Search Results for "pen testing tools"
Sort By:
Showing 201 open source projects for "pen testing tools"
View related business solutions-
Build Agents and Models on One PlatformGemini Enterprise Agent Platform is Google Cloud's comprehensive platform for developers to build, scale, govern, and optimize agents and models. Choose from Google's most advanced models and third-party models like Anthropic's Claude Model Family.
-
Build Securely on AWS with Proven FrameworksMoving to the cloud brings new challenges. How can you manage a larger attack surface while ensuring great network performance? Turn to Fortinet’s Tested Reference Architectures, blueprints for designing and securing cloud environments built by cybersecurity experts. Learn more and explore use cases in this white paper.
-
1
Kitty-Tools
Kitty-Tools is a Kahoot Cheating Client for all devices and interfaces
...The project focuses on simplifying interaction with Kahoot sessions by offering tools that can automate participation, manipulate answer selection, and streamline gameplay workflows. Its architecture allows users to connect to live game sessions and perform actions programmatically, which can be useful for testing, demonstration, or experimental purposes. The software is designed with a lightweight approach so that it can operate efficiently across devices with varying capabilities. ... -
2
fsociety
Modular CLI framework for managing penetration testing tools
fsociety is a modular penetration testing framework designed to provide a unified interface for running and managing a wide range of security tools. It focuses on simplifying penetration testing workflows by integrating multiple external security utilities into a single command line environment. Instead of implementing its own security scanners, the framework acts as a wrapper and orchestrator that helps users discover, install, and execute tools from various GitHub repositories. ... -
3
Pacu
The AWS exploitation framework, designed for testing security
Pacu (named after a type of Piranha in the Amazon) is a comprehensive AWS security-testing toolkit designed for offensive security practitioners. While several AWS security scanners currently serve as the proverbial “Nessus” of the cloud, Pacu is designed to be the Metasploit equivalent. Written in Python 3 with a modular architecture, Pacu has tools for every step of the pen testing process, covering the full cyber kill chain. -
4
Xteam
All-in-one command-line toolkit for security testing and OSINT tools
Xteam is a command-line security toolkit designed to provide multiple penetration testing and information-gathering utilities in a single interface. It combines several modules and external tools to help users perform security research tasks related to mobile devices, wireless networks, and online services. It acts as a centralized launcher that integrates scripts and third-party tools, allowing users to access different testing functions through a menu-based command line workflow. ... -
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
5
Ansible Molecule
Molecule aids in the development and testing of Ansible roles
Molecule project is designed to aid in the development and testing of Ansible roles. Molecule provides support for testing with multiple instances, operating systems and distributions, virtualization providers, test frameworks and testing scenarios. Molecule encourages an approach that results in consistently developed roles that are well-written, easily understood and maintained. Molecule supports only the latest two major versions of Ansible (N/N-1), meaning that if the latest version is... -
6
OWASP Mobile Application Security
Manual for mobile app security testing and reverse engineering
The OWASP Mobile Application Security (MAS) flagship project provides a security standard for mobile apps (OWASP MASVS) and a comprehensive testing guide (OWASP MASTG) that covers the processes, techniques, and tools used during a mobile app security test, as well as an exhaustive set of test cases that enables testers to deliver consistent and complete results. MAS Advocates are industry adopters of the OWASP MASVS and MASTG who have invested a significant and consistent amount of resources to push the project forward by providing consistent high-impact contributions and continuously spreading the word. -
7
discover
Automation framework for reconnaissance and penetration testing tasks
Discover is a collection of custom Bash scripts designed to automate many common tasks involved in penetration testing workflows. The project brings together a variety of security testing functions into a single framework that simplifies reconnaissance, scanning, and enumeration processes. It provides a menu-driven interface that allows security professionals to quickly launch different tools and scripts without manually executing each command. -
8
Sippts
Set of tools to audit SIP based VoIP Systems
Sippts is a set of tools to audit VoIP servers and devices using SIP protocol. Sippts is programmed in Python and it allows us to check the security of a VoIP server using SIP protocol. You can freely use, modify and distribute. If modified, please put a reference to this site. Most security tools can be used for illegal purposes, but the purpose of this tool is to check the security of your own servers and not to use to do bad things. I am not responsible for the misuse of this tool. Sippts... -
9
FuzzyAI Fuzzer
A powerful tool for automated LLM fuzzing
...It allows developers and security researchers to systematically evaluate the robustness of LLM-based systems by simulating a wide range of malicious or unexpected inputs. The framework can be integrated into development pipelines to continuously test AI APIs and detect weaknesses before deployment. FuzzyAI provides testing tools, datasets, and evaluation workflows that help researchers measure how well models resist harmful instructions or attempts to bypass safety mechanisms. -
$300 Free Credits for Your Google Cloud ProjectsLaunch your next project with $300 in free Google Cloud credits—no strings attached. Test, build, and deploy without risk. Use your credits across the entire Google Cloud platform to find what works best for your needs. After your credits are used, continue with always-free tier services. Only pay when you're ready to scale. Sign up in minutes and start exploring.
