Showing 23 open source projects for "vulnerability test"

View related business solutions
  • Free CRM Software With Something for Everyone Icon
    Free CRM Software With Something for Everyone

    216,000+ customers in over 135 countries grow their businesses with HubSpot

    Think CRM software is just about contact management? Think again. HubSpot CRM has free tools for everyone on your team, and it’s 100% free. Here’s how our free CRM solution makes your job easier.
    Get free CRM
  • Bright Data - All in One Platform for Proxies and Web Scraping Icon
    Bright Data - All in One Platform for Proxies and Web Scraping

    Say goodbye to blocks, restrictions, and CAPTCHAs

    Bright Data offers the highest quality proxies with automated session management, IP rotation, and advanced web unlocking technology. Enjoy reliable, fast performance with easy integration, a user-friendly dashboard, and enterprise-grade scaling. Powered by ethically-sourced residential IPs for seamless web scraping.
    Get Started
  • 1
    theHarvester

    theHarvester

    E-mails, subdomains and names

    theHarvester is a very simple to use, yet powerful and effective tool designed to be used in the early stages of a penetration test or red team engagement. Use it for open source intelligence (OSINT) gathering to help determine a company's external threat landscape on the internet. The tool gathers emails, names, subdomains, IPs and URLs using multiple public data sources.
    Downloads: 44 This Week
    Last Update:
    See Project
  • 2
    PlantUML

    PlantUML

    Generate diagrams from textual description

    Generate UML diagram from textual description. PlantUML is not affected by the log4j vulnerability. The easiest way to test PlantUML is in an online solution that has PlantUML embedded, such as our online server. After testing, you may want to install PlantUML locally. Run (or have your software call) PlantUML, using sequenceDiagram.txt as input. The output is an image, which either appears in the other software, or is written to an image file on disk. Diagrams are defined using a simple...
    Downloads: 44 This Week
    Last Update:
    See Project
  • 3
    lynis

    lynis

    Security auditing tool for Linux, macOS, and UNIX-based system

    Lynis is a battle-tested security tool for systems running Linux, macOS, or Unix-based operating system. It performs an extensive health scan of your systems to support system hardening and compliance testing. The project is open source software with the GPL license and available since 2007. Since Lynis is flexible, it is used for several different purposes. Typical use cases for Lynis include security auditing, compliance testing (e.g. PCI, HIPAA, SOx), penetration testing, vulnerability...
    Downloads: 4 This Week
    Last Update:
    See Project
  • 4
    Kernelhub

    Kernelhub

    Kernel privilege escalation vulnerability collection

    The original intention of making the project is for, learning, analyzing, and research the latest kernel vulnerabilities are not needed to see the system and related content. This project is a collection of proprietary, except for test failure or unspecified Exp, Demo GIF map. If there is an omission of the omission of CVE vulnerabilities, please join your issues and bring your use of code. Project code is prohibited from testing in a real environment! The reliability of the code is self...
    Downloads: 0 This Week
    Last Update:
    See Project
  • The #1 Embedded Analytics Solution for SaaS Teams. Icon
    The #1 Embedded Analytics Solution for SaaS Teams.

    Qrvey saves engineering teams time and money with a turnkey multi-tenant solution connecting your data warehouse to your SaaS application.

    Qrvey’s comprehensive embedded analytics software enables you to design more customizable analytics experiences for your end users.
    Try Developer Playground
  • 5
    Shennina

    Shennina

    Automating Host Exploitation with AI

    Shennina is an automated host exploitation framework. The mission of the project is to fully automate the scanning, vulnerability scanning/analysis, and exploitation using Artificial Intelligence. Shennina is integrated with Metasploit and Nmap for performing the attacks, as well as being integrated with an in-house Command-and-Control Server for exfiltrating data from compromised machines automatically. Shennina scans a set of input targets for available network services, uses its AI engine...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 6
    Giskard

