Search Results for "penetration testing tools"
Sort By:
Showing 27 open source projects for "penetration testing tools"
View related business solutions-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
Go From AI Idea to AI App FastAccess Gemini 3 and 200+ models. Build chatbots, agents, or custom models with built-in monitoring and scaling.
-
1
Kheish
Kheish: A multi-role LLM agent for tasks like code auditing
Kheish is a framework designed for cybersecurity professionals to automate penetration testing tasks, providing tools to streamline security assessments. -
2
PDFRip
A multi-threaded PDF password cracking utility
A multi-threaded PDF password cracking utility equipped with commonly encountered password format builders and dictionary attacks. pdfrip is a fast multithreaded PDF password cracking utility written in Rust with support for wordlist-based dictionary attacks, date and number range bruteforcing, and a custom query builder for password formats. You can write your own queries like STRING{69-420} with the -q option which would generate a wordlist with the full number range. You can pass in an... -
3
wasm-tools
CLI and Rust libraries for low-level manipulation of WebAssembly
...The toolkit also supports advanced operations like mutating, shrinking, and generating test cases for WebAssembly modules, making it particularly valuable for testing, debugging, and research purposes. In addition to its CLI, wasm-tools exposes many of its capabilities as reusable Rust libraries, allowing developers to integrate WebAssembly manipulation directly into their applications. The project actively implements and supports evolving WebAssembly proposals, ensuring compatibility with the latest features of the ecosystem. -
4
Claw Code
AI agent harness for AI coding agents
Claw Code is an open-source AI agent harness project focused on building better tools for orchestrating and managing autonomous coding agents. It originated as a clean-room reimplementation inspired by the architecture of Claude Code, aiming to replicate core concepts without using proprietary code. The project provides a Python-based foundation for experimenting with agent workflows, tool integration, and task execution pipelines. It emphasizes harness engineering—how agents are structured,... -
Full-stack observability with actually useful AI | Grafana CloudBuilt on open standards like Prometheus and OpenTelemetry, Grafana Cloud includes Kubernetes Monitoring, Application Observability, Incident Response, plus the AI-powered Grafana Assistant. Get started with our generous free tier today.
-
5
Fuels-rs
Fuel Network Rust SDK
fuels-rs is a Rust-native Software Development Kit (SDK) for the Fuel blockchain. It facilitates compilation, deployment, transaction crafting, contract interaction, and testing of Sway smart contracts, as well as launching and controlling local Fuel nodes for development or CI workflows. -
6
Substrate Node Template
A rust implementation of the Quip Protocol forked from Substrate
...It leverages FRAME, Substrate’s modular runtime development system, allowing developers to compose blockchain functionality through reusable pallets. The node supports development and testing environments with configurable genesis states and pre-funded accounts, making it suitable for experimentation and rapid prototyping. It also includes tools for running single-node or multi-node networks, enabling developers to simulate distributed consensus systems locally. The architecture is designed for extensibility, allowing custom consensus algorithms, storage models, and transaction logic to be integrated. -
7
cloudflare-speed-cli
CLI for internet speed test via cloudflare
cloudflare-speed-cli is a Rust-based command-line internet speed testing tool that interfaces with Cloudflare’s public speed test endpoints, letting users measure download and upload throughput, latency, and more from a terminal. It presents results in an interactive text-user-interface (TUI) that charts real-time metrics as tests run, making it easy to visually inspect performance trends without leaving the console. -
8
Findomain
Fast open source tool for discovering and monitoring domain subdomains
Findomain is an open source reconnaissance tool designed to discover and enumerate subdomains associated with a target domain. It focuses on speed and reliability by using Certificate Transparency logs and multiple well tested public APIs instead of relying solely on brute force scanning techniques. By querying multiple passive data sources in parallel, the tool can identify a large number of subdomains within a short time, making it useful for security researchers, penetration testers, and... -
9
Lightpanda Browser
Lightpanda: the headless browser designed for AI and automation
Lightpanda is an open-source headless browser designed specifically for automation, artificial intelligence workflows, and large-scale web interaction tasks. Unlike traditional browsers that include full graphical rendering engines meant for human users, Lightpanda is built from scratch to operate entirely in headless mode, focusing only on the components required for programmatic web interaction. This design allows it to execute JavaScript and interact with web pages while avoiding the... -
$300 in Free Credit Towards Top Cloud ServicesStart your project in minutes. After credits run out, 20+ products include free monthly usage. Only pay when you're ready to scale.
