Open Source Penetration Testing Tools - Page 3
Sort By:
Penetration Testing Tools
View 131 business solutions-
Enterprise-grade ITSM, for every businessFreshservice is an intuitive, AI-powered platform that helps IT, operations, and business teams deliver exceptional service without the usual complexity. Automate repetitive tasks, resolve issues faster, and provide seamless support across the organization. From managing incidents and assets to driving smarter decisions, Freshservice makes it easy to stay efficient and scale with confidence.
-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
1
Matriux is a GNU/Linux, Debian based security distribution designed for penetration testing and cyber forensic investigations. It is a distribution designed for security enthusiasts and professionals, can also be used normally as your default OS.
-
2
Web Security Dojo
Virtual training environment to learn web app ethical hacking.
Web Security Dojo is a virtual machine that provides the tools, targets, and documentation to learn and practice web application security testing. A preconfigured, stand-alone training environment ideal for classroom and conferences. No Internet required to use. Ideal for those interested in getting hands-on practice for ethical hacking, penetration testing, bug bounties, and capture the flag (CTF). A single OVA file will import into VirtualBox and VMware. There is also an Ansible script for those brave souls that want transform their stock Ubuntu into a virtual dojo. Bow to your sensei! username: dojo password: dojo -
3
ZipUnlocker2025
Zip Unlocker WinZip/WinRAR Password Unlocker
This WinZip/WinRAR Password Unlocker is a powerful and efficient tool designed to help users recover lost or forgotten passwords for their password-protected ZIP and RAR files. Whether you're dealing with important compressed files or simply can't access your archive, this password unlocker can assist in restoring your access. With its easy-to-use interface and fast recovery process, the program supports multiple attack methods, such as brute-force and dictionary attacks, to quickly guess and recover the correct password. https://zipunlocker.com/ -
4
EMAGNET
Automated hacking tool to find leaked databases with 97.1% accuracy
Automated hacking tool that will find leaked databases with 97.1% accurate to grab mail + password. Before using Emagnet, please remember that with great power comes great responsibility. Pastebin patched the vulnerability I previously used in order to get recent uploads, so at the moment it is not possible to get recently uploaded files, you are now limited to all syntaxes exempt the default one (95% get's uploaded as 'text' and this is removed from all recent upload lists). Bruteforce support for Spotify accounts, Instagram accounts, ssh servers, Microsoft RDP clients and Gmail accounts. Emagnet is a very powerful tool for capturing email addresses and passwords from leaked databases uploaded on Pastebin. It's almost impossible to find leaked passwords after they're removed from the list on pastebin.com. Either they have been deleted by Pastebin's techs or the upload is just one in the crowd. -
$300 in Free Credit Towards Top Cloud ServicesStart your project in minutes. After credits run out, 20+ products include free monthly usage. Only pay when you're ready to scale.
-
5
RouterSploit
Exploitation Framework for Embedded Devices
RouterSploit is an open-source exploitation framework focused on embedded devices such as routers, cameras, and IoT gadgets. It offers modules for exploits, scanners, and credentials testing, making it a valuable tool for security professionals and researchers. Inspired by Metasploit, it provides a CLI for executing attacks, testing device vulnerabilities, and simulating real-world exploitation scenarios in a legal and ethical manner. -
6
proxy.py
Utilize all available CPU cores for accepting new client connections
proxy.py is made with performance in mind. By default, proxy.py will try to utilize all available CPU cores to it for accepting new client connections. This is achieved by starting AcceptorPool which listens on configured server port. Then, AcceptorPool starts Acceptor processes (--num-acceptors) to accept incoming client connections. Alongside, if --threadless is enabled, ThreadlessPool is setup which starts Threadless processes (--num-workers) to handle the incoming client connections. Each Acceptor process delegates the accepted client connection to a threadless process via Work class. Currently, HttpProtocolHandler is the default work class. HttpProtocolHandler simply assumes that incoming clients will follow HTTP specification. Specific HTTP proxy and HTTP server implementations are written as plugins of HttpProtocolHandler. -
7
Echo Mirage
Hook into application processes and monitor network interactions
Echo Mirage is a powerful network proxy tool designed for cybersecurity professionals focusing on penetration testing of thick client applications. It intercepts and modifies network traffic by injecting itself into target application processes, enabling deep inspection and manipulation of data exchanged between client and server. Unlike typical web proxies, Echo Mirage specializes in local application traffic, including encrypted sessions, providing unique visibility into thick client communications. It employs advanced techniques such as DLL injection and function hooking to capture network interactions effectively. This capability makes it invaluable for security testers analyzing complex client-server interactions to uncover vulnerabilities. Echo Mirage aids in thorough security analysis by allowing testers to identify potential weaknesses and simulate attacks on application communication. -
8
TrojanCockroach
A Stealthy Trojan Spyware
This program is a Trojan Virus that steals data (ID, password; every key stroke) from PC (Windows XP or later) and emails it back to the host. It spreads among PCs through USB drives. It is almost undetectable to any antivirus software. -
9
CrackMapExec
A swiss army knife for pentesting networks
CrackMapExec (CME) is a versatile post-exploitation and enumeration tool designed for pentesters and red teams to assess Active Directory environments. It supports credential spraying, command execution, file transfers, and module-based extensions across SMB, RDP, LDAP, and other protocols. CME provides automation and insight into Windows networks and is commonly used during lateral movement and domain enumeration phases. -
8 Monitoring Tools in One APM. Install in 5 Minutes.AppSignal works out of the box for Ruby, Elixir, Node.js, Python, and more. 30-day free trial, no credit card required.
