Search Results for "pen testing tools"
Sort By:
Showing 1082 open source projects for "pen testing tools"
View related business solutions-
Go From AI Idea to AI App FastAccess Gemini 3 and 200+ models. Build chatbots, agents, or custom models with built-in monitoring and scaling.
-
Forever Free Full-Stack Observability | Grafana CloudBuilt on open standards like Prometheus and OpenTelemetry, Grafana Cloud includes Kubernetes Monitoring, Application Observability, Incident Response, plus the AI-powered Grafana Assistant. Get started with our generous free tier today.
-
1
Chart Testing
CLI tool for linting and testing Helm charts
ct is the tool for testing Helm charts. It is meant to be used for linting and testing pull requests. It automatically detects charts changed against the target branch. -
2
pcsc-tools
Some tools to be used with smart cards and PC/SC
pcsc-tools is a suite of tools used to test smart cards and PC/SC drivers. It provides utilities like pcsc_scan to monitor smart card readers and scriptor to send commands to smart cards, aiding in development and troubleshooting. -
3
Kitty-Tools
Kitty-Tools is a Kahoot Cheating Client for all devices and interfaces
...The project focuses on simplifying interaction with Kahoot sessions by offering tools that can automate participation, manipulate answer selection, and streamline gameplay workflows. Its architecture allows users to connect to live game sessions and perform actions programmatically, which can be useful for testing, demonstration, or experimental purposes. The software is designed with a lightweight approach so that it can operate efficiently across devices with varying capabilities. ... -
4
wasm-tools
CLI and Rust libraries for low-level manipulation of WebAssembly
...The toolkit also supports advanced operations like mutating, shrinking, and generating test cases for WebAssembly modules, making it particularly valuable for testing, debugging, and research purposes. In addition to its CLI, wasm-tools exposes many of its capabilities as reusable Rust libraries, allowing developers to integrate WebAssembly manipulation directly into their applications. The project actively implements and supports evolving WebAssembly proposals, ensuring compatibility with the latest features of the ecosystem. -
Go from Code to Production URL in SecondsSkip the Kubernetes configs. Cloud Run handles HTTPS, scaling, and infrastructure automatically. Two million requests free per month.
-
5
fsociety
Modular CLI framework for managing penetration testing tools
fsociety is a modular penetration testing framework designed to provide a unified interface for running and managing a wide range of security tools. It focuses on simplifying penetration testing workflows by integrating multiple external security utilities into a single command line environment. Instead of implementing its own security scanners, the framework acts as a wrapper and orchestrator that helps users discover, install, and execute tools from various GitHub repositories. ... -
6
ZAP
The OWASP ZAP core project
The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by a dedicated international team of volunteers. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. It's also a great tool for experienced pentesters to use for manual security testing. ZAP is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. ... -
7
PEASS-ng
Privilege Escalation Awesome Scripts SUITE
These tools search for possible local privilege escalation paths that you could exploit and print them to you with nice colors so you can recognize the misconfigurations easily. All the scripts/binaries of the PEAS suite should be used for authorized penetration testing and/or educational purposes only. Any misuse of this software will not be the responsibility of the author or of any other collaborator. -
8
Pacu
The AWS exploitation framework, designed for testing security
Pacu (named after a type of Piranha in the Amazon) is a comprehensive AWS security-testing toolkit designed for offensive security practitioners. While several AWS security scanners currently serve as the proverbial “Nessus” of the cloud, Pacu is designed to be the Metasploit equivalent. Written in Python 3 with a modular architecture, Pacu has tools for every step of the pen testing process, covering the full cyber kill chain. -
9
Xournal++
A handwriting notetaking software with PDF annotation support
Xournal++ (/ˌzɚnl̟ˌplʌsˈplʌs/) is an open-source and cross-platform note-taking software that is fast, flexible, and functional. A modern rewrite and a more feature-rich version of the wonderful Xournal program. Support for pressure-sensitive stylus and drawing tablets (Wacom, Huion, XP-Pen, etc.) Robust and customizable pen, highlighter and eraser tools, allowing you to write how you want to write. Use layers to make complex notes that are still pleasant to work with. Keep track of the notes by using page previews. Add images and create various shapes, from circles to splines to axis. Snap objects to rectangular grid or degrees of rotation. ... -
$300 in Free Credit Towards Top Cloud ServicesStart your project in minutes. After credits run out, 20+ products include free monthly usage. Only pay when you're ready to scale.
