Search Results for "penetration testing tools"
Sort By:
Showing 80 open source projects for "penetration testing tools"
View related business solutions-
Try Google Cloud Risk-Free With $300 in CreditUse your credit across every product. Compute, storage, AI, analytics. When it runs out, 20+ products stay free. You only pay when you choose to.
-
Gemini 3 and 200+ AI Models on One PlatformBuild generative AI apps with Vertex AI. Switch between models without switching platforms.
-
1
BeEF
The browser exploitation framework project
BeEF is short for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser. Amid growing concerns about web-borne attacks against clients, including mobile clients, BeEF allows the professional penetration tester to assess the actual security posture of a target environment by using client-side attack vectors. Unlike other security frameworks, BeEF looks past the hardened network perimeter and client system, and examines exploitability within the context of the one open door: the web browser. ... -
2
Pacu
The AWS exploitation framework, designed for testing security
Pacu (named after a type of Piranha in the Amazon) is a comprehensive AWS security-testing toolkit designed for offensive security practitioners. While several AWS security scanners currently serve as the proverbial “Nessus” of the cloud, Pacu is designed to be the Metasploit equivalent. Written in Python 3 with a modular architecture, Pacu has tools for every step of the pen testing process, covering the full cyber kill chain. -
3
Atlantis iOS
A lightweight and powerful iOS framework for intercepting HTTP/HTTPS
Don't let cumbersome web debugging tools hold you back. With Proxyman's native macOS app, you can capture, inspect, and manipulate HTTP(s) traffic with ease. Intuitive, thoughtful, and built with meticulous attention to detail. Dive into the network level to diagnose and fix problems with reliable and powerful tools. Proxyman acts as a man-in-the-middle server that captures the traffic between your applications and SSL Web Server. With a built-in macOS setup, so you can inspect your... -
4
PoshC2
C2 framework used to aid red teamers with post-exploitation
PoshC2 is a proxy-aware C2 framework used to aid penetration testers with red teaming, post-exploitation and lateral movement. PoshC2 is primarily written in Python3 and follows a modular format to enable users to add their own modules and tools, allowing an extendible and flexible C2 framework. Out-of-the-box PoshC2 comes PowerShell/C# and Python2/Python3 implants with payloads written in PowerShell v2 and v4, C++ and C# source code, a variety of executables, DLLs and raw shellcode in addition to a Python2/Python3 payload. ... -
Fully Managed MySQL, PostgreSQL, and SQL ServerCloud SQL handles your database ops end to end, so you can focus on your app.
-
5
Themis
Easy to use cryptographic framework for data protection
Cross-platform high-level cryptographic library. Themis helps to build simple and complex cryptographic features easily, quickly, and securely. It’s a perfect fit for multi-platform apps. Themis hides cryptographic details and eliminates popular mistakes. Themis provides ready-made building blocks (“cryptosystems”) for secure data storage, message exchange, socket connections, and authentication. Secure Cell is a multi-mode cryptographic container suitable for storing anything from encrypted... -
6
node-rate-limiter-flexible
Count and limit requests by key with atomic increments
rate-limiter-flexible counts and limits number of actions by key and protects from DDoS and brute force attacks at any scale. It works with Redis, process Memory, Cluster or PM2, Memcached, MongoDB, MySQL, PostgreSQL and allows to control of requests rate in single process or distributed environment. All operations in memory or distributed environments use atomic increments against race conditions. Combine limiters, block key for some duration, delay actions, manage failover with insurance... -
7
Terratest
Go library that makes it easier to write automated tests
Terratest is a Go library that provides patterns and helper functions for testing infrastructure, with 1st-class support for Terraform, Packer, Docker, Kubernetes, AWS, GCP, and more. Create a file ending in _test.go and run tests with the go test command. E.g., go test my_test.go. Use Terratest to execute your real IaC tools (e.g., Terraform, Packer, etc.) to deploy real infrastructure (e.g., servers) in a real environment (e.g., AWS). -
8
Brownie
A Python-based development and testing framework for smart contracts
Brownie is a Python-based development and testing framework for smart contracts targeting the Ethereum Virtual Machine. Powerful debugging tools, including python-style tracebacks and custom error strings. The recommended way to install Brownie is via pipx. pipx installs Brownie into a virtual environment and makes it available directly from the command-line. Once installed, you will never have to activate a virtual environment prior to using Brownie. -
9
CodeceptJS
Supercharged End 2 End Testing Framework for NodeJS
CodeceptJS is a modern end-to-end testing framework for Node.js applications, enabling developers to write tests in a behavior-driven development (BDD) style with an emphasis on simplicity and readability. -
AI-generated apps that pass security reviewRetool lets you generate dashboards, admin panels, and workflows directly on your data. Type something like “Build me a revenue dashboard on my Stripe data” and get a working app with security, permissions, and compliance built in from day one. Whether on our cloud or self-hosted, create the internal software your team needs without compromising enterprise standards or control.
