Search Results for "penetration testing os"
Sort By:
Showing 42 open source projects for "penetration testing os"
View related business solutions-
Full-stack observability with actually useful AI | Grafana CloudBuilt on open standards like Prometheus and OpenTelemetry, Grafana Cloud includes Kubernetes Monitoring, Application Observability, Incident Response, plus the AI-powered Grafana Assistant. Get started with our generous free tier today.
-
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
1
BeEF
The browser exploitation framework project
BeEF is short for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser. Amid growing concerns about web-borne attacks against clients, including mobile clients, BeEF allows the professional penetration tester to assess the actual security posture of a target environment by using client-side attack vectors. Unlike other security frameworks, BeEF looks past the hardened network perimeter and client system, and examines exploitability within the context of the one open door: the web browser. ... -
2
mitmproxy
A free and open source interactive HTTPS proxy
mitmproxy is an open source, interactive SSL/TLS-capable intercepting HTTP proxy, with a console interface fit for HTTP/1, HTTP/2, and WebSockets. It's the ideal tool for penetration testers and software developers, able to debug, test, and make privacy measurements. It can intercept, inspect, modify and replay web traffic, and can even prettify and decode a variety of message types. Its web-based interface mitmweb gives you a similar experience as Chrome's DevTools, with the addition of... -
3
Gobuster
Directory/File, DNS and VHost busting tool written in Go
Gobuster is a tool used to brute-force. This project is born out of the necessity to have something that didn't have a fat Java GUI (console FTW), something that did not do recursive brute force, something that allowed me to brute force folders and multiple extensions at once, something that compiled to native on multiple platforms, something that was faster than an interpreted script (such as Python), and something that didn't require a runtime. Provides several modes, like the classic... -
4
go-mitmproxy
mitmproxy implemented with golang
go-mitmproxy is a Golang implementation of mitmproxy that supports man-in-the-middle attacks and parsing, monitoring, and tampering with HTTP/HTTPS traffic. Parses HTTP/HTTPS traffic and displays traffic details via a web interface. Supports a plugin mechanism for easily extending functionality. Various event hooks can be found in the examples directory. HTTPS certificate handling is compatible with mitmproxy and stored in the ~/.mitmproxy folder. If the root certificate is already trusted... -
Try Google Cloud Risk-Free With $300 in CreditUse your credit across every product. Compute, storage, AI, analytics. When it runs out, 20+ products stay free. You only pay when you choose to.
-
5
Hoverfly
Lightweight service virtualization/ API simulation / API mocking tool
Hoverfly is a lightweight, open source API simulation tool. Using Hoverfly, you can create realistic simulations of the APIs your application depends on. Replace unreliable test systems and restrictive API sandboxes with high-performance simulations in seconds. Run on MacOS, Windows or Linux, or use native Java or Python language bindings to get started quickly. Simulate API latency or failure when required by writing custom scripts in the language of your choice. -
6
Retire.js
Scanner detecting the use of JavaScript libraries
...Scans visited sites for references to insecure libraries and puts warnings in the developer console. An icon on the address bar displays will also indicate if vulnerable libraries were loaded. Retire.js has been adapted as a plugin for the penetration testing tools Burp and OWASP ZAP. -
7
Proxyee
HTTP proxy server,support HTTPS & websocket
Proxyee is a JAVA-written HTTP proxy server library that supports HTTP, HTTPS, and WebSocket protocols, and supports MITM (Man-in-the-middle), which can capture and tamper with HTTP, and HTTPS packets. The CA certificate (src/resources/ca.crt) from the project needs to be imported to a trusted root certificate authority. The CA certificate (src/resources/ca.crt) from the project needs to be imported to a trusted root certificate authority. You can use the CertDownIntercept interceptor to... -
8
proxy.py
Utilize all available CPU cores for accepting new client connections
proxy.py is made with performance in mind. By default, proxy.py will try to utilize all available CPU cores to it for accepting new client connections. This is achieved by starting AcceptorPool which listens on configured server port. Then, AcceptorPool starts Acceptor processes (--num-acceptors) to accept incoming client connections. Alongside, if --threadless is enabled, ThreadlessPool is setup which starts Threadless processes (--num-workers) to handle the incoming client connections.... -
9
SSHGuard
Intelligently block brute-force attacks by aggregating system logs
SSHGuard protects hosts from brute-force attacks against SSH and other services. It aggregates system logs and blocks repeat offenders using several firewall backends, including iptables, ipfw, and pf. -
Go From AI Idea to AI App FastAccess Gemini 3 and 200+ models. Build chatbots, agents, or custom models with built-in monitoring and scaling.
-
10
CSZ CMS
CSZ CMS is a open source content management system. With Codeigniter.