-
10
Merlin HTTP/2
Merlin is a cross-platform post-exploitation HTTP/2 Command
Merlin is a cross-platform post-exploitation Command & Control server and agent written in Go. The Merlin server is a self-contained command line program that requires no installation. You just simply download it and run it. The command-line interface only works great if it will be used by a single operator at a time. The Merlin agent can be controlled through Mythic, which features a web-based user interface that enables multiplayer support, and a slew of other features inherent to the project. -
11
SSHGuard
Intelligently block brute-force attacks by aggregating system logs
SSHGuard protects hosts from brute-force attacks against SSH and other services. It aggregates system logs and blocks repeat offenders using several firewall backends, including iptables, ipfw, and pf. -
12
keygen
keygen key generator keygenerator brute force
keygen is an administration/security/penetration tool. keygen is an brute force key generator. This can help you to generate mass passwords or password-lists or combine with other security tools. Complete in c, very fast. -
13
OMEN
OMEN: Ordered Markov ENumerator - Password Guesser
OMEN is a Markov model-based password guesser written in C. It generates password candidates according to their occurrence probabilities, i.e., it outputs most likely passwords first. OMEN significantly improves guessing speed over existing proposals. If you are interested in the details on how OMEN improves on existing Markov model-based password guessing approaches, please refer to OMEN: Faster Password Guessing Using an Ordered Markov Enumerator. OMEN consists of two separate program modules: createNG and enumNG. createNG calculates n-gram probabilities based on a given list of passwords and stores them on the hard disk. Based on these probabilities enumNG enumerates new passwords in the correct order (descending). Before one can generate any passwords, the n-gram probabilities have to be estimated using createNG. To calculate the probabilities using the default settings, createNG must be called giving a path to a password list that should be trained. -
14
WiFi-Pumpkin
WiFi-Pumpkin - Framework for Rogue Wi-Fi Access Point Attack
The WiFi-Pumpkin is a rogue AP framework to easily create these fake networks, all while forwarding legitimate traffic to and from the unsuspecting target. It comes stuffed with features, including rogue Wi-Fi access points, deauth attacks on client APs, a probe request and credentials monitor, transparent proxy, Windows update attack, phishing manager, ARP Poisoning, DNS Spoofing, Pumpkin-Proxy, and image capture on the fly. moreover, the WiFi-Pumpkin is a very complete framework for auditing Wi-Fi security check the list of features is quite broad. -
15
ANDRAX Hacker's Platform
Advanced Ethical Hacking and Penetration Testing Platform
The most complete and Advanced Penetration Testing and Ethical Hacking Platform dedicated to Advanced Professionals. Developed to bring the power of Offensive Security in the anyone's pocket 100% OPEN SOURCE - ANDRAX is a independent solution for Security professionals who loves Linux -
16
VPLE (Linux) Vulnerable Pentesting Lab Environment VPLE is an Intentionally Vulnerable Linux Virtual Machine. This VM can be used to conduct security training, test security tools, and practice common penetration testing Labs. In VPLE bunch of labs are Available. NOTE:- "Only run in VMWare Pls Don’t run in VirtualBox" Will also run on the ProxMox server to understand how to do it pls refer to the doc in the zip named "Cybersecurity Lab Deployment on Proxmox" The default login and password is administrator: password. List Of All Labs in one VM:- 1. Web-DVWA 2. Mutillidae 3. Webgoat 4. Bwapp 5. Juice-shop 6. Security-ninjas 7. WordPress We are adding more labs in few days
-
17
A simple program to bruteforce a bitcoin address private key
-
18
BHS Debian (Hades Update)
BHS debian (testing) jessie/sid
BHS (Debian) New BHS release Based on Debian jessie/sid Kermel 3.12 KDE 4.11 Debian style and look Custom scripts!! Defcon tools!! New wifi scripts Multiarch support Top tools username: root password: BHS note: Don't forget to run the script located on the desktop to install the missing tools,because without to run it the menu will not be functional,if you not see it just download from here in the file section..sorry for the delay the upload stack for 2 time... installall.sh fixed(metasploit and w3af bug) D4RkS-patcher : will install the kernel 3.13 and add aircrack-ng patch for you automatically!!! -
19
Blackbone
Windows memory hacking library
Blackbone is a powerful Windows-focused memory manipulation and process interaction library intended for developers needing deep access to system internals, reverse engineering, or dynamic analysis tools. It provides a comprehensive API in C++ that allows allocation and management of virtual memory in local and remote processes, reading and writing remote process memory, enumerating loaded modules, creating and controlling threads, and performing complex pattern searches—all with support for both 32-bit and 64-bit architectures. Beyond basic memory operations, Blackbone includes advanced functionality for remote code execution, function hooking, and manual map features that let developers inject and manage modules in foreign processes without relying on the operating system’s loader mechanisms. It supports intricate use cases like injecting DLLs into target applications, performing remote hooks with hardware breakpoints, and handling cross-session thread creation. -
