Search Results for "pen testing tools"
Sort By:
Showing 45 open source projects for "pen testing tools"
View related business solutions-
Ship Agents FasterGemini Enterprise Agent Platform lets you rapidly build, scale, govern and optimize production-ready agents grounded in your organization's data. The platform enables developers to build custom or pre-built agents for virtually any use case. New customers get $300 in free credits.
-
$300 Free Credits for Your Google Cloud ProjectsLaunch your next project with $300 in free Google Cloud credits—no strings attached. Test, build, and deploy without risk. Use your credits across the entire Google Cloud platform to find what works best for your needs. After your credits are used, continue with always-free tier services. Only pay when you're ready to scale. Sign up in minutes and start exploring.
-
1
Retire.js
Scanner detecting the use of JavaScript libraries
...Scans visited sites for references to insecure libraries and puts warnings in the developer console. An icon on the address bar displays will also indicate if vulnerable libraries were loaded. Retire.js has been adapted as a plugin for the penetration testing tools Burp and OWASP ZAP. -
2
HTTPie Desktop
Cross-platform API testing client for humans
HTTPie Desktop is a graphical API client built on top of the popular HTTPie terminal tool, offering a user-friendly interface for testing and interacting with APIs. It combines the simplicity of HTTPie’s CLI with a modern desktop and web UI for a more visual workflow. Developers can easily build, send, and preview HTTP requests without needing to memorize commands or write scripts. The platform supports organizing work into spaces, collections, and tabs, making it ideal for managing multiple... -
3
UI.Vision RPA
Open-Source RPA Software (formerly Kantu)
The UI Vision RPA software is the tool for visual process automation, codeless UI test automation, web scraping and screen scraping. Automate tasks on Windows, Mac and Linux. The UI Vision RPA core is open-source with enterprise security. The free and open-source browser extension can be extended with local apps for desktop UI automation. UI.Vision RPA's computer-vision visual UI testing commands allow you to write automated visual tests with UI.Vision RPA - this makes UI.Vision RPA the... -
4
APIAuto
The most advanced tool for HTTP API
The most powerful and easy-to-use HTTP interface tool for agile development, machine learning zero-code testing, code generation and static inspection, document generation and cursor suspension comments. A one-stop experience integrating documentation, testing, mocking, debugging, and management, as well as efficient and easy-to-use shortcut keys such as one-key formatting, commenting/uncommenting, etc. In terms of common functions, it far exceeds Postman, Swagger, YApi and other open-source and commercial API documentation/testing tools, and can import use cases and documents with one click. ... -
Compliant and Reliable File Transfers Backed by Top Security CertificationsStop relying on non-certified, legacy file transfer tools that creak under the weight of modern security demands. Get full audit trails, advanced access controls and more supported by an award-winning team of experts. Start your free 25-day trial today.
-
5
PostHog
PostHog provides open-source web & product analytics
PostHog is an all‑in‑one open‑source platform for product and web analytics—offering event-based analytics, session recording, feature flagging, A/B testing, cohorts, and more—that you can self‑host, with full support for data privacy and enterprise compliance. Sync data from external tools like Stripe, Hubspot, your data warehouse, and more. Query it alongside your product data. Run custom filters and transformations on your incoming data. Send it to 25+ tools or any webhook in real time or batch export large amounts to your warehouse. ... -
6
EMAGNET
Automated hacking tool to find leaked databases with 97.1% accuracy
Automated hacking tool that will find leaked databases with 97.1% accurate to grab mail + password. Before using Emagnet, please remember that with great power comes great responsibility. Pastebin patched the vulnerability I previously used in order to get recent uploads, so at the moment it is not possible to get recently uploaded files, you are now limited to all syntaxes exempt the default one (95% get's uploaded as 'text' and this is removed from all recent upload lists). Bruteforce... -
7
CloakBrowser
Stealth Chromium that passes every bot detection test
...It also supports isolated browser profiles with configurable fingerprints, making it useful for testing, automation research, scraping, QA, and multi-profile browser environments. The ecosystem includes a self-hosted browser profile manager that functions as an open-source alternative to commercial anti-detect browsers. -
8
Cuprite
Headless Chrome/Chromium driver for Capybara
