Search Results for "software test tool"
Sort By:
Showing 36 open source projects for "software test tool"
View related business solutions-
Our Free Plans just got better! | Auth0 by OktaYou asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your secuirty. Auth0 now, thank yourself later.
-
Top-Rated Free CRM SoftwareHubSpot is an AI-powered customer platform with all the software, integrations, and resources you need to connect your marketing, sales, and customer service. HubSpot's connected platform enables you to grow your business faster by focusing on what matters most: your customers.
-
1
ZAP
The OWASP ZAP core project
The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by a dedicated international team of volunteers. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. It's also a great tool for experienced pentesters to use for manual security testing. ZAP is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications... -
2
sqlmap
Automatic SQL injection and database takeover tool
sqlmap is a powerful, feature-filled, open source penetration testing tool. It makes detecting and exploiting SQL injection flaws and taking over the database servers an automated process. sqlmap comes with a great range of features that along with its powerful detection engine make it the ultimate penetration tester. It offers full support for MySQL, Oracle, PostgreSQL, Microsoft SQL Server, Microsoft Access, IBM DB2, SQLite, Firebird, and many other database management systems. It also... -
3
mitmproxy
A free and open source interactive HTTPS proxy
mitmproxy is an open source, interactive SSL/TLS-capable intercepting HTTP proxy, with a console interface fit for HTTP/1, HTTP/2, and WebSockets. It's the ideal tool for penetration testers and software developers, able to debug, test, and make privacy measurements. It can intercept, inspect, modify and replay web traffic, and can even prettify and decode a variety of message types. Its web-based interface mitmweb gives you a similar experience as Chrome's DevTools, with the addition... -
4
Splunk Attack Range
A tool that allows you to create vulnerable environments
The Splunk Attack Range is an open-source project maintained by the Splunk Threat Research Team. It builds instrumented cloud (AWS, Azure) and local environments (Virtualbox), simulates attacks, and forwards the data into a Splunk instance. This environment can then be used to develop and test the effectiveness of detections. -
Red Hat Enterprise Linux on Microsoft AzureRed Hat Enterprise Linux (RHEL) on Microsoft Azure provides a secure, reliable, and flexible foundation for your cloud infrastructure. Red Hat Enterprise Linux on Microsoft Azure is ideal for enterprises seeking to enhance their cloud environment with seamless integration, consistent performance, and comprehensive support.
-
5
Ligolo-ng
An advanced, yet simple, tunneling/pivoting tool
Ligolo-ng is a simple, lightweight and fast tool that allows pentesters to establish tunnels from a reverse TCP/TLS connection using a tun interface (without the need of SOCKS). When running the relay/proxy server, a tun interface is used, packets sent to this interface are translated and then transmitted to the agent's remote network. You need to download the Wintun driver (used by WireGuard) and place the wintun.dll in the same folder as Ligolo. You can listen to ports on the agent... -
6
lynis
Security auditing tool for Linux, macOS, and UNIX-based system
Lynis is a battle-tested security tool for systems running Linux, macOS, or Unix-based operating system. It performs an extensive health scan of your systems to support system hardening and compliance testing. The project is open source software with the GPL license and available since 2007. Since Lynis is flexible, it is used for several different purposes. Typical use cases for Lynis include security auditing, compliance testing (e.g. PCI, HIPAA, SOx), penetration testing, vulnerability... -
7
Sippts
Set of tools to audit SIP based VoIP Systems
Sippts is a set of tools to audit VoIP servers and devices using SIP protocol. Sippts is programmed in Python and it allows us to check the security of a VoIP server using SIP protocol. You can freely use, modify and distribute. If modified, please put a reference to this site. Most security tools can be used for illegal purposes, but the purpose of this tool is to check the security of your own servers and not to use to do bad things. I am not responsible for the misuse of this tool. Sippts... -
8
Hoverfly
Lightweight service virtualization/ API simulation / API mocking tool
Hoverfly is a lightweight, open source API simulation tool. Using Hoverfly, you can create realistic simulations of the APIs your application depends on. Replace unreliable test systems and restrictive API sandboxes with high-performance simulations in seconds. Run on MacOS, Windows or Linux, or use native Java or Python language bindings to get started quickly. Simulate API latency or failure when required by writing custom scripts in the language of your choice. -
9
Splunk Attack Range
Tool to simulate attacks and collect the data
Attack Range Log The Splunk Attack Range is an open-source project maintained by the Splunk Threat Research Team. It builds instrumented cloud (AWS, Azure) and local environments (Virtualbox), simulates attacks, and forwards the data into a Splunk instance. This environment can then be used to develop and test the effectiveness of detections. -
Shift, the browser that merges all of your web apps into one powerful window.Streamline everything you do online when you install Shift and access thousands of apps without leaving your browser. Connect all of your Gmail, Outlook, and Office 365 accounts and manage everything from one centralized window. Build out your Shift browser with apps that integrate seamlessly so you have ultra-fast access to all the tools you use to stream, shop, work, browse, and stay connected. Shift brings it all together.