-
10
Impacket
A collection of Python classes for working with network protocols
Impacket is a collection of Python classes designed for working with network protocols. It was primarily created in the hopes of alleviating some of the hindrances associated with the implementation of networking protocols and stacks, and aims to speed up research and educational activities. It provides low-level programmatic access to packets, and the protocol implementation itself for some of the protocols, like SMB1-3 and MSRPC. It features several protocols, including Ethernet, IP, TCP,... -
11
PentestAgent
AI agent framework for black-box security testing
PentestAgent is an open-source autonomous security testing platform designed to help organizations identify vulnerabilities and assess security posture by simulating real-world attack scenarios without manual intervention. It brings a modular and automated approach to penetration testing by orchestrating a suite of tools and scripts that can emulate common exploitation techniques, reconnaissance workflows, and post-exploitation activities across targets. -
12
secator
Automated framework for running pentesting tools and workflows
...By standardizing input parameters and output formats across different tools, Secator simplifies how results are collected and processed during security testing. Secator is built to improve productivity for penetration testers, bug bounty hunters, and security researchers who frequently chain multiple tools together during assessments. -
13
Brownie
A Python-based development and testing framework for smart contracts
Brownie is a Python-based development and testing framework for smart contracts targeting the Ethereum Virtual Machine. Powerful debugging tools, including python-style tracebacks and custom error strings. The recommended way to install Brownie is via pipx. pipx installs Brownie into a virtual environment and makes it available directly from the command-line. Once installed, you will never have to activate a virtual environment prior to using Brownie. -
14
Wfuzz
Web application fuzzer
Wfuzz provides a framework to automate web applications security assessments and could help you to secure your web applications by finding and exploiting web application vulnerabilities. Wfuzz it is based on a simple concept: it replaces any reference to the FUZZ keyword by the value of a given payload. A payload in Wfuzz is a source of data. This simple concept allows any input to be injected in any field of an HTTP request, allowing to perform complex web security attacks in different web... -
15
RedAmon
AI-powered framework for automated penetration testing and red teaming
RedAmon is an AI-powered red team framework designed to automate offensive cybersecurity operations from reconnaissance to exploitation and post-exploitation. It combines artificial intelligence with traditional penetration testing tools to create a fully autonomous pipeline capable of discovering vulnerabilities and executing security assessments without human intervention. It begins with a multi-phase reconnaissance engine that maps the entire attack surface of a target, collecting information such as subdomains, open ports, services, and potential vulnerabilities. ... -
16
Arcade AI
Arcade Tool Development Kit (TDK), Worker, Evals, and CLI
Arcade AI Platform is a developer-oriented toolkit for building, deploying, and managing tools tailored to AI agents, structured as modular Python packages for flexibility and extensibility. Core platform functionality and schemas. This repository contains the core Arcade libraries, organized as separate packages for maximum flexibility and modularity. Evaluation framework for testing tool performance. Test your MCP server's tools, resources, prompts, elicitation, and OAuth 2. ... -
17
Prompt flow
Build high-quality LLM apps
Prompt flow is a suite of development tools designed to streamline the end-to-end development cycle of LLM-based AI applications, from ideation, prototyping, testing, and evaluation to production deployment and monitoring. It makes prompt engineering much easier and enables you to build LLM apps with production quality. -
18
Claw Code
AI agent harness for AI coding agents