    Giskard

    Collaborative & Open-Source Quality Assurance for all AI models

    ... dozens of vulnerabilities. The Giskard scan automatically detects vulnerability issues such as performance bias, data leakage, unrobustness, spurious correlation, overconfidence, underconfidence, unethical issue, etc. Giskard automatically generates relevant tests based on the vulnerabilities detected by the scan. You can easily customize the tests depending on your use case by defining domain-specific data slicers and transformers as fixtures of your test suites.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 7
    Kubesploit

    Kubesploit

    Kubesploit is a cross-platform post-exploitation HTTP/2 Command

    Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent dedicated for containerized environments written in Golang and built on top of Merlin project by Russel Van Tuyl. While researching Docker and Kubernetes, we noticed that most of the tools available today are aimed at passive scanning for vulnerabilities in the cluster, and there is a lack of more complex attack vector coverage. They might allow you to see the problem but not exploit it. It is...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 8
    ESP8266 Deauther Version 2

    ESP8266 Deauther Version 2

    Affordable WiFi hacking platform for testing and learning

    Scan for WiFi devices, block selected connections, create dozens of networks and confuse WiFi scanners! Version 3 is in development. It is stable to use, but it is very different. It is command-line based, which allows it to offer not just more features, but make them more customizable. This software allows you to easily perform a variety of actions to test 802.11 wireless networks by using an inexpensive ESP8266 WiFi SoC (System On A Chip). The main feature, the deauthentication attack...
    Downloads: 34 This Week
    Last Update:
    See Project
  • 9

    APIthet

    An Application to security test RESTful web APIs.

    APIthet is an application to security test RESTful web APIs. Assessing APIs help in detecting security vulnerabilities at an early stage of the SDLC. Compare this with assessing an Android application that uses APIs on a backend server. This kind of assessment happens at a much later phase of the SDLC. Even worse, it does not necessarily touch all the APIs. That's not all. You specify one of the JSON parameters as random. This helps set a unique value for a specific JSON parameter...
    Downloads: 1 This Week
    Last Update:
    See Project
  • Omnichannel contact center platform for enterprises. Icon
    Omnichannel contact center platform for enterprises.

    For Call centers or BPOs with a very high volume of calls

    Deliver a personalized customer experience with every interaction, across every channel, with uContact, net2phone’s cloud contact center solution.
    Learn More
  • 10

    BidBase

    BidBase is a Bridge Game Bidding Database system.

    BidBase is a DLL which can be added to any bridge related program and will make a bid based on a bridge hand, prior bids, vulnerability, and scoring type (MPs, IMPs) Any bidding system or convention can be entered by means of 60 fields for describing hand criteria for making an entry's bid. Accompanying programs include a bidding practice program, database editor, hand/bidding simulator, hand valuation program, and HTML/text file creator/viewer for creating and reading documentation files...
    Downloads: 1 This Week
    Last Update:
    See Project
  • 11
    Sagacity

    Sagacity

    Security Assessment Data Management and Analysis Tool

    We have migrated development of Sagacity to GitHub at https://github.com/cyberperspectives/sagacity Sagacity is a vulnerability assessment and STIG compliance data management tool designed to make security testing more efficient, effective and complete. Security assessments, especially those done for DoD and Federal organizations, produce tremendous amounts of scan and compliance data that security engineers must sort through and deconflict, identify untested requirements, and somehow...
    Downloads: 1 This Week
    Last Update:
    See Project
  • 12

    Owasp Zap Live CD

    Owasp Zap Live CD

    A live CD, live DVD, or live disc is a complete bootable computer installation including operating system which runs in a computer's memory.This live CD contains the Owasp Zap vulnerability test solution, the OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers*. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your...
    Downloads: 1 This Week
    Last Update:
    See Project
  • 13
    vbscan
    OWASP VBScan (short for [VB]ulletin Vulnerability [Scan]ner) is an opensource project in perl programming language to detect VBulletin CMS vulnerabilities and analyses them. Why VBScan ? If you want to do a penetration test on a vBulletin Forum, VBScan is Your best shot ever! This Project is being faster than ever and updated with the latest VBulletin vulnerabilities.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 14

