Search Results for "pentest-lab"
Sort By:
Showing 69 open source projects for "pentest-lab"
View related business solutions-
Earn up to 16% annual interest with Nexo.Generate interest, borrow against your crypto, and trade a range of cryptocurrencies — all in one platform. Geographic restrictions, eligibility, and terms apply.
-
Try Google Cloud Risk-Free With $300 in CreditUse your credit across every product. Compute, storage, AI, analytics. When it runs out, 20+ products stay free. You only pay when you choose to.
-
1
Internal All The Things
Active Directory and Internal Pentest Cheatsheets
...It covers a broad range of topics; AD certificate services, Kerberos attacks, lateral movement, tooling, post-exploitation techniques, and networking. The content is designed to help both learners and experienced red-teamers fill gaps in their internal pentest knowledge, especially for environments where AD and internal tooling dominate. Because internal engagements often have more complexity and fewer online guides compared to internet-facing web apps, this repo serves as a converging point for best practices, write-ups, and cheat sheets. The repository is structured, continuously updated, and encourages contributions, so its value grows over time. ... -
2
nbcelltests
Cell-by-cell testing for production Jupyter notebooks in JupyterLab
...Note that you must have node.js installed (as for any lab extension). -
3
GOAD (Game of Active Directory)
game of active directory
GOAD (Gather Open Attack Data) is a security reconnaissance framework for collecting, enriching, and visualizing open-source intelligence (OSINT) around hosts, domains, and certificates. It automates queries to certificate transparency logs, passive DNS, subdomain enumeration, web endpoints, and other public threat feeds. The tool aggregates results into structured formats and can produce interactive graphs to highlight relationships between entities (e.g. domain → IP → cert → ASN). Analysts... -
4
Mobile Verification Toolkit
Helps with conducting forensics of mobile devices
Mobile Verification Toolkit (MVT) is a collection of utilities to simplify and automate the process of gathering forensic traces helpful to identify a potential compromise of Android and iOS devices. It has been developed and released by the Amnesty International Security Lab in July 2021 in the context of the Pegasus project along with a technical forensic methodology and forensic evidence. MVT is a forensic research tool intended for technologists and investigators. Using it requires understanding the basics of forensic analysis and using command-line tools. This is not intended for end-user self-assessment. ... -
Add Two Lines of Code. Get Full APM.Works out of the box for Rails, Django, Express, Phoenix, and more. Monitoring exceptions and performance in no time.
-
5
Splunk Attack Range
A tool that allows you to create vulnerable environments
The Splunk Attack Range is an open-source project maintained by the Splunk Threat Research Team. It builds instrumented cloud (AWS, Azure) and local environments (Virtualbox), simulates attacks, and forwards the data into a Splunk instance. This environment can then be used to develop and test the effectiveness of detections. -
6
BadUSB
Flipper Zero badusb payload library
...The codebase is frequently intended for security research and defensive testing: defenders and red teams use it to validate endpoint controls, USB whitelisting, and user training. Due to the dual-use nature of such techniques, responsible repositories emphasize lab-only experiments, consent-based testing, and mitigations like disabling autorun, enforcing device policies, and using endpoint detection. -
7
ICS Sensor Sim Lab
ICS Sensor Traffic Simulator
This tool simulates network traffic typical of an Industrial Control System (ICS) environment. It generates synthetic Modbus/TCP packets to help test monitoring and intrusion detection systems. Quick Start To use this tool, run the simulator: bash # Run for 30 seconds and save to traffic.log python lab_runner.py ics-sim --duration 30 --output traffic.log -
8
VPLE (Linux) Vulnerable Pentesting Lab Environment VPLE is an Intentionally Vulnerable Linux Virtual Machine. This VM can be used to conduct security training, test security tools, and practice common penetration testing Labs. In VPLE bunch of labs are Available. NOTE:- "Only run in VMWare Pls Don’t run in VirtualBox" Will also run on the ProxMox server to understand how to do it pls refer to the doc in the zip named "Cybersecurity Lab Deployment on Proxmox" The default login and password is administrator: password. ...
-
9
Ultramarker
Ultramarker assessment criteria, marking and report generation system
...Multiple weighted criteria can be included in the assessment and the same criteria used for multiple sessions. Sessions may be used to assess typically laboratory based work where common criteria are used to assess a number of similar lab sessions. Defined criteria can be used to assess systems or students and a feedback report generated that can contain a number of items including specific feedback comments. A summary of marks for a group can also be generated. See Files for help on installation and additional support files to download. See: https://youtube.com/playlist?... -
Gemini 3 and 200+ AI Models on One PlatformBuild, govern, and optimize agents and models with Gemini Enterprise Agent Platform.
-
10
JakiKaliOS
JakiKaliOS V.0.01 is a LiveRAM Debian distribution based on Kali Linux
JakiKaliOS is a LiveRAM Linux distribution based on Kali Linux, designed for cybersecurity professionals, ethical hackers, forensic analysts, and laboratory environments. The system runs entirely in RAM by default, leaving no disk footprint and providing fast, clean, and temporary work sessions ideal for security testing and controlled operations. JakiKaliOS includes a lightweight XFCE desktop optimized for performance and low resource usage, suitable for virtual machines, VPS consoles,... -
11
Ultimate AppLocker Bypass List
The most common techniques to bypass AppLocker
...It is aimed primarily at defenders, incident responders, and security researchers who need a consolidated reference to understand common bypass vectors and to validate detection logic. The repository emphasizes defensive use—helping blue teams craft allow-list policies, create detection rules, and test policy hardening in isolated lab environments—rather than offensive exploitation. -
12
Pentest-Tools
A collection of custom security tools for quick needs.
