Search Results for "penetration testing tools"
Sort By:
Showing 67 open source projects for "penetration testing tools"
View related business solutions-
Forever Free Full-Stack Observability | Grafana CloudBuilt on open standards like Prometheus and OpenTelemetry, Grafana Cloud includes Kubernetes Monitoring, Application Observability, Incident Response, plus the AI-powered Grafana Assistant. Get started with our generous free tier today.
-
Try Google Cloud Risk-Free With $300 in CreditUse your credit across every product. Compute, storage, AI, analytics. When it runs out, 20+ products stay free. You only pay when you choose to.
-
1
ezXSS
ezXSS is an easy way for penetration testers and bug bounty hunters
ezXSS is an open-source XSS (Cross-Site Scripting) testing platform designed to help security researchers identify and collect XSS vulnerabilities. It acts as a payload receiver and logger, storing details about triggered XSS attacks such as the user agent, cookies, DOM, and referrer. This tool is highly useful in bug bounty hunting and penetration testing for monitoring and documenting XSS vectors in real-time. -
2
Static Analysis Tools for PHP
Docker image that provides static analysis tools for PHP
Docker image providing static analysis tools for PHP. The list of available tools and the installer is actually managed in the jakzal/toolbox repository. Docker image with quality analysis tools for PHP. To run the selected tool inside the container, you'll need to mount the project directory on the container with -v "$(pwd):/project". Some tools like to write to the /tmp directory (like PHPStan, or Behat in some cases), therefore it's often useful to share it between docker runs, i.e. with... -
3
Infection
PHP Mutation Testing library
Infection is a PHP mutation testing framework used to evaluate the quality and effectiveness of test suites. It works by introducing small changes (mutations) into the codebase and checking whether the existing tests catch them. If a mutation passes undetected, it suggests that the tests may be insufficient. Infection integrates with PHPUnit and helps developers strengthen their test coverage and logic. -
4
OpenKore
A free/open source client and automation tool for Ragnarok Online
OpenKore is a free and open source automation tool and custom client for the online game Ragnarok Online. It provides a flexible scripting system that allows users to automate gameplay, including navigation, combat, trading, and interaction with other players. The project supports plugins and modular extensions, enabling customization for different servers and play styles. OpenKore is cross-platform, running on Windows, Linux, and macOS, and is written primarily in Perl. With a strong... -
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
5
Expose
A beautiful, fully open-source, tunneling service
Expose is an open source tunneling service that allows developers to securely share locally running web applications with the public internet through temporary public URLs. The project functions as an alternative to tools like ngrok by creating encrypted tunnels that route incoming requests from a publicly accessible server directly to a developer’s local machine. This makes it possible to test webhooks, demonstrate applications, or collaborate with teammates without deploying the project to... -
6
Laravel Installer
The Laravel application installer
...Laravel strives to provide an amazing developer experience while providing powerful features such as thorough dependency injection, an expressive database abstraction layer, queues, and scheduled jobs, unit and integration testing, and more. There are a variety of tools and frameworks available to you when building a web application. However, we believe Laravel is the best choice for building modern, full-stack web applications. Before creating your first Laravel project, make sure that your local machine has PHP and Composer installed. If you are developing on macOS or Windows, PHP and Composer can be installed in minutes via Laravel Herd. ... -
7
Laravel MongoDB
MongoDB based eloquent model and Query builder for Laravel
This package adds functionalities to the Eloquent model and Query builder for MongoDB, using the original Laravel API. This library extends the original Laravel classes, so it uses exactly the same methods. Make sure you have the MongoDB PHP driver installed. In case your Laravel version does NOT autoload the packages, add the service provider to config/app.php. For usage with Lumen, add the service provider in bootstrap/app.php. In this file, you will also need to enable Eloquent. You must... -
8
sebastian/diff
Diff implementation
diff is a standalone PHP library for computing and rendering textual differences, widely used to display “expected vs actual” output in testing tools. It supports line-based and character/word-granular comparisons so you can get both coarse and fine-grained views of changes. Output builders can produce formats like unified or context diffs, or more human-friendly renderings suitable for terminals and HTML reports. Internally, the library splits input into hunks and manages edge cases such as whitespace-only changes and end-of-line variations. ... -
9
Symfony DomCrawler
Eases DOM navigation for HTML and XML documents
Symfony DomCrawler is a PHP component that provides powerful tools for navigating and extracting data from HTML and XML documents. It allows developers to parse, filter, and manipulate web pages using CSS selectors and XPath expressions. DomCrawler is widely used for web scraping, testing, and processing structured content, and integrates well with other Symfony components like BrowserKit. -
Go From AI Idea to AI App FastAccess Gemini 3 and 200+ models. Build chatbots, agents, or custom models with built-in monitoring and scaling.