-
10
testkube
Kubernetes-native testing framework for test execution
Welcome to Testkube - Your friendly cloud-native testing framework for Kubernetes. Testkube natively integrates test orchestration and execution into Kubernetes and your CI/CD/GitOps pipeline. It decouples test artifacts and execution from CI/CD tooling; tests are meant to be part of your cluster's state and can be executed as needed. Out-of-the-box integrations with all popular testing tools and CI/CD systems mean no custom scripts are required to orchestrate your tests from any CI/CD/GitOps pipeline. ... -
11
testng
TestNG testing framework
TestNG is a testing framework inspired from JUnit and NUnit but introduces some new functionalities that make it more powerful and easier to use. Run your tests in arbitrarily big thread pools with various policies available (all methods in their own thread, one thread per test class, etc...). -
12
golem
A Framework for Building Robust Shiny Apps
golem is an opinionated framework for developing production-grade Shiny applications in R, treating the app like a full R package. It scaffolds project structure, testing, documentation, CI/CD, and supports containerization—streamlining the build-to-deploy pipeline while enforcing clean architecture and maintainability. -
13
Infection
PHP Mutation Testing library
Infection is a PHP mutation testing framework used to evaluate the quality and effectiveness of test suites. It works by introducing small changes (mutations) into the codebase and checking whether the existing tests catch them. If a mutation passes undetected, it suggests that the tests may be insufficient. Infection integrates with PHPUnit and helps developers strengthen their test coverage and logic. -
14
Spock Framework
The Enterprise-ready testing and specification framework
Spock is a testing and specification framework for Java and Groovy applications. What makes it stand out from the crowd is its beautiful and highly expressive specification language. Thanks to its JUnit runner, Spock is compatible with most IDEs, build tools, and continuous integration servers. Spock is inspired from JUnit, RSpec, jMock, Mockito, Groovy, Scala, Vulcans, and other fascinating life forms. -
15
F´
A flight software and embedded systems framework
F´ (or F Prime) is a software framework for the rapid development and deployment of embedded systems and spaceflight applications. Originally developed at NASA’s Jet Propulsion Laboratory, F´ is open-source software that has been successfully deployed for several space applications. It has been used for but is not limited to, CubeSats, SmallSats, instruments, and deployable. Component architecture with well-defined interfaces. To develop applications with F´, the following requirements of... -
16
drozer
The Leading Security Assessment Framework for Android
drozer (formerly Mercury) is the leading security testing framework for Android. drozer allows you to search for security vulnerabilities in apps and devices by assuming the role of an app and interacting with the Dalvik VM, other apps' IPC endpoints and the underlying OS. drozer provides tools to help you use, share and understand public Android exploits. It helps you to deploy a drozer Agent to a device through exploitation or social engineering. -
17
LocalStack
Develop and test your cloud apps offline
LocalStack is a fully functional local AWS cloud stack that enables you to develop and test your cloud and serverless apps offline. It spins up an easy-to-use testing environment on your local machine that has the same APIs and works the same way as the real AWS cloud environment. It can spin up a number of different core Cloud APIs on your local machine, including API Gateway, Kinesis, DynamoDB, Firehose, Lambda and many others. LocalStack was built on some of today’s best-of-breed mocking/testing tools, combining them and making them interoperable, and adding important functionality such as error injection and pluggable services. ... -
18
Laravel Installer
The Laravel application installer
