Weekly 'I made a useful thing' Thread - March 27, 2026

Posted by AutoModerator@reddit | sysadmin | View on Reddit | 32 comments

There is a great deal of user-generated content out there, from scripts and software to tutorials and videos, but we've generally tried to keep that off of the front page due to the volume and as a result of community feedback. There's also a great deal of content out there that violates our advertising/promotion rule, from scripts and software to tutorials and videos.

We have received a number of requests for exemptions to the rule, and rather than allowing the front page to get consumed, we thought we'd try a weekly thread that allows for that kind of content. We don't have a catchy name for it yet, so please let us know if you have any ideas!

In this thread, feel free to show us your pet project, YouTube videos, blog posts, or whatever else you may have and share it with the community. Commercial advertisements, affiliate links, or links that appear to be monetization-grabs will still be removed.

[-]

MalusZona@reddit

the problem i caught myself in - sometimes Claude Code asks me to give permission and i press enter,.. and only then read what it asked me for. so idea was born and here is what i built: a proxy that sits between Claude Code and the API. it occasionally swaps a legit command with a realistic trap - data exfiltration via curl, typosquatted pip/npm packages, chmod 777, docker --privileged, etc. if the developer approves without catching it, execution is blocked and they get a training message explaining the risk. everything logs to a team dashboard with catch rates per developer and per attack category.

all traps are inherently harmless - nonexistent paths, reserved addresses, fake package names. even if blocking fails, nothing real gets damaged.

there's also a browser-based assessment quiz that takes 2 minutes, no install needed. managers can send it to their team and see who catches what: https://agentsaegis.com/assessment

out of 95 people who took it so far - 65% approved at least one dangerous command (stats online on dashboard), and you'd think it would be better, i mean this is a BROWSER TEST, you are ready to catch traps, not your routine - that amazed me. most miss at least 2 traps.

trap categories currently covered: PowerShell / Windows Sysadmin Docker / Kubernetes AWS Google Cloud Azure Node.js / TypeScript Python Go Ruby / Rails Java / Kotlin / JVM

proxy is open source: https://github.com/agentsaegis/go-proxy (obviously i would not expect people install something from closed source repo) self-use free forever (no ads and stuff), monetisation is planned for the future for b2b (like KnowBe4) if it will be met positively most code generated with ai assistance, but i reviewed everything and was there all the way, and im a senior software engineer with 15 years exp (no lying, i was there when ruby 1.8.7 was hot and everything was in php) curious what the security community thinks - is this a real training vector or am i overthinking the risk of AI-assisted development? I thought this fit the sub, but if not pls let me know how to edit this post to make it fit, as a backend engineer security always was one of my top priorities

[-]

MGMan-01@reddit

Are you lost, small boy? Your vibe-coded slop has nothing to do with system administration

[-]

MalusZona@reddit

1) not a vibe slop, repo is public - feel free to check

2) everyone who use AI agents is should be aware of possible threats, system administrator's error can cost a whole infra (recent example - 13 hours outage at AWS because of engineer approved wrong command)

3) this is 'I made a useful thing' mega thread, i got mod's approval to post it here, please save your aggression for some real rule-breakers.

[-]

MGMan-01@reddit

So you are lost, then.

Impossible-Sample908@reddit

Built DevTet as a practical project focused on solving small but common digital workflow problems that slow people down.

What’s getting the most traction so far are everyday document and file tasks, but the broader direction is making routine digital work simpler, faster, and less frustrating — both for individuals and for teams.

I’m also exploring content and solutions around infrastructure, monitoring, SaaS and overall IT workflow efficiency.

Main site:

https://devtet.rs/en

Example guide:

https://devtet.rs/en/how-to-reduce-pdf-file-size/
https://devtet.rs/en/nutanix-vs-proxmox-vs-vmware/

danhof1@reddit

Been building TerminalNexus, a windows CLI manager with a built-in terminal emulator. You can create custom command buttons organized into categories, and each button can include input prompts that ask for values before it runs. It also has an SSH connection manager with saved profiles, port forwarding tunnels, and encrypted key storage. Commands can use encrypted variables for credentials.