Pentest-Tools is a collection of penetration testing scripts and utilities designed to help security professionals and ethical hackers perform vulnerability assessments. It includes a wide range of tools for tasks like web scraping, reconnaissance, data extraction, and network analysis. The suite is modular, allowing users to choose the tools that best fit their specific pentesting needs, from web application analysis to network penetration testing. -
13
SM4Crypt
Command-line GM/T 0002-2012 SM4-GCM Encryption Tool
This project is licensed under the ISC License. Copyright © 2020-2021 ALBANESE Research Lab Source code: https://github.com/pedroalbanese/sm4crypt Visit: http://albanese.atwebpages.com -
14
Ascon
Command-line Ascon v1.2 Encryption Tool written in Go
...The Ascon family was designed to be lightweight and easy to implement, even with added countermeasures against side-channel attacks. This project is licensed under the ISC License. Copyright © 2020-2022 ALBANESE Research Lab Source code: https://github.com/pedroalbanese/ascon Visit: http://albanese.atwebpages.com -
15
vulnerable-AD
Create a vulnerable active directory
...The project can create user objects with default or weak passwords, inject passwords into object descriptions, disable SMB signing, and manipulate ACLs to reproduce real-world privilege escalation and persistence scenarios. A convenience wrapper and examples make it straightforward to deploy in a local lab: you can install AD services, run the script on a domain controller, and generate hundreds of vulnerable accounts and conditions for testing. The repository emphasizes full coverage of the listed attack types and includes options to randomize which weakness -
16
EncryptCLI
Open Source Commandline Encryption Tool written in AutoIt3
Fully OpenSSL compliant File Encryption Tool - ALBANESE Lab © 2018-2023 Algorithms: 3DES, AES-128, AES-192, AES-256, DES, RC2, RC4 Copyright © 2018-2020 Pedro F. Albanese Source: https://github.com/pedroalbanese/encryptcli Visit: http://albanese.atwebpages.com -
17
LEACrypt
TTAK.KO-12.0223 Lightweight Encryption Algorithm Tool
...LEA is included in the ISO/IEC 29192-2:2019 standard (Information security - Lightweight cryptography - Part 2: Block ciphers). This project is licensed under the ISC License. Copyright © 2020-2021 ALBANESE Research Lab Source code: https://github.com/pedroalbanese/leacrypt Visit: http://albanese.atwebpages.com -
18
GOSTCrypt ☭
GOST R 34.10-2015 Kuznechik Block Cipher Encryption Tool
GOST R 34.12-2015 Kuznechik block cipher (RFC 7801) with Multilinear Galois Mode (RFC 9058). This project is licensed under the ISC License. Copyright © 2020-2021 ALBANESE Research Lab Source code: https://github.com/pedroalbanese/gostcrypt Visit: http://albanese.atwebpages.com -
19
GMSM Toolkit ☭
Cross-platform GMSM Security Suite written in Go
...Cryptographic Functions: • Asymmetric Encryption/Decryption • Symmetric Encryption/Decryption • Digital Signature (ECDSA) • Shared Key Agreement (ECDH) • Recursive Hash Digest + Check • CMAC (Cipher-based message authentication code) • HMAC (Hash-based message authentication code) • PBKDF2 (Password-based key derivation function 2) • TLS Copyright (c) 2020-2021 Pedro Albanese - ALBANESE Lab. Source code: https://github.com/pedroalbanese/gmsmtk Visit: http://albanese.atwebpages.com -
20
Abdal 404 PenTest
Best tools for 404 WebApp stress
Abdal 404 PenTest tool is a powerful software with multi-thread processing capability to generate 404 errors on the target server or site that can check the level of security of the target. Be sure to watch this tool to better understand the tutorial. -
21
...This operating system is one variant of Linux distributions, which is used to perform security testing (penetration testing). Dracos linux in Arm by hundreds hydraulic pentest, forensics and reverse engineering. Use a GUI-based tools-tools the software using the CLI (command line interface) and GUI (graphical user interface) to perform its operations. Now Dracos currently already up to version 3.1.5 with the code name "KUNTILANAK WITH REMASTERED".
-
22
Abdal FTP BruteForce
FTP BruteForce tool For real Pentest
Abdal FTP BruteForce tool is a powerful software with zero error rate to test the intrusion of servers that work with FTP protocol, this tool supports proxy for attacks and can transfer all your traffic in the hacking process to the proxy Slowly -
23
Droid Pentest
Droid Pentest New version help you to find all android apps for penetr
Droid Pentest New version help you to find all android apps for penetration testing and hacking so you can make complete penetration test platform for Ethical hackers, IT administrator and Cyber security professional to perform different tasks like reconnaissance, scanning performing exploits etc with More then 60 Plus App. -
24
VPLE
Vulnerable Pentesting Lab Environment
VPLE (Linux) Vulnerable Pentesting Lab Environment VPLE is an Intentionally Vulnerable Linux Virtual Machine. This VM can be used to conduct security training, test security tools, and practice common penetration testing Labs. In VPLE bunch of labs are Available. NOTE:- "Only run in VMWare Pls Don’t run in VirtualBox" The default login and password is administrator: password. -
25
KISA Toolkit
Korea Internet & Security Agency's Cipher Suite written in Go
...Cryptographic Functions: • Symmetric Encryption/Decryption • Hash Digest • CMAC (Cipher-based message authentication code) • HMAC (Hash-based message authentication code) • PBKDF2 (Password-based key derivation function 2) Copyright (c) 2020-2021 Pedro Albanese - ALBANESE Lab Visit: http://albanese.atwebpages.com
