Search Results for "pen testing tools"
Sort By:
Showing 1122 open source projects for "pen testing tools"
View related business solutions-
$300 Free Credits for Your Google Cloud ProjectsLaunch your next project with $300 in free Google Cloud credits—no strings attached. Test, build, and deploy without risk. Use your credits across the entire Google Cloud platform to find what works best for your needs. After your credits are used, continue with always-free tier services. Only pay when you're ready to scale. Sign up in minutes and start exploring.
-
Build Securely on AWS with Proven FrameworksMoving to the cloud brings new challenges. How can you manage a larger attack surface while ensuring great network performance? Turn to Fortinet’s Tested Reference Architectures, blueprints for designing and securing cloud environments built by cybersecurity experts. Learn more and explore use cases in this white paper.
-
1
Chart Testing
CLI tool for linting and testing Helm charts
ct is the tool for testing Helm charts. It is meant to be used for linting and testing pull requests. It automatically detects charts changed against the target branch. -
2
pcsc-tools
Some tools to be used with smart cards and PC/SC
pcsc-tools is a suite of tools used to test smart cards and PC/SC drivers. It provides utilities like pcsc_scan to monitor smart card readers and scriptor to send commands to smart cards, aiding in development and troubleshooting. -
3
Kitty-Tools
Kitty-Tools is a Kahoot Cheating Client for all devices and interfaces
...The project focuses on simplifying interaction with Kahoot sessions by offering tools that can automate participation, manipulate answer selection, and streamline gameplay workflows. Its architecture allows users to connect to live game sessions and perform actions programmatically, which can be useful for testing, demonstration, or experimental purposes. The software is designed with a lightweight approach so that it can operate efficiently across devices with varying capabilities. ... -
4
fsociety
Modular CLI framework for managing penetration testing tools
fsociety is a modular penetration testing framework designed to provide a unified interface for running and managing a wide range of security tools. It focuses on simplifying penetration testing workflows by integrating multiple external security utilities into a single command line environment. Instead of implementing its own security scanners, the framework acts as a wrapper and orchestrator that helps users discover, install, and execute tools from various GitHub repositories. ... -
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
5
wasm-tools
CLI and Rust libraries for low-level manipulation of WebAssembly
...The toolkit also supports advanced operations like mutating, shrinking, and generating test cases for WebAssembly modules, making it particularly valuable for testing, debugging, and research purposes. In addition to its CLI, wasm-tools exposes many of its capabilities as reusable Rust libraries, allowing developers to integrate WebAssembly manipulation directly into their applications. The project actively implements and supports evolving WebAssembly proposals, ensuring compatibility with the latest features of the ecosystem. -
6
ZAP
The OWASP ZAP core project
The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by a dedicated international team of volunteers. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. It's also a great tool for experienced pentesters to use for manual security testing. ZAP is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. ... -
7
Pacu
The AWS exploitation framework, designed for testing security
Pacu (named after a type of Piranha in the Amazon) is a comprehensive AWS security-testing toolkit designed for offensive security practitioners. While several AWS security scanners currently serve as the proverbial “Nessus” of the cloud, Pacu is designed to be the Metasploit equivalent. Written in Python 3 with a modular architecture, Pacu has tools for every step of the pen testing process, covering the full cyber kill chain. -
8
SocketCAN userspace utilities and tools
Linux-CAN / SocketCAN user space applications
SocketCAN userspace utilities and tools. This repository contains some userspace utilities for the Linux CAN subsystem (aka SocketCAN). -
9
Xournal++
A handwriting notetaking software with PDF annotation support
Xournal++ (/ˌzɚnl̟ˌplʌsˈplʌs/) is an open-source and cross-platform note-taking software that is fast, flexible, and functional. A modern rewrite and a more feature-rich version of the wonderful Xournal program. Support for pressure-sensitive stylus and drawing tablets (Wacom, Huion, XP-Pen, etc.) Robust and customizable pen, highlighter and eraser tools, allowing you to write how you want to write. Use layers to make complex notes that are still pleasant to work with. Keep track of the notes by using page previews. Add images and create various shapes, from circles to splines to axis. Snap objects to rectangular grid or degrees of rotation. ... -
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
10
PentestGPT
Automated Penetration Testing Agentic Framework Powered by LLMs
PentestGPT is an AI-powered autonomous penetration testing agent designed to perform intelligent, end-to-end security assessments using large language models. Published at USENIX Security 2024, it combines advanced reasoning with an agentic workflow to automate tasks traditionally handled by human pentesters. The platform supports multiple penetration testing categories, including web security, cryptography, reversing, forensics, privilege escalation, and binary exploitation. PentestGPT runs... -
11
Xteam
All-in-one command-line toolkit for security testing and OSINT tools
Xteam is a command-line security toolkit designed to provide multiple penetration testing and information-gathering utilities in a single interface. It combines several modules and external tools to help users perform security research tasks related to mobile devices, wireless networks, and online services. It acts as a centralized launcher that integrates scripts and third-party tools, allowing users to access different testing functions through a menu-based command line workflow. ... -
12
PEASS-ng
Privilege Escalation Awesome Scripts SUITE
These tools search for possible local privilege escalation paths that you could exploit and print them to you with nice colors so you can recognize the misconfigurations easily. All the scripts/binaries of the PEAS suite should be used for authorized penetration testing and/or educational purposes only. Any misuse of this software will not be the responsibility of the author or of any other collaborator. -