20
CTFd
CTFs as you need them
CTFd is a Capture The Flag framework focusing on ease of use and customizability. It comes with everything you need to run a CTF and it's easy to customize with plugins and themes. Create your own challenges, categories, hints, and flags from the Admin Interface. Dynamic Scoring Challenges. Unlockable challenge support. Challenge plugin architecture to create your own custom challenges. Static & Regex-based flags. Custom flag plugins. Unlockable hints. File uploads to the server or an Amazon S3-compatible backend. Limit challenge attempts & hide challenges. Automatic bruteforce protection. Individual and Team-based competitions. Have users play on their own or form teams to play together. Scoreboard with automatic tie resolution. Hide Scores from the public. Freeze Scores at a specific time. Scoregraphs comparing the top 10 teams and team progress graphs. Markdown content management system. SMTP + Mailgun email support. Email confirmation support. Forgot password support. -
21
Flipper iOS App
iOS Mobile App to rule all Flipper's family
Flipper iOS App is the official mobile companion application designed to interface with the Flipper Zero device, providing users with a portable and intuitive way to manage, control, and extend the functionality of the hardware ecosystem. It acts as a centralized hub where users can organize data such as RFID keys, NFC dumps, infrared signals, and other captured assets directly from their iPhone. The app facilitates wireless communication between the mobile device and Flipper Zero through Bluetooth, enabling real-time interaction and synchronization without requiring a desktop computer. It is also used for firmware updates, file management, and browsing available applications from the Flipper ecosystem, effectively bridging the gap between hardware and user workflows. The interface is designed to simplify complex operations, making advanced capabilities like signal capture and replay more accessible to non-expert users. -
22
NPS
Lightweight, high-performance, powerful intranet penetration proxy
NPS is a lightweight, high-performance, powerful intranet penetration proxy server, with a powerful web management terminal. Comprehensive protocol support, compatible with almost all commonly used protocols, such as tcp, udp, http(s), socks5, p2p, http proxy. Full platform compatibility (linux, windows, macos, Synology, etc.), support installation as a system service simply. Comprehensive control, both client and server control are allowed. Https integration, support to convert backend proxy and web services to https, and support multiple certificates. Just simple configuration on web ui can complete most requirements. Complete information display, such as traffic, system information, real-time bandwidth, client version, etc. Powerful extension functions, everything is available (cache, compression, encryption, traffic limit, bandwidth limit, port reuse, etc.) Domain name resolution has functions such as custom headers, 404 page configuration, host modification, etc. -
23
Pumba
Chaos testing, network emulation, stress testing tool for containers
Pumba is a chaos testing command line tool for Docker containers. Pumba disturbs your containers by crashing containerized applications, emulating network failures and stress-testing container resources (cpu, memory, fs, io, and others). -
24
WindowTextExtractor
WindowTextExtractor allows you to get a text from any OS
WindowTextExtractor allows you to get a text from any window of an operating system including asterisk passwords. Extract text from modal windows, buttons, textboxes, lists, etc. Show passwords stored behind asterisks (*****) from most of the windows apps. Show detailed window and process information. Show process environment variables. Show or hide almost any desktop window. Take a window screenshot. Record window stream in avi file. OCR support (including text, bar codes and QR codes) for Windows 10, 11. Launch WindowTextExtractor on your system. Now simply drag the 'Find window' button to get a window information, text, password or image. -
25
emp3r0r
Linux/Windows post-exploitation framework made by linux user
A post-exploitation framework for Linux/Windows. Initially, emp3r0r was developed as one of my weaponizing experiments. It was a learning process for me trying to implement common Linux adversary techniques and some of my original ideas. So, what makes emp3r0r different? First of all, it is the first C2 framework that targets Linux platform including the capability of using any other tools through it. Take a look at the features for more valid reasons to use it.