...Laravel strives to provide an amazing developer experience while providing powerful features such as thorough dependency injection, an expressive database abstraction layer, queues, and scheduled jobs, unit and integration testing, and more. There are a variety of tools and frameworks available to you when building a web application. However, we believe Laravel is the best choice for building modern, full-stack web applications. Before creating your first Laravel project, make sure that your local machine has PHP and Composer installed. If you are developing on macOS or Windows, PHP and Composer can be installed in minutes via Laravel Herd. ... -
19
Robot Framework
Generic automation framework for acceptance testing and RPA
Robot Framework is a generic open source automation framework. It can be used for test automation and robotic process automation (RPA). Robot Framework is supported by Robot Framework Foundation. Many industry-leading companies use the tool in their software development. Robot Framework is open and extensible. Robot Framework can be integrated with virtually any other tool to create powerful and flexible automation solutions. Robot Framework is free to use without licensing costs. Robot... -
20
oclif
Node.js Open CLI Framework. Built by Salesforce.
...With oclif you can build command-line tools for your business, open-source project, or your own development workflow. -
21
Foal
Full-featured Node.js framework, with no complexity
It provides a set of ready-to-use components so you don't have to reinvent the wheel every time. In one single place, you have a complete environment to build web applications. This includes a CLI, testing tools, frontend utilities, scripts, advanced authentication, ORM, deployment environments, GraphQL and Swagger API, AWS utilities, and more. You no longer need to get lost on npm searching for packages and making them work together. All is provided. But while offering all these features, the framework remains simple. Complexity and unnecessary abstractions are put aside to provide the most intuitive and expressive syntax. ... -
22
Django
The Web framework for perfectionists with deadlines
Django is a high-level, free and open-source Python web framework founded on the Model–Template–View (MTV) pattern, designed to facilitate rapid development of secure, maintainable, and scalable database-driven websites. First, read docs/intro/install.txt for instructions on installing Django. Next, work through the tutorials in order (docs/intro/tutorial01.txt, docs/intro/tutorial02.txt, etc.). If you want to set up an actual deployment server, read docs/howto/deployment/index.txt for... -
23
tapjs
Test Anything Protocol tools for node
Workspace for node-tap development. The API is simple but powerful. t.test() and a few assertions are all you really need. Everything is statically typed, so your editor can tell you what's available. Remember less, just write some tests. An easily extensible TAP test framework, with outstanding TypeScript support, a CLI, plenty of assertion methods, snapshots, object/method spies, module mocking, file system fixtures, lifecycle hooks, test filtering, comprehensive code coverage analysis,... -
24
Play Framework
A high velocity web framework
Play Framework makes it easy to build web applications with Java & Scala. The Play Framework combines productivity and performance making it easy to build scalable web applications with Java and Scala. Play is developer friendly with a "just hit refresh" workflow and built-in testing support. With Play, applications scale predictably due to a stateless and non-blocking architecture. By being RESTful by default, including assets compilers, JSON & WebSocket support, Play is a perfect fit for... -
25
Mojolicious (Mojo)
Perl real-time web framework
...Developers can start small with Mojolicious::Lite, a concise DSL for single-file apps, then grow into a full MVC structure with controllers, plugins, and reusable components. The framework emphasizes developer ergonomics: hot-reloading dev server, powerful testing tools, and a consistent Mojo:: ecosystem for clients, servers, and utilities. Production deployment is first-class too, with the Hypnotoad server offering preforking and zero-downtime restarts. By blending an approachable API with serious performance features, Mojolicious enables everything from tiny services to feature-rich, real-time applications.