-
10
CSZ CMS
CSZ CMS is a open source content management system. With Codeigniter.
CSZ CMS is an open source web application that allows to manage all content and settings on the websites. CSZ CMS was built on the basis of Codeigniter and design the structure of Bootstrap, this should make your website fully responsive with ease. CSZ CMS is based on the server side script language PHP and uses a MySQL or MariaDB database for data storage. CSZ CMS is open-source Content Management System. And all is free under the Astian Develop Public License (ADPL). -
11
Doctrine Collections
Collections abstraction library
Doctrine Collections is a library that contains classes for working with arrays of data. Doctrine Collections provides an interface named Doctrine\Common\Collections\Collection that resembles the nature of a regular PHP array. That is, it is essentially an ordered map that can also be used like a list. A Collection has an internal iterator just like a PHP array. In addition, a Collection can be iterated with external iterators, which is preferable. To use an external iterator simply use the... -
12
Amazon SNS Message Validator for PHP
Amazon SNS message validation for PHP
The Amazon SNS Message Validator for PHP library allows you to validate that incoming HTTP(S) POST messages are valid Amazon SNS notifications. This library is standalone and does not depend on the AWS SDK for PHP or Guzzle; however, it does require PHP 5.4+ and that the OpenSSL PHP extension is installed. Next, you must create an instance of MessageValidator, and then use either the isValid() or validate(), methods to validate the message. The message validator checks the SigningCertURL,... -
13
pH7 Social Dating CMS (pH7Builder)❤️
🚀 Professional Social Dating Web App Builder (formerly pH7CMS)
pH7Builder is a Professional, Free & Open Source PHP Social Dating Builder Software (primarily designed for developers ...). This Social Dating Web App is fully coded in object-oriented PHP (OOP) with the MVC pattern (Model-View-Controller). It is low resource-intensive, extremely powerful and highly secure. pH7Builder is included with over 42 native modules and is based on its homemade pH7 Framework which includes more than 52 packages To summarize, pH7Builder Social Dating Script... -
14
Ascoos Web Extended Studio
Is a portable web server suite for windows 64Bit, for Web Development.
Ascoos Web Extended Studio (AWES) is a portable, free 64-bit web server environment for Windows, designed for professional web developers and designers who need flexibility, modularity, and multi-version testing capabilities. It provides a complete local development stack based on technologies such as Apache, PHP, Node.js, Python, MariaDB, MongoDB, FileZilla, and other essential tools. 🔧 Key Features: - Multi-version support for PHP and MariaDB - Modular and upgrade-friendly architecture - Fully portable – no installation required - Integrated tools and applications - Advanced GUI features - CGI technology support 🎯 Ideal for: - Developing and testing PHP applications across multiple environments - Experimenting with different software versions - Maintaining legacy projects - Local development and training without installation Official Site: https://awes.ascoos.com Demo video: https://youtu.be/HMCJpgEC9zg GitHub: https://github.com/ascoos/awes -
15
LAMP package in Complete Virtual Machine
A Quick LAMP/WAMP/MAMP/XAMPP Pkg for development, testing & production
This VM is created for 2 reasons: 1. Very little initial setup work required to Develop / Test / Deploy a Dynamic Web Application live, within minutes. 2. This system should keep running for Years, without requiring Updates / Breakages. If you are new to Virtual Machines, then please watch the Video below ( taken from my other sample PHP project called teamdocs. You may cleanup this Application from the htdocs home folder link & its corresponding database, after logging into mysql. The... -
16
Zphisher
An automated phishing tool with 30+ templates
Zphisher is an advanced open-source phishing tool for educational and penetration testing purposes. It provides a simple interface for launching phishing attacks by cloning login pages of popular websites. Built in Bash, Zphisher automates server deployment using tunneling services like Ngrok, Localhost.run, and others. It is intended for ethical hacking and security research to demonstrate how phishing attacks work and how to defend against them. -