-
10
Cake
Distributed LLM and StableDiffusion inference
Cake is a compact, powerful toolkit that combines a flexible TCP/UDP proxy, port forwarding system, and connection manager designed for both development and penetration testing scenarios. It enables users to create complex networking flows where traffic can be proxied, relayed, and manipulated between endpoints — useful for debugging networked applications, inspecting protocols, or tunneling traffic through different hops. The tool is designed to work with multiple protocols and supports dynamic rule definitions so that incoming and outgoing connections can be routed, rewritten, or logged according to user-defined policies. ... -
11
Goose
AI coding agent that's more than suggestions - install, execute, edit+
Goose is an open-source, extensible AI agent that enhances the software development process by going beyond traditional code suggestions. It allows developers to install, execute, edit, and test code with any large language model (LLM), facilitating a more efficient and streamlined workflow. Designed to operate locally within a developer's environment, Goose integrates seamlessly with various tools and platforms, providing a customizable and powerful assistant for coding tasks. Its... -
12
PgRx
Build Postgres Extensions with Rust
pgrx is a Rust framework for developing PostgreSQL extensions, making it easier to write safe, high-performance native extensions in Rust. It handles the boilerplate and unsafe FFI needed to interface with Postgres internals, allowing developers to focus on logic. With built-in support for SQL generation, testing, and deployment, pgrx streamlines the extension creation process while embracing Rust’s safety guarantees. -
13
Grafbase
The Grafbase GraphQL Federation Gateway
Grafbase is an open-source GraphQL federation gateway and API platform designed to unify multiple backend services and data sources into a single, high-performance GraphQL interface. The project provides a Rust-based gateway that acts as the central layer for composing and managing distributed APIs, particularly in microservice architectures where data may come from many independent systems. By supporting GraphQL federation standards, the platform enables teams to combine multiple subgraphs... -
14
MooseStack
The developer framework for building analytical backends
MooseStack is an opinionated starter stack that assembles a modern web application foundation—project structure, build tooling, and deployment scripts—so teams can get from “blank repo” to a working product quickly. It provides a coherent layout for server and client code, standardizes environment configuration, and includes scripts to run the app locally with the same conventions you’ll use in staging or production. The stack favors convention over configuration: common decisions around... -
15
BoringSSL
Mirror of BoringSSL
BoringSSL is a Google-maintained fork of OpenSSL, designed specifically to meet the security, performance, and maintainability needs of Google’s infrastructure and products. While fully open source, BoringSSL is not intended for general public use — it serves as a streamlined, heavily modified SSL/TLS and cryptography library optimized for Google’s internal ecosystem, including Chrome/Chromium, Android, and other Google services. The project prioritizes security, simplicity, and... -
16
Rivet
Visual AI IDE for building agents with prompt chains and graphs
Rivet is an open source visual AI programming environment designed to help developers build complex AI agents using a node-based interface and prompt chaining workflows. It provides a desktop application that allows users to visually construct and debug AI logic as interconnected graphs, making it easier to manage sophisticated interactions between language models and external tools. Rivet also includes a TypeScript library that enables these visual graphs to be executed and integrated... -
17
Paddler
Open-source LLM load balancer and serving platform for hosting LLMs
Paddler is an open-source LLM infrastructure platform designed to deploy, manage, and scale large language models on private infrastructure. The system acts as a specialized load balancer and serving layer for language models, enabling organizations to run inference workloads without relying on external API providers. It supports running models locally through engines such as llama.cpp while distributing requests across multiple compute nodes to improve performance and reliability. The... -
18
BerserkArch
A bleeding-edge, security-centric Arch-based Linux distribution.
BerserkArch is a security-focused, performance-tuned Linux operating system (OS) based on Arch Linux, designed for developers, hackers, and technical users. A bleeding-edge, security-centric Arch-based Linux distribution crafted for hackers, developers, and nerds alike. Following the Arch Linux philosophy, it is designed to be highly customizable, allowing users to build their environment with only the components they need, rather than having a lot of pre-installed software like some other... -
19
HackerOS
HackerOS based on Debian testing.
HackerOS is based on Debian Testing, but the LTS and Cybersecurity editions are Debian Stable. HackerOS includes several GUI/CLI tools. The distribution is intended for: cybersecurity, daily use, and gaming. -
20
Cherrybomb
Cherrybomb is a CLI tool that helps you avoid undefined user behaviour
Cherrybomb is an CLI tool written in Rust that helps prevent incorrect code implementation early in development. It works by validating and testing your API using an OpenAPI file. Its main goal is to reduce security errors and ensure your API functions as intended. Cherrybomb makes sure your API is working correctly. It checks your API's spec file (OpenAPI Specification) for good practices and makes sure it follows the OAS rules. Then, it tests your API for common issues and vulnerabilities.... -
21
Good Man in the Middle
Rule-based MITM engine. Rewriting, redirecting and rejecting on HTTP
Rule-based MITM engine. Rewriting, redirecting and rejecting on HTTP(S) requests and responses, supports JavaScript. -
22
cross
Zero setup cross compilation and cross testing of Rust crates
This project is developed and maintained by the cross-rs team. It was previously maintained by the Rust Embedded Working Group Tools team. You have four options to configure cross. cross will provide all the ingredients needed for cross-compilation without touching your system installation. cross provides an environment, cross-toolchain, and cross-compiled libraries, that produce the most portable binaries. “cross-testing”, cross can test crates for architectures other than i686 and x86_64. -
23
authoscope
Scriptable network authentication cracker (formerly `badtouch`)
authoscope is a scriptable network authentication cracker. While the space for common service bruteforce is already very well saturated, you may still end up writing your own python scripts when testing credentials for web applications. The scope of authoscope is specifically cracking custom services. This is done by writing scripts that are loaded into a lua runtime. Those scripts represent a single service and provide a verify(user, password) function that returns either true or false.... -
24
moonwalk
Cover your tracks during Linux Exploitation by leaving zero traces
Cover your tracks during Linux Exploitation / Penetration Testing by leaving zero traces on system logs and filesystem timestamps. moonwalk is a 400 KB single-binary executable that can clear your traces while penetration testing a Unix machine. It saves the state of system logs pre-exploitation and reverts that state including the filesystem timestamps post-exploitation leaving zero traces of a ghost in the shell. -
25
Chromepass
Hacking Chrome Saved Passwords
Chromepass is a python-based console application that generates a windows executable with the following features. Decrypt Google Chrome, Chromium, Edge, Brave, Opera and Vivaldi saved paswords and cookies. Send a file with the login/password combinations and cookies remotely (http server or email) Undetectable by AV if done correctly. Custom icon, custom error message, customize port. The new client build methodology practically ensures a 0% detection rate, even without AV-evasion tactics....
