Best used with an AI agent

40+ live apps, open data APIs, MCP servers, and 200+ guides - more than anyone wants to click through. Point your AI here and it reads the whole map and does the work: finds the tool, pulls the data, runs the analysis, and hands you the links.

Here for the open-source code? Your agent finds the right repo for you - and can even clone and deploy it.

Prefer to explore on your own? Go right ahead.

Paste this to Claude Code, Codex, or any AI agent:
Go to tigzig.com and read tigzig.com/llms.txt. It is a practitioner toolkit - 40+ analytics apps, open no-auth data APIs, MCP servers, open-source repos (github.com/amararun), and 200+ build guides. Help me [your task]. Surface the exact links; where there is an API or MCP, call it directly; and if I want to self-host, find the repo and help me deploy it.

My Public MCP Server Got Hammered - Security Lessons from a Bot Attack

Published: February 23, 2026

My public database MCP server got hammered yesterday. Bot attack. Database server CPU at 100%.

Had protections in place - rate limiting, read-only access, SQL validation. Still got hammered. The gaps were in what I didn't think about.

Worked with my AI Coder (Claude Code) to get it back up, then went deep into every attack vector. Some 15 odd fixes - from exposed server IPs to open system catalogs to a Supabase REST API I wasn't even thinking about as an entry point.

What I learned fixing this in a few hours - would have taken days of watching tutorials. Getting bashed is the fastest way to learn. And all free.

Two things worth noting:

All my client apps have mandatory auth. My public demo apps is where I get negligent. This was a good reminder.

And I wasn't listening to my own AI coder. Every app build, I ask Claude Code for a security audit. It gives me a long list. Most times I think .. let me go live and I'll come back to this...well, this is what happens.

Server is back up. Open to public. No login.

... and yes a few things are still remaining.

Detailed post with all fixes coming soon. And if I get hammered again - more free learning.