17
Sn1per
Attack Surface Management Platform | Sn1perSecurity LLC
...With Sn1per Professional, you can discover the attack surface and continuously monitor it for changes. It integrates with the leading open source and commercial security testing tools for a unified view of your data. -
18
Zynix-Fusion
zynix-Fusion is a framework for hacking
zynix-Fusion is a framework that aims to centralize, standardizeand simplify the use of various security tools for pentest professionals.zynix-Fusion (old name: Linux evil toolkit) has few simple commands, one of which is theinit function that allows you to define a target, and thus use all the toolswithout typing anything else. -
19
webshell
This is a webshell open source project
...All shells themselves do not guarantee whether there is a backdoor, but I will never add a backdoor deliberately when uploading by myself. Please don’t add a backdoor if you submit it. If you find backdoor code, please issue. The tools provided by this project are forbidden to engage in illegal activities. This project is for testing purposes only. All the consequences caused by it have nothing to do with me. -
20
RED HAWK
All-in-one reconnaissance and vulnerability scanning toolkit for sites
RED HAWK is an open source command-line security tool designed for information gathering, vulnerability scanning, and web reconnaissance tasks. It combines multiple scanning and analysis capabilities into a single toolkit to help security researchers and penetration testers quickly analyze a target website. It can collect a wide range of information about domains, servers, and web applications, including network details, hosting configuration, and content management system detection. It also... -
21
Laravel Dusk Dashboard
A beautiful dashboard for your Laravel Dusk tests
Laravel Dusk Dashboard is a Laravel package that gives you a beautiful Dashboard for your Dusk test suites. It completely visualizes the individual steps that are involved when your Dusk tests are running, as well as DOM snapshots for each individual step. This makes it super useful when trying to debug your browser tests and figure out what they are doing in the background. You can also make use of your browser's debug tools to inspect the DOM snapshots. In addition to the UI Dashboard,... -
22
Web Security Dojo
Virtual training environment to learn web app ethical hacking.
Web Security Dojo is a virtual machine that provides the tools, targets, and documentation to learn and practice web application security testing. A preconfigured, stand-alone training environment ideal for classroom and conferences. No Internet required to use. Ideal for those interested in getting hands-on practice for ethical hacking, penetration testing, bug bounties, and capture the flag (CTF). -
23
Nwicode CMS App Builder
Mobile app Builder without coding
The NWICODE CMS project, an open source mobile app Builder, was launched in beta testing in 2019. Since 2016, the platform has only been offered as a cloud-based solution for creating mobile applications. Our goal Not a month goes by without the launch of new platforms and mobile app designers on the market. All these platforms with DRAG&DROP and ready-made features. These solutions are very standardized and do not allow you to develop and control your application. We eliminate... -
24
CSVHashCrack Suite
Multi hash crack suite
This script is capable of cracking multiple hashes from a CSV-file like e.g. dumps from sqlmap. Over 17.000 md5-hashes in a CSV-file get cracked with a 14.300.000 lines wordlist in less then 1 min. Lines wich cant get cracked with the wordlist get stored in a .leftToCrack-File to further process with another Wordlist or the bruteforce-tool. In addition to the wordlist-cracker I created also a bruteforce-tool named CSVHashBrutforcer. -
25
Sagacity
Security Assessment Data Management and Analysis Tool
We have migrated development of Sagacity to GitHub at https://github.com/cyberperspectives/sagacity Sagacity is a vulnerability assessment and STIG compliance data management tool designed to make security testing more efficient, effective and complete. Security assessments, especially those done for DoD and Federal organizations, produce tremendous amounts of scan and compliance data that security engineers must sort through and deconflict, identify untested requirements, and somehow...