-
10
Pumba
Chaos testing, network emulation, stress testing tool for containers
Pumba is a chaos testing command line tool for Docker containers. Pumba disturbs your containers by crashing containerized applications, emulating network failures and stress-testing container resources (cpu, memory, fs, io, and others). -
11
dirsearch
Web path scanner
An advanced command-line tool designed to brute force directories and files in webservers, AKA web path scanner. Wordlist is a text file, each line is a path. About extensions, unlike other tools, dirsearch only replaces the %EXT% keyword with extensions from -e flag. For wordlists without %EXT% (like SecLists), -f | --force-extensions switch is required to append extensions to every word in wordlist, as well as the /. To use multiple wordlists, you can separate your wordlists with commas... -
12
SharPyShell
Tiny and obfuscated ASP.NET webshell for C# web applications
SharPyShell is a tiny and obfuscated ASP.NET web shell that executes commands received by an encrypted channel compiling them in memory at runtime. SharPyShell supports only C# web applications that run on .NET Framework >= 2.0. SharPyShell is a post-exploitation framework written in Python. The main aim of this framework is to provide the penetration tester with a series of tools to ease the post-exploitation phase once exploitation has been successful against an IIS webserver. This tool... -
13
BeEF
The browser exploitation framework project
BeEF is short for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser. Amid growing concerns about web-borne attacks against clients, including mobile clients, BeEF allows the professional penetration tester to assess the actual security posture of a target environment by using client-side attack vectors. Unlike other security frameworks, BeEF looks past the hardened network perimeter and client system, and examines exploitability within... -
14
SIPVicious
Security tools that can be used to audit SIP based VoIP systems
SIPVicious OSS has been around since 2007 and is actively updated to help security teams, QA and developers test SIP-based VoIP systems and applications. Open-source security suite for auditing SIP based VoIP systems. Also known as friendly-scanner, it is freely available to help pentesters, security teams and developers quickly test their SIP systems. Download the latest source code from git or the latest release, send pull requests and open issues. Install the latest and greatest release... -
15
Abdal FTP BruteForce
FTP BruteForce tool For real Pentest
Abdal FTP BruteForce tool is a powerful software with zero error rate to test the intrusion of servers that work with FTP protocol, this tool supports proxy for attacks and can transfer all your traffic in the hacking process to the proxy Slowly -
16
Abdal SSH BruteForce
powerful SSH BruteForce tool
Abdal SSH BruteForce tool is a powerful software with zero error rate to test the intrusion of servers that work with ssh protocol, this tool supports proxy for attacks and can transfer all your traffic in the hacking process to the proxy Slowly -
17
Sudomy
Sudomy is a subdomain enumeration tool to collect subdomains
Sudomy is a subdomain enumeration tool to collect subdomains and analyze domains performing advanced automated reconnaissance (framework). This tool can also be used for OSINT (Open-source intelligence) activities. Easy, light, fast and powerful. Bash script (controller) is available by default in almost all Linux distributions. By using bash script multiprocessing feature, all processors will be utilized optimally. Subdomain enumeration process can be achieved by using active method or passive... -
18
VPLE
Vulnerable Pentesting Lab Environment
VPLE (Linux) Vulnerable Pentesting Lab Environment VPLE is an Intentionally Vulnerable Linux Virtual Machine. This VM can be used to conduct security training, test security tools, and practice common penetration testing Labs. In VPLE bunch of labs are Available. NOTE:- "Only run in VMWare Pls Don’t run in VirtualBox" The default login and password is administrator: password. List Of All Labs in one VM:- 1. Web-DVWA 2. Mutillidae 3. Webgoat 4. Bwapp 5. Juice-shop 6... -
19
SSH MITM
SSH man-in-the-middle tool
This penetration testing tool allows an auditor to intercept SSH connections. A patch applied to the OpenSSH v7.5p1 source code causes it to act as a proxy between the victim and their intended SSH server; all plaintext passwords and sessions are logged to disk. Of course, the victim's SSH client will complain that the server's key has changed. But because 99.99999% of the time this is caused by a legitimate action (OS re-install, configuration change, etc), many/most users will disregard... -
20
Offensive Web Testing Framework
Offensive Web Testing Framework (OWTF), is a framework
... on seemingly risky areas. Demonstrate true impact despite the short timeframes we are typically given to test. The tool is highly configurable and anybody can trivially create simple plugins or add new tests in the configuration files without having any development experience. OWTF is developed on KaliLinux and macOS but it is made for Kali Linux (or other Debian derivatives). -
21
Taie-RedTeam-OS
泰阿安全实验室-红队单兵作战系统-Taie-RedTeam-OS
中文简介: 面向中国信息安全白帽子人员的红方渗透作战操作系统,内容工具更适用于中国的环境,避免大而全精简不常用的工具软件,集成国内优秀的开源渗透工具帮助红方人员更好的实施工作! Introducte: For Chinese information security white hat personnel red team infiltration combat operating system, the content and tools are more suitable for the Chinese environment, simplify not commonly used tool software, integration of domestic excellent open source infiltration tools to help red staff better implementation! -
22
Password Guessing Framework
A Framework for Comparing Password Guessing Strategies
The Password Guessing Framework is an open source tool to provide an automated and reliable way to compare password guessers. It can help to identify individual strengths and weaknesses of a guesser, its modes of operation or even the underlying guessing strategies. Therefor, it gathers information about how many passwords from an input file (password leak) have been cracked in relation to the amount of generated guesses. Subsequent to the guessing process an analysis of the cracked passwords... -
23
Vulnerable Operating Systems
deliberately vulnerable operating systems
VulnOS are a series of deliberately vulnerable operating systems packed as virtual machines to teach Offensive IT Security and to enhance penetration testing skills. For educational purposes! -
24
Primes
Calculate primes by using extremely fast sorting
This project considers the problem of calculating primes as a sorting problem. It includes the most efficient tree-based sorting algorithm that is possible and shows that finding a new prime can be done by sorting the differences between the previous primes in the right way. Unfortunately it has turned out that going this way is even more slowly than trying to find primes by brute force. So it can only be used as a test with heavy load for the sorting algorithm, which can be used for sorting... -
25
Wordlyst Genyrator
Creates wordlist for bruteforce
This sowftware creates text based wordlist for bruteforce for system penetratin test.