CSZ CMS is an open source web application that allows to manage all content and settings on the websites. CSZ CMS was built on the basis of Codeigniter and design the structure of Bootstrap, this should make your website fully responsive with ease. CSZ CMS is based on the server side script language PHP and uses a MySQL or MariaDB database for data storage. CSZ CMS is open-source Content Management System. And all is free under the Astian Develop Public License (ADPL). -
11
pH7 Social Dating CMS (pH7Builder)❤️
🚀 Professional Social Dating Web App Builder (formerly pH7CMS)
pH7Builder is a Professional, Free & Open Source PHP Social Dating Builder Software (primarily designed for developers ...). This Social Dating Web App is fully coded in object-oriented PHP (OOP) with the MVC pattern (Model-View-Controller). It is low resource-intensive, extremely powerful and highly secure. pH7Builder is included with over 42 native modules and is based on its homemade pH7 Framework which includes more than 52 packages To summarize, pH7Builder Social Dating Script... -
12
Hetty
An HTTP toolkit for security research
Hetty is an HTTP toolkit for security research. It aims to become an open-source alternative to commercial software like Burp Suite Pro, with powerful features tailored to the needs of the infosec and bug bounty communities. Machine-in-the-middle (MITM) HTTP proxy, with logs and advanced search. HTTP client for manually creating/editing requests, and replay proxied requests. Intercept requests and responses for manual review (edit, send/receive, cancel) Scope support, to help keep work... -
13
GoSpider
Gospider - Fast web spider written in Go
GoSpider - Fast web spider written in Go. Fast web crawling. Brute force and parse sitemap.xml. Parse robots.txt. Generate and verify link from JavaScript files. Link Finder. Find AWS-S3 from response source. Find subdomains from the response source. Get URLs from Wayback Machine, Common Crawl, Virus Total, Alien Vault. Format output easy to Grep. Support Burp input. Crawl multiple sites in parallel. -
14
NPS
Lightweight, high-performance, powerful intranet penetration proxy
NPS is a lightweight, high-performance, powerful intranet penetration proxy server, with a powerful web management terminal. Comprehensive protocol support, compatible with almost all commonly used protocols, such as tcp, udp, http(s), socks5, p2p, http proxy. Full platform compatibility (linux, windows, macos, Synology, etc.), support installation as a system service simply. Comprehensive control, both client and server control are allowed. Https integration, support to convert backend... -
15
Tamper Dev
Extension that allows you to intercept and edit HTTP/HTTPS requests
If you are a developer, you can use Tamper Dev to debug your websites, or if you are a pentester, you can use it to search for security vulnerabilities by inspecting the HTTP traffic from your browser. Unlike most other extensions, Tamper Dev allows you to intercept, inspect and modify the requests before they are sent to the server. This extension provides functionality similar to Burp Proxy, MITM Proxy, OWASP ZAP, Tamper Data, and Postman Proxy, but without the need of additional software,... -
16
CloudBrute
Awesome cloud enumerator
A tool to find a company (target) infrastructure, files, and apps on the top cloud providers (Amazon, Google, Microsoft, DigitalOcean, Alibaba, Vultr, Linode). The outcome is useful for bug bounty hunters, red teamers, and penetration testers alike. While working on HunterSuite, and as part of the job, we are always thinking of something we can automate to make black-box security testing easier. We discussed this idea of creating a multiple platform cloud brute-force hunter.mainly to find open buckets, apps, and databases hosted on the clouds and possibly app behind proxy servers. ... -
17
Proxenet
The ONLY hacker friendly proxy for webapp pentests
Proxenet is a hacker-friendly, DIY web proxy designed for web application penetration testing. Written in C, it allows interaction with higher-level languages like Python and Ruby for on-the-fly modification of HTTP requests and responses. -
18
PhantomJS
Scriptable Headless Browser
PhantomJS is a now-discontinued, headless WebKit-based browser scriptable with JavaScript, useful for automating web tasks such as UI testing, screen capture, page automation, and network monitoring. Multiplatform, available on major operating systems: Windows, Mac OS X, Linux, and other Unices. Fast and native implementation of web standards: DOM, CSS, JavaScript, Canvas, and SVG. Pure headless (no X11) on Linux, ideal for continuous integration systems. Also runs on Amazon EC2, Heroku, and Iron.io. ... -
19
OSCAR - DOCSIS
OSCAR - OpenSource Cablemodem file AssembleR - DOCSIS
OSCAR is a Java-based CableLabs® Configuration File Builder API for DOCSIS®, PacketCable™, DPoE™, and DPoG™ Report Issues: https://github.com/Comcast/Oscar/issues Github Wiki: https://github.com/Comcast/Oscar/wiki -
20
Penetration-Testing-Toolkit v1.0
A web interface for various penetration testing tools
Penetration-Testing-Toolkit is a web based project to automate Scanning a network,Exploring CMS, Generating Undectable metasploit payload, DNS-Queries, IP related informations, Information Gathering, Domain related info etc -
21
Penbang
Penetration Testing Collection for crunchbang[Openbox(Debian)]
Version 0.5 is available. How to update: http://penbang.sysbase.org/install_tools/0.5/Readme.txt Penbang has been tested on crunchbang Penbang is a collection of tools aimed at the openbox environment. It includes Network Exploits, Vulnerability Assessment/Exploits, Network Analysis, Social Engineering tools, I.G.C, dsniff suite, and irpas. As well as a simple way of launching them. *machinebacon of LinuxBBQ has made a fine distribution out of penbang.... -
22
PyLoris
A protocol agnostic application layer denial of service attack.
PyLoris is a scriptable tool for testing a server's vulnerability to connection exhaustion denial of service (DoS) attacks. PyLoris can utilize SOCKS proxies and SSL connections, and can target protocols such as HTTP, FTP, SMTP, IMAP, and Telnet. -
23
Django Live OS
Django Live OS for building webapps using Django and MongoDB.
This is Django Live, a live CD based on Debian stable, Squeeze 6/Lenny 5 that enables to setup/host/test Django apps with ease. No worrys of how to install Apache/Python/MySQL/Django..just fill it, shut it, and go on..LAMP made easy :) -
24
Elemata CMS
Elemata is an open source content management system.
Elemata is a free content management for personal use and commercial use at the moments. Elemata will provide you with the best CMS experience. Learn how to turn any html/css document into a theme at elematacms.com -
25
Secure user authentication system
A really secure user authentication system in PHP and MySQL.