    Openvas Raspberry

    Turnkey image for the Raspberry Pi running Openvas 7

    OpenVAS is an open source remote security vulnerability scanner, designed to search for networked devices and computers, discover accessible ports and services, and to test for vulnerabilities on any such ports; plugins allow for further expansion.
    Downloads: 1 This Week
    Last Update:
    See Project
  • 15

    L337 Scanner

    Vulnerability Scanner

    L337 Scanner is powerful vulnerability scanner.It has both community edition and professional edition. Community edition is free for all. Community edition has only sqli scanner. which means through community edition you can scan a target site for sql injection vulnerability or search google for sqli vulnerable site. Requirements : 1. Java 8 or higher (oracle recommanded) Rules : 1. Don't give trailing slash 2. Put link with protocol like http,https Test Example : 1. http...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 16
    BTS Pentesting Lab

    BTS Pentesting Lab

    BTS Pentesting Lab - a deliberately vulnerable Web application

    BTS PenTesting Lab is an open source vulnerable web application, created by Cyber Security & Privacy Foundation (www.cysecurity.org). It can be used to learn about many different types of web application vulnerabilities. Currently, the app contains the following types of vulnerabilities: *SQL Injection *XSS(includes Flash Based xss) *CSRF *Clickjacking *SSRF *File Inclusion * Code Execution *Insecure Direct Object Reference *Unrestricted File Upload vulnerability *Open URL...
    Downloads: 1 This Week
    Last Update:
    See Project
  • 17
    wavsep

    wavsep

    Web Application Vulnerability Scanner Evaluation Project

    A vulnerable web application designed to help assessing the features, quality and accuracy of web application vulnerability scanners. This evaluation platform contains a collection of unique vulnerable web pages that can be used to test the various properties of web application scanners. Visit WAVSEP homepage to learn more: https://code.google.com/p/wavsep/ The project includes the following test cases: Path Traversal/LFI: 816 test cases (GET & POST) Remote File Inclusion (XSS via...
    Leader badge
    Downloads: 14 This Week
    Last Update:
    See Project
  • 18
    HTTP Anti Flood/DoS Security Module

    HTTP Anti Flood/DoS Security Module

    Detect Flooder IPs, Reduce Attack Surface against HTTP Flood Attacks

    This module provides attack surface reduction enhancements against the HTTP Flood Attacks at the web application level. Massive crawling/scanning tools, HTTP Flood tools can be detected and blocked by this module via htaccess, firewall or iptables, etc. (like mod_evasive) You can use this module by including "iosec.php" to any PHP file which wants to be protected. You can test module here: http://www.iosec.org/test.php (demo) Watch the Proof of Concept video: http://goo.gl/dSiAL...
    Downloads: 4 This Week
    Last Update:
    See Project
  • 19

    CGIStress

    Script efficiency test

    Allows developers to assess the vulnerability of their software to malicious DoS attacks
    Downloads: 0 This Week
    Last Update:
    See Project
  • 20
    This is a "Lite" version of Kollapse. This utility is designed to test a web server for the Null Byte vulnerability. If a web server is vulnerable to the Null Byte attack a Denial of Service (DoS) results. This causes the web page to be unavailable.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 21
    This program was written to test (and protect) the vulnerability of the Windows 7 and Vista Operating System ( bsod / SMB2) . The code should not be used to damage machines with Windows System. The main objective of the project, is notify about problem.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 22
    Orizon is a framework intended to provide tools and facilities to test java sources for security flaws. The main goal is to detect common threats as described in Owasp top 10 vulnerability document.
    Leader badge
    Downloads: 3 This Week
    Last Update:
    See Project
  • 23
    Dranzer: ActiveX vulnerability discovery tool. CERT developed this open source tool so that software developers can test ActiveX controls for vulnerabilities before the software is released to the public.
    Downloads: 0 This Week
    Last Update:
    See Project
  • Previous
  • You're on page 1
  • Next