It comes with 400+ presets for git, docker, azure, and aws, with background scheduling and output distribution to email, slack, or teams. There's also a visual git gui, shell conversion between bash, powershell, and cmd, and ai features like command generation, error analysis, and security scanning. You bring your own AI provider, even fully local with Ollama.

Free version available with SSH manager, command presets, and multi-shell tabs. Full version is a one-time $59.95 purchase, no subscription.
www.safesoftwaresolutions.com

Shade2166@reddit

VulnParse-Pin— Open-Source prioritization engine that turns thousands of scanner findings into a ranked list of actionable, explainable findings to patch for remediation. If anyone works with vulnerability management, we know sorting by CVSS is not effective, especially for thousands of findings.

This tool handles that with threat intel enrichment, and environmental asset context to really prioritize the vulnerabilities that truly matter and drown out the noise. This can fit into many workflows and sits right in that gap between scanners and remediation/patch cycles.

It works for devops, sec engineers, pentesters, grc analysts.
It even fits into reporting workflows and SIEM ingestion pipelines with it's multiple output options. I really believe it solves a true pain point and saves time and would love if folks could try out this niche tools.

Check it here https://github.com/qt-ashley/vulnparse-pin

CourseSpecial6000@reddit

Built a small tool to make SOC2 access reviews less painful - would love feedback pls :)

I kept running into the same issue across teams where the actual controls (MFA, roles, etc.) are usually fine, but the access review + evidence side ends up being pretty manual exports, screenshots, spreadsheets, chasing approvals, etc.....

So I put together a small tool that connects to Microsoft 365 / Entra and tries to:

pull users, roles, MFA status automatically
flag things like missing MFA/stale accounts
generate something closer to auditready evidence instead of one-off screenshots
keep a consistent trail over time instead of point-in-time exports

Still early and figuring out what s actually useful vs overkill.

If anyone here deals with SOC2/audits regularly, I’d be curious:

what part of access reviews is most annoying in practice?
does anything like this actually help, or do most people just script/create internal tools as a solutin tothis?

Happy to share what I hve got if anyone wants to take a look -- mostly just trying to sanity check whether this is solving a real problem.

colinhines@reddit

We have to do these types of audits multiple times a year. I will test this if you share?

Thanks for reaching out! here's the link: https://accesspulse.io/

sounds very very niche

Yeah it is definitely not for everyone...

Mostly aimed at smaller teams going through SOC2 or similar audits where they don’t have a full compliance setup and end up doing a lot of this manually.

Out of curiosity, have you had to deal with access reviews r audit evidence yourself, or s it not really in your scope?

You didn't build anything. Nobody wants your lazy vibe-coded nonsense.

lemoninterupt@reddit

Hi everyone! I have created a terminal SSH client with Docker and Podman container management, instant search, cloud sync from 12 providers (my personal favorite feature), visual file transfer via SCP, SSH tunnels and password manager integration. It runs on Linux and macOS. Hope you like it! I am currently testing MCP support for a future release.

https://github.com/erickochen/purple

https://getpurple.sh

Very cool. My team is entirely using secureCRT because that’s what I’ve been using forever and this looks like it could be very interesting.

Great to hear! Feedback is always welcome.

Altusbc@reddit

Post it here.

/r/sysadmin/comments/1s4xvpj/weekly_i_made_a_useful_thing_thread_march_27_2026/

FearFactory2904@reddit

Hey,

So the useful thing is here: https://rons.tools

I troubleshoot iSCSI SANs for my day job, so I initially built a site to hold tools I need like TCP window optimizers, RAID estimators, epoch clocks, etc. I also threw in some random stuff for my own hobbies, like 3D printing estimators, music scales, and a multi search lookup tool for to use one search bar for everything from google search, ai prompts, tracking shipments, searching ebay/amazon/aliexpress to compare prices for lab gear, etc.