13
CyberStrikeAI
CyberStrikeAI is an AI-native security testing platform built in Go
CyberStrikeAI is an AI-native security testing platform built in Go that brings autonomous penetration testing, vulnerability discovery, and attack chain analysis into a unified interface. The platform integrates over 100 security tools out of the box and pairs them with an intelligent orchestration engine that can be directed via natural language or policy definitions, allowing users to automate reconnaissance, scanning, exploitation, and reporting without manual sequencing of tools. -
14
OWASP Mobile Security Testing Guide
Manual for mobile app security development and testing
We are writing a security standard for mobile apps and a comprehensive testing guide that covers the processes, techniques, and tools used during a mobile app security test, as well as an exhaustive set of test cases that enables testers to deliver consistent and complete results. The MSTG is a comprehensive manual for mobile app security testing and reverse engineering for iOS and Android mobile security testers. -
15
PentAGI
Perform penetration testing tasks
PentAGI is a fully autonomous AI agent system designed to perform complex penetration testing tasks by orchestrating multiple intelligent components into a coordinated offensive security workflow. The platform aims to automate significant portions of the penetration testing lifecycle, including reconnaissance, vulnerability discovery, and exploitation planning, reducing the amount of manual effort required from security professionals. -
16
Commando VM
Complete Mandiant Offensive VM (Commando VM)
Commando VM (by Mandiant) is a Windows-based offensive security / red-team distribution built to turn a fresh Windows installation into a fully featured penetration testing environment. It provides an automated installer (PowerShell script) that uses Chocolatey, Boxstarter, and MyGet package feeds to download, install, and configure dozens (100+ / 170+ depending on version) of offensive, fuzzing, enumeration, and exploitation tools. The idea is to spare testers the repetitive work of hand-installing dozens of windows tools, dependencies, and configurations. ... -
17
OctoMind MCP
An MCP server for octomind tools, resources and prompts
The Octomind MCP Server is designed to integrate Octomind's end-to-end testing tools and resources into local development environments. It enables AI-powered interfaces to create, execute, and manage e2e tests, enhancing the testing workflow. -
18
Terratest
Go library that makes it easier to write automated tests
Terratest is a Go library that provides patterns and helper functions for testing infrastructure, with 1st-class support for Terraform, Packer, Docker, Kubernetes, AWS, GCP, and more. Create a file ending in _test.go and run tests with the go test command. E.g., go test my_test.go. Use Terratest to execute your real IaC tools (e.g., Terraform, Packer, etc.) to deploy real infrastructure (e.g., servers) in a real environment (e.g., AWS). -
19
Static Analysis Tools for PHP
Docker image that provides static analysis tools for PHP
Docker image providing static analysis tools for PHP. The list of available tools and the installer is actually managed in the jakzal/toolbox repository. Docker image with quality analysis tools for PHP. To run the selected tool inside the container, you'll need to mount the project directory on the container with -v "$(pwd):/project". Some tools like to write to the /tmp directory (like PHPStan, or Behat in some cases), therefore it's often useful to share it between docker runs, i.e. with... -
20
FreeLLMAPI
OpenAI-compatible proxy that aggregates free-tier keys from ~14 AI
FreeLLMAPI is an OpenAI-compatible proxy that aggregates free-tier API keys from multiple AI providers into one unified endpoint. It is designed for personal experimentation, testing, and lightweight development workflows where users want to route requests through several providers without rewriting client code for each one. The project can automatically fail over between configured providers when one is unavailable or exhausted. Its OpenAI-compatible design makes it easier to use with existing tools, SDKs, and applications that already expect that API shape. ... -
21
CodeceptJS
Supercharged End 2 End Testing Framework for NodeJS
CodeceptJS is a modern end-to-end testing framework for Node.js applications, enabling developers to write tests in a behavior-driven development (BDD) style with an emphasis on simplicity and readability. -
22
Paint.NET
Downloads for Paint.NET, such as installer EXEs and portable ZIPs
Every feature and user interface element was designed to be immediately intuitive and quickly learnable without assistance. In order to handle multiple images easily, it uses a tabbed document interface. The tabs display a live thumbnail of the image instead of a text description. This makes navigation very simple and fast. Extensive work has gone into making it the fastest image editor available. Starting the app is nearly instantaneous, and every feature has been thoroughly optimized to... -
23
Allure Report
Flexible, lightweight multi-language test reporting tool
Allure Report is a flexible, lightweight multi-language test reporting tool. It provides clear graphical reports and allows everyone involved in the development process to extract the maximum of information from the everyday testing process. Allure Report is a flexible multi-language test report tool to show you a detailed representation of what has been tested end extract max from the everyday execution of tests. Allure Report is capable to build unified reports for dozens of testing tools across eleven programming languages on several CI/CD systems. -
24
emp3r0r
Linux/Windows post-exploitation framework made by linux user
A post-exploitation framework for Linux/Windows. Initially, emp3r0r was developed as one of my weaponizing experiments. It was a learning process for me trying to implement common Linux adversary techniques and some of my original ideas. So, what makes emp3r0r different? First of all, it is the first C2 framework that targets Linux platform including the capability of using any other tools through it. Take a look at the features for more valid reasons to use it. -
25
CMake
Cross-platform tool to build, test and package software
...CMake is part of Kitware’s collection of commercially supported open-source platforms for software development and integrates with CDash to provide a comprehensive suite of tools. CDash is the testing server that aggregates, analyzes, and displays the results of software testing processes submitted from clients located around the world.