-
10
Xteam
All-in-one command-line toolkit for security testing and OSINT tools
Xteam is a command-line security toolkit designed to provide multiple penetration testing and information-gathering utilities in a single interface. It combines several modules and external tools to help users perform security research tasks related to mobile devices, wireless networks, and online services. It acts as a centralized launcher that integrates scripts and third-party tools, allowing users to access different testing functions through a menu-based command line workflow. ... -
11
CyberStrikeAI
CyberStrikeAI is an AI-native security testing platform built in Go
CyberStrikeAI is an AI-native security testing platform built in Go that brings autonomous penetration testing, vulnerability discovery, and attack chain analysis into a unified interface. The platform integrates over 100 security tools out of the box and pairs them with an intelligent orchestration engine that can be directed via natural language or policy definitions, allowing users to automate reconnaissance, scanning, exploitation, and reporting without manual sequencing of tools. -
12
PentestGPT
Automated Penetration Testing Agentic Framework Powered by LLMs
PentestGPT is an AI-powered autonomous penetration testing agent designed to perform intelligent, end-to-end security assessments using large language models. Published at USENIX Security 2024, it combines advanced reasoning with an agentic workflow to automate tasks traditionally handled by human pentesters. The platform supports multiple penetration testing categories, including web security, cryptography, reversing, forensics, privilege escalation, and binary exploitation. PentestGPT runs... -
13
SocketCAN userspace utilities and tools
Linux-CAN / SocketCAN user space applications
SocketCAN userspace utilities and tools. This repository contains some userspace utilities for the Linux CAN subsystem (aka SocketCAN). -
14
Commando VM
Complete Mandiant Offensive VM (Commando VM)
Commando VM (by Mandiant) is a Windows-based offensive security / red-team distribution built to turn a fresh Windows installation into a fully featured penetration testing environment. It provides an automated installer (PowerShell script) that uses Chocolatey, Boxstarter, and MyGet package feeds to download, install, and configure dozens (100+ / 170+ depending on version) of offensive, fuzzing, enumeration, and exploitation tools. The idea is to spare testers the repetitive work of hand-installing dozens of windows tools, dependencies, and configurations. ... -
15
PentAGI
Perform penetration testing tasks
PentAGI is a fully autonomous AI agent system designed to perform complex penetration testing tasks by orchestrating multiple intelligent components into a coordinated offensive security workflow. The platform aims to automate significant portions of the penetration testing lifecycle, including reconnaissance, vulnerability discovery, and exploitation planning, reducing the amount of manual effort required from security professionals. -
16
Allure Report
Flexible, lightweight multi-language test reporting tool
Allure Report is a flexible, lightweight multi-language test reporting tool. It provides clear graphical reports and allows everyone involved in the development process to extract the maximum of information from the everyday testing process. Allure Report is a flexible multi-language test report tool to show you a detailed representation of what has been tested end extract max from the everyday execution of tests. Allure Report is capable to build unified reports for dozens of testing tools across eleven programming languages on several CI/CD systems. -
17
Static Analysis Tools for PHP
Docker image that provides static analysis tools for PHP
Docker image providing static analysis tools for PHP. The list of available tools and the installer is actually managed in the jakzal/toolbox repository. Docker image with quality analysis tools for PHP. To run the selected tool inside the container, you'll need to mount the project directory on the container with -v "$(pwd):/project". Some tools like to write to the /tmp directory (like PHPStan, or Behat in some cases), therefore it's often useful to share it between docker runs, i.e. with... -
18
Paint.NET
Downloads for Paint.NET, such as installer EXEs and portable ZIPs
Every feature and user interface element was designed to be immediately intuitive and quickly learnable without assistance. In order to handle multiple images easily, it uses a tabbed document interface. The tabs display a live thumbnail of the image instead of a text description. This makes navigation very simple and fast. Extensive work has gone into making it the fastest image editor available. Starting the app is nearly instantaneous, and every feature has been thoroughly optimized to... -
19
OctoMind MCP
An MCP server for octomind tools, resources and prompts
The Octomind MCP Server is designed to integrate Octomind's end-to-end testing tools and resources into local development environments. It enables AI-powered interfaces to create, execute, and manage e2e tests, enhancing the testing workflow. -
20
CMake
Cross-platform tool to build, test and package software
...CMake is part of Kitware’s collection of commercially supported open-source platforms for software development and integrates with CDash to provide a comprehensive suite of tools. CDash is the testing server that aggregates, analyzes, and displays the results of software testing processes submitted from clients located around the world. -
21
PentestAgent
AI agent framework for black-box security testing
PentestAgent is an open-source autonomous security testing platform designed to help organizations identify vulnerabilities and assess security posture by simulating real-world attack scenarios without manual intervention. It brings a modular and automated approach to penetration testing by orchestrating a suite of tools and scripts that can emulate common exploitation techniques, reconnaissance workflows, and post-exploitation activities across targets. -
22
GoForge
GoForge is a command-line interface (CLI) tool
A Go-based CLI tool for building, testing, and managing secure web applications. -
23
discover
Automation framework for reconnaissance and penetration testing tasks
Discover is a collection of custom Bash scripts designed to automate many common tasks involved in penetration testing workflows. The project brings together a variety of security testing functions into a single framework that simplifies reconnaissance, scanning, and enumeration processes. It provides a menu-driven interface that allows security professionals to quickly launch different tools and scripts without manually executing each command. -
24
Terratest
Go library that makes it easier to write automated tests
Terratest is a Go library that provides patterns and helper functions for testing infrastructure, with 1st-class support for Terraform, Packer, Docker, Kubernetes, AWS, GCP, and more. Create a file ending in _test.go and run tests with the go test command. E.g., go test my_test.go. Use Terratest to execute your real IaC tools (e.g., Terraform, Packer, etc.) to deploy real infrastructure (e.g., servers) in a real environment (e.g., AWS). -
25
KIF
An iOS functional testing framework
...It allows for easy automation of iOS apps by leveraging the accessibility attributes that the OS makes available for those with visual disabilities. KIF builds and performs the tests using a standard XCTest testing target. Testing is conducted synchronously in the main thread (running the run loop to force the passage of time) allowing for more complex logic and composition. This also allows KIF to take advantage of the Xcode Test Navigator, command line build tools, and Bot test reports. KIF uses undocumented Apple APIs. This is true of most iOS testing frameworks, and is safe for testing purposes, but it's important that KIF does not make it into production code, as it will get your app submission denied by Apple. ...
