshot

What it does

  • Client-side BLAKE3 hashing and Merkle tree sealing
  • Ed25519 Authority signatures with published verification key
  • Bitcoin-anchored timestamps via OpenTimestamps
  • Open-source Python SDK with offline verification

Core pieces

Next.js 16 Neon Postgres Ed25519 BLAKE3 OpenTimestamps Python SDK
Open BitSeal Learn more

02 Hosted tool

File X-Ray

A browser-first metadata inspector for images, PDFs, documents, spreadsheets, presentations, videos, and audio. Surfaces GPS, author, device, edit history, and byte-level PDF forensics.

filexray.orygn.tech Production tool

filexray.orygn.tech

File X-Ray landing page screenshot

What it does

  • Parses JPEG, PNG, WebP, TIFF, HEIC, AVIF, GIF, PDF, DOCX, XLSX, PPTX, MP4, MOV, MP3, FLAC, and more
  • GPS map view, risk classification, AI-powered summaries
  • Metadata stripping for images, PDFs, and documents
  • Byte-level PDF forensics and strip-diff reports

Core pieces

React 19 TypeScript Vite Gemini AI Leaflet Maps 20+ Formats
Open File X-Ray Learn more

03 Hosted tool

WebShield

A production security scanner that checks any URL across transport, network, and application layers, with a 22-article knowledge base and copy-paste remediation configs.

webshield.orygn.tech Production scanner

webshield.orygn.tech

WebShield landing page screenshot

What it checks

  • CVEs via OSV.dev, outdated JS library detection
  • Security headers, CSP parsing, CORS, COOP/COEP
  • Raw TLS handshake, cipher, ALPN, and HSTS preload
  • DNS (CAA, MX, DNSSEC) and email (SPF, DMARC, DKIM, MTA-STS, BIMI)
  • Exposed paths (.git, .env, phpinfo), tracker inventory, tech fingerprinting

Core pieces

Next.js 16 TypeScript Supabase Turnstile 22 KB Articles Remediation Engine
Open WebShield Learn more

04 Hosted tool

Vendor Access Vault

Vault vendor credentials with AES-256-GCM encryption, gate plaintext reveals behind just-in-time access requests, and get an append-only audit log of every reveal with actor, IP, and user agent.

vendorvault.orygn.tech Production

vendorvault.orygn.tech

Vendor Access Vault landing page with vendor directory and risk metadata

What it does

  • AES-256-GCM credential encryption with per-cred IV and authTag
  • Just-in-time access requests with admin approval and auto-expiry
  • Append-only audit log with actor, IP, user agent, and CSV export
  • Vendor directory with risk metadata, criticality, and renewal dates
  • Rotation tracking with cron emails and atomic access revocation
  • RBAC (owner / admin / viewer) with multi-tenant org isolation
  • TOTP 2FA, Google OAuth, Cloudflare Turnstile bot protection
  • Cmd+K commander, in-app notifications, vendor comments

Core pieces

Next.js 16 TypeScript (strict) Neon Postgres Drizzle ORM Auth.js v5 AES-256-GCM TOTP 2FA Tailwind 4 Shadcn UI Resend Cloudflare Turnstile Playwright (101 E2E tests)
Open Vendor Access Vault Learn more

05 Hosted tool

DiligenceDesk

Free federal contractor due diligence in one search. Reconciles eight public U.S. data sources plus a Section 889 prohibited-hardware registry into a deterministic PASS / WARNING / FAIL / NEUTRAL verdict you can defend in writing.

diligencedesk.orygn.tech Production

diligencedesk.orygn.tech

DiligenceDesk federal contractor screening interface

What it checks

  • SAM.gov identity, registration, and exclusions
  • DOL labor enforcement and OSHA safety inspections
  • Consolidated Screening List (sanctions, denied persons)
  • USAspending award history, SEC EDGAR, GLEIF ownership
  • NIST NVD cyber exposure and Section 889 hardware
  • Sector-risk overlay across 32 NAICS and 44 PSC codes
  • Batch CSV auditing for multi-vendor procurement files
  • Interactive risk graph showing verdict causality

Core pieces

Next.js 16 TypeScript (strict) 8 Federal APIs Deterministic Verdict Engine Batch CSV Auditor @xyflow/react Risk Graph Upstash Redis Cloudflare Turnstile 18-Page Knowledge Base PDF / CSV Export
Open DiligenceDesk Learn more

06 Free web tool

Beaconly

A free audit tool that checks whether a website is configured for AI crawler discovery and citation, covering robots.txt, llms.txt, structured data, and page signals.

beaconly.orygn.tech Free AI discoverability audit

beaconly.orygn.tech

Beaconly audit tool screenshot

What it shows

  • AI crawler access via robots.txt and llms.txt
  • JSON-LD schema and structured data signals
  • Page structure, Open Graph, and response speed

Core pieces

Cloudflare Pages Cloudflare Workers Vanilla JS AI visibility
Run a free audit Learn more

07 MCP server

OPA MCP

An open-source MCP server that gives Claude, Cursor, VS Code, and any other MCP-compatible client a structured interface to Open Policy Agent and Regal. Author, evaluate, debug, and deploy Rego policies without leaving your AI client.

@orygn/opa-mcp npm · Docker · OPA Ecosystem

openpolicyagent.org/ecosystem

OPA MCP listed in the Open Policy Agent ecosystem registry

What it enables

  • 39 tools: Rego authoring, evaluation with traces, bundle builds, OPA server management
  • Higher-level helpers: explain decisions, generate test skeletons, infer input schemas, diff policies
  • Curated MCP resources: OPA built-ins catalog, Rego style guide, RBAC/ABAC/Kubernetes pattern library
  • Structured error taxonomy, schema-validated inputs, response-size caps

Core pieces

TypeScript (strict) Node.js MCP SDK OPA + Regal Multi-arch Docker Smithery Vitest MIT License
View on npm Learn more

Public tooling

CLI tools and smaller examples on GitHub.

There is also smaller public work on GitHub, including CLI and utility projects around security, identity, automation, and supply-chain oriented tooling.

Browse GitHub

Next step

If the direction feels clear, that is usually enough to see whether there is a fit.

Most projects do not begin from an exact match. They begin with a clearer sense of the system, the workflow, and what the next build needs to do.

Get in touch