Cuprite is a Ruby driver for the Capybara testing framework that allows developers to automate browsers using the Chrome DevTools Protocol instead of traditional WebDriver-based tools. It is built on top of the Ferrum library and provides a modern approach to browser automation that removes the need for Selenium or external browser drivers. By communicating directly with Chromium-based browsers through the DevTools protocol, Cuprite enables faster and more reliable browser automation for testing and scraping tasks. ... -
9
Proxifly Free Proxy List
Free HTTP, SOCKS4, & SOCKS5 Proxy List * Updated every 5 minutes
...The repository separates proxy data by protocol and provides the lists in multiple file formats. Its main value is freshness, since the list is updated every few minutes and removes duplicates. It can be useful for testing network tools, validating proxy support, research, or controlled development environments. Because free proxies can be unreliable or unsafe, users should avoid sending sensitive data through them and should follow applicable laws and service rules. -
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
10
ciao
HTTP checks & tests (private & public) monitoring
HTTP checks & tests (private & public) monitoring - check the status of your URL. ciao checks HTTP(S) URL endpoints for a HTTP status code (or errors on the lower TCP stack) and sends a notification on status change via E-Mail or Webhooks. It uses Cron syntax to schedule the checks and comes along with a Web UI and a RESTful JSON API. Create an open-source web application for checking URL statuses with a UI and a REST API which is easy to install and maintain (no external dependencies like... -
11
LocalStack
Develop and test your cloud apps offline
LocalStack is a fully functional local AWS cloud stack that enables you to develop and test your cloud and serverless apps offline. It spins up an easy-to-use testing environment on your local machine that has the same APIs and works the same way as the real AWS cloud environment. It can spin up a number of different core Cloud APIs on your local machine, including API Gateway, Kinesis, DynamoDB, Firehose, Lambda and many others. LocalStack was built on some of today’s best-of-breed mocking/testing tools, combining them and making them interoperable, and adding important functionality such as error injection and pluggable services. ... -
12
Lightpanda Browser
Lightpanda: the headless browser designed for AI and automation
Lightpanda is an open-source headless browser designed specifically for automation, artificial intelligence workflows, and large-scale web interaction tasks. Unlike traditional browsers that include full graphical rendering engines meant for human users, Lightpanda is built from scratch to operate entirely in headless mode, focusing only on the components required for programmatic web interaction. This design allows it to execute JavaScript and interact with web pages while avoiding the... -
13
Niquests
Drop-in replacement for Requests. Automatic HTTP/1.1, HTTP/2, and HTTP
Niquests is a modern Python HTTP client designed as a drop-in replacement for Requests. It keeps the familiar Requests-style API while adding newer protocol support that the original library does not prioritize. The library can automatically work across HTTP/1.1, HTTP/2, and HTTP/3, and it also includes WebSocket and Server-Sent Events support. Niquests provides both synchronous and asynchronous usage patterns, making it suitable for scripts, backend services, crawlers, API clients, and... -
14
AWS SAM CLI
CLI tool to build, test, debug, and deploy Serverless applications
The AWS Serverless Application Model (SAM) CLI is an open-source CLI tool that helps you develop serverless applications containing Lambda functions, Step Functions, API Gateway, EventBridge, SQS, SNS and more. The AWS Serverless Application Model (SAM) is an open-source framework for building serverless applications. It provides shorthand syntax to express functions, APIs, databases, and event source mappings. With just a few lines per resource, you can define the application you want and... -
15
HeadlessX
The undetected self-hosted browser automation platform
HeadlessX is an open-source, self-hosted browser automation platform designed to run headless browsers for tasks such as web scraping, automation, and testing. The system provides a centralized service that allows developers to programmatically control browser sessions and extract data from websites through a structured API. It is built using modern technologies including Node.js, Next.js, TypeScript, and Playwright, and uses a specialized browser engine called Camoufox based on Firefox. One... -
16
jprq
join public router. quickly
jprq is an open-source tunneling tool for exposing local servers to the public internet. It is designed as a developer-friendly alternative to hosted tunneling platforms, making it useful for testing webhooks, APIs, websites, SSH, and other TCP-based services. The tool can publish a local port through a public address so external users or services can reach something running on a developer’s machine. It supports HTTP and general TCP use cases, which makes it more flexible than tools focused only on local web previews. jprq includes command-line workflows and installation options for multiple operating systems. ... -