Claw Code is an open-source AI agent harness project focused on building better tools for orchestrating and managing autonomous coding agents. It originated as a clean-room reimplementation inspired by the architecture of Claude Code, aiming to replicate core concepts without using proprietary code. The project provides a Python-based foundation for experimenting with agent workflows, tool integration, and task execution pipelines. It emphasizes harness engineering—how agents are structured,... -
19
HTTPie Desktop
Cross-platform API testing client for humans
HTTPie Desktop is a graphical API client built on top of the popular HTTPie terminal tool, offering a user-friendly interface for testing and interacting with APIs. It combines the simplicity of HTTPie’s CLI with a modern desktop and web UI for a more visual workflow. Developers can easily build, send, and preview HTTP requests without needing to memorize commands or write scripts. The platform supports organizing work into spaces, collections, and tabs, making it ideal for managing multiple... -
20
Cactus Needle
26m function call model that runs on incredibly small devices
...It is based on a Simple Attention Network architecture and was distilled from a much larger model to focus on fast, compact tool-use behavior. The project provides open weights, training details, dataset generation resources, and a playground for testing the model with custom tools. Needle is optimized for single-shot function calling rather than broad conversational ability, so its core use case is selecting the right tool and producing structured arguments. It can be fine-tuned locally, including on consumer machines, which makes it useful for experimentation with small personalized agents. ... -
21
imbalanced-learn
A Python Package to Tackle the Curse of Imbalanced Datasets in ML
Imbalanced-learn (imported as imblearn) is an open source, MIT-licensed library relying on scikit-learn (imported as sklearn) and provides tools when dealing with classification with imbalanced classes. -
22
Professional Services
Common solutions and tools developed by Google Cloud
Professional Services repository is a collection of real-world solutions, tools, and reference implementations developed by Google Cloud’s Professional Services team to address common enterprise challenges. Unlike simple sample repositories, it focuses on production-oriented use cases such as data pipelines, machine learning workflows, infrastructure automation, and security management. The repository contains a wide variety of projects, including tools for validating data migrations, generating large datasets for testing, building analytics dashboards, and automating policy enforcement in cloud environments. ... -
23
INTERCEPT
Unites the best signal intelligence tools
...It emphasizes modular “modes,” letting you focus on a specific type of monitoring or analysis while still benefiting from shared UI patterns and unified configuration. Because it touches sensitive capabilities, the project frames usage around education and authorized testing, encouraging responsible operation and compliance with local laws. -
24
PostHog
PostHog provides open-source web & product analytics
PostHog is an all‑in‑one open‑source platform for product and web analytics—offering event-based analytics, session recording, feature flagging, A/B testing, cohorts, and more—that you can self‑host, with full support for data privacy and enterprise compliance. Sync data from external tools like Stripe, Hubspot, your data warehouse, and more. Query it alongside your product data. Run custom filters and transformations on your incoming data. Send it to 25+ tools or any webhook in real time or batch export large amounts to your warehouse. ... -
25
Data Contract CLI
Enforce Data Contracts
Data Contract CLI is an open-source command-line tool and Python library for creating, validating, testing, importing, exporting, and enforcing data contracts. It uses YAML-based contract files to define the structure, meaning, quality rules, service levels, and connection details for a data product. The tool can connect to real data sources and check whether the actual dataset matches the schema, constraints, and quality expectations described in the contract. It supports both the Data...