The default search buttons and tools are a sampler. You can add and customize search buttons and book marks as well as add tools from the menu or rearrange the layout of the tools. Everything stays as long as you dont clear your browser cache but if you want to back up your personalizations or color scheme you can export your settings.

I think it could be helpful to some people here given this leans heavily toward IT tools but I also want feedback about what sort of things other people want. Common things outside of my work and hobby bubble I might not be thinking of.

Take a look if you have a second, and let me know what you guys think. Thanks, Ron

HP-37@reddit

New to this space. Check my tool checkmyurl.vercel.app — a free network diagnostic tool that runs entirely in the browser.

Enter any domain and it instantly runs:

- DNS records (A, AAAA, CNAME, MX, NS, TXT, CAA, PTR)
- SSL cert expiry and issuer
- WHOIS / RDAP (registrar, domain age, expiry)
- SPF, DMARC, DKIM checks
- DNSSEC validation
- CDN detection (Cloudflare, Vercel, Netlify, AWS, etc.)
- Blacklist / RBL check (Spamhaus, SpamCop, SORBS, Barracuda)
- HTTP/HTTPS reachability
- ASN and hosting provider per IP
- Reverse DNS (PTR)
- DNS resolver comparison (Google vs Cloudflare) — catches split-horizon issues
- www vs apex comparison

It's smart about context — if a domain uses Cloudflare proxy it won't false-flag DNSSEC, if there are no MX records it skips email checks, ccTLDs like .io don't get false RDAP failures.

Also has a full manual playbook and a glossary for people new to network troubleshooting.

Genuinely curious if this is useful or if I'm missing checks that you'd want to see. Happy to add more.

market of domain diagnosis tools is HUGE.

Can u give one sentence of why urs is stands off?

xX8Omni8Xx@reddit

This person is offering their tool for FREE. Why are you demanding they sell it to you by asking "Give me one sentence as to why yours stands out"?

Because I’m curious what pain exactly it is solving, this is a basic conversation

It's not useful. Get a real job

victor_dd@reddit

I built a free tool to automate Windows app installation and share setups https://desktopdeck.io/

Winter_Engineer2163@reddit

Put together a practical step-by-step guide on encrypting a password-protected USB drive with VeraCrypt.

Focused on a clean workflow + included fixes for common issues I actually ran into (like the “device cannot be locked” error and how to resolve it via Disk Management).

Also added a short section on how to properly mount/dismount the drive — a lot of guides skip that part.

Might be useful if you need a quick way to secure removable media:

https://www.hiddenobelisk.com/how-to-encrypt-a-usb-drive-completely-with-veracrypt/

itworkflowguy@reddit

Built myself a simple Excel toolkit for small-business IT / MSP-style work and thought I’d share it here in case it’s useful to anyone.

I originally made it just for my own day-to-day because I got tired of having customer info, M365 notes, backup / maintenance details and quote calculations scattered everywhere.

It includes stuff like: • client documentation • M365 / tenant notes • maintenance & backup overview • internal pricing • quote calculator

Nothing super fancy — just something practical for smaller environments / smaller IT setups where a full PSA/docs stack can feel like overkill.

It’s in German because that’s my market, but the structure should still make sense if anyone wants to take a look.

Nobody wants to take a look at your lazy vibe-coded nonsense.

reserved_seating@reddit

Not sure if sarcasm or just a jerk

the tools which we create for ourselves are not lazy vibe-coded nonsense, this tool at least solving problem on one person.

This is a subreddit for subreddit for sysadmins, not a dumping ground for lazy people like you to push your low-effort marketing campaigns. If you weren't a small boy then you would understand this.

Fair enough 😄 It’s definitely more “practical internal tool” than polished product.

Worried-Bother4205@reddit

These threads are actually great for early validation.

You get honest feedback without needing full distribution yet.