17
Webdis
A Redis HTTP interface with JSON output
...It receives HTTP requests, forwards the corresponding commands to Redis, and returns the response in a web-friendly format such as JSON or plain text. This makes it useful when applications, scripts, dashboards, or browser-based tools need controlled access to Redis without using a native Redis client. Webdis is written in C and built with libraries such as hiredis, jansson, libevent, and http-parser. It can be deployed next to Redis in containerized environments and supports simple URL-based command execution. The project is best suited for technical users who need a compact Redis bridge for internal tooling, testing, demos, or lightweight service integration. -
18
Ulixee Hero
The web browser built for scraping
It's the first modern headless browsers designed specifically for scraping instead of just automated testing. Hero provides access to the W3C DOM specification without the need for Puppeteer's complicated evaluate callbacks and multi-context switching. We've recreated a fully compliant DOM directly in NodeJS allowing you bypass the headaches of previous scraper tools. The powerful Chrome engine sits under the hood, allowing for lightning fast rendering. -
19
Pingtunnel
Pingtunnel is a tool that send TCP/UDP traffic over ICMP
Pingtunnel is a Go-based tunneling tool that sends TCP and UDP traffic over ICMP. It is designed for experimental, research, and network-study scenarios where ICMP transport is being explored as an alternative path for traffic forwarding. The project uses a client and server model, with the server typically requiring a publicly reachable host. It can carry application traffic through ICMP echo-style communication, which makes it distinct from common TCP, UDP, HTTP, or DNS tunnel tools.... -
20
Surmon.me
Personal website and blog
...The platform is not just a static blog but part of a modular architecture that includes an admin dashboard, a mobile app, and even AI-assisted features, all designed to work together cohesively. The frontend is built using modern tools such as Vite, TypeScript, and state management libraries, enabling scalability and maintainability. It also incorporates automation workflows through CI/CD pipelines that handle building, testing, and deployment processes. -
21
Geziyor
Blazing fast Go framework for web crawling and data scraping tasks
...It focuses on speed and scalability, allowing large numbers of requests to be processed concurrently. Geziyor supports use cases such as data mining, monitoring web content, and automated testing workflows. It provides a flexible architecture where developers define parsing functions that process responses and extract the desired data. Geziyor includes features for managing requests, handling cookies, respecting robots rules, and exporting collected data in multiple formats. With built-in tools for caching, metrics collection, and proxy management, it enables developers to build robust and customizable scraping systems using Go. -
22
eslint-plugin-jsx-a11y
Static AST checker for a11y rules on JSX elements
...This plugin does a static evaluation of the JSX to spot accessibility issues in React apps. Because it only catches errors in static code, use it in combination with axe-core/react to test the accessibility of the rendered DOM. Consider these tools just as one step of a larger a11y testing process and always test your apps with assistive technology. If you installed ESLint globally (using the -g flag in npm, or the global prefix in yarn) then you must also install eslint-plugin-jsx-a11y globally. To enable your custom components to be checked as DOM elements, you can set global settings in your configuration file by mapping each custom component name to a DOM element type. ... -
23
tcpreplay
edit and replay captured network traffic
tcpreplay is a suite of tools to edit and replay captured network traffic. -
24
CSZ CMS
CSZ CMS is a open source content management system. With Codeigniter.
CSZ CMS is an open source web application that allows to manage all content and settings on the websites. CSZ CMS was built on the basis of Codeigniter and design the structure of Bootstrap, this should make your website fully responsive with ease. CSZ CMS is based on the server side script language PHP and uses a MySQL or MariaDB database for data storage. CSZ CMS is open-source Content Management System. And all is free under the Astian Develop Public License (ADPL). -
25
pH7 Social Dating CMS (pH7Builder)❤️
🚀 Professional Social Dating Web App Builder (formerly pH7CMS)
pH7Builder is a Professional, Free & Open Source PHP Social Dating Builder Software (primarily designed for developers ...). This Social Dating Web App is fully coded in object-oriented PHP (OOP) with the MVC pattern (Model-View-Controller). It is low resource-intensive, extremely powerful and highly secure. pH7Builder is included with over 42 native modules and is based on its homemade pH7 Framework which includes more than 52 packages To summarize, pH7Builder Social Dating Script...
