Search Results for "software test tool"
Sort By:
Showing 39 open source projects for "software test tool"
View related business solutions-
Our Free Plans just got better! | Auth0 by OktaYou asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your secuirty. Auth0 now, thank yourself later.
-
Never Get Blocked Again | Enterprise Web ScrapingGet unrestricted access to public web data with our ethically-sourced proxy network. Automated session management and advanced unblocking handle the hard parts. Scale from 1 to 1M requests with zero blocks. Built for developers with ready-to-use APIs, serverless functions, and complete documentation. Used by 20,000+ companies including Fortune 500s. SOC2 and GDPR compliant.
-
1
sqlmap
Automatic SQL injection and database takeover tool
sqlmap is a powerful, feature-filled, open source penetration testing tool. It makes detecting and exploiting SQL injection flaws and taking over the database servers an automated process. sqlmap comes with a great range of features that along with its powerful detection engine make it the ultimate penetration tester. It offers full support for MySQL, Oracle, PostgreSQL, Microsoft SQL Server, Microsoft Access, IBM DB2, SQLite, Firebird, and many other database management systems. It also... -
2
theHarvester
E-mails, subdomains and names
theHarvester is a very simple to use, yet powerful and effective tool designed to be used in the early stages of a penetration test or red team engagement. Use it for open source intelligence (OSINT) gathering to help determine a company's external threat landscape on the internet. The tool gathers emails, names, subdomains, IPs and URLs using multiple public data sources. -
3
frida
Dynamic instrumentation toolkit for developers
... bindings, .NET bindings, Qt/Qml bindings, or C API. Frida is and will always be free software (free as in freedom). We want to empower the next generation of developer tools, and help other free software developers achieve interoperability through reverse engineering. We are proud that NowSecure is using Frida to do fast, deep analysis of mobile apps at scale. Frida has a comprehensive test-suite and has gone through years of rigorous testing across a broad range of use-cases. -
4
mitmproxy
A free and open source interactive HTTPS proxy
mitmproxy is an open source, interactive SSL/TLS-capable intercepting HTTP proxy, with a console interface fit for HTTP/1, HTTP/2, and WebSockets. It's the ideal tool for penetration testers and software developers, able to debug, test, and make privacy measurements. It can intercept, inspect, modify and replay web traffic, and can even prettify and decode a variety of message types. Its web-based interface mitmweb gives you a similar experience as Chrome's DevTools, with the addition... -
Secure remote access solution to your private network, in the cloud or on-prem.OpenVPN is here to bring simple, flexible, and cost-effective secure remote access to companies of all sizes, regardless of where their resources are located.
-
5
Maltrail
Malicious traffic detection system
Maltrail is a malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV reports and custom user-defined lists, where trail can be anything from domain name, URL, IP address (e.g. 185.130.5.231 for the known attacker) or HTTP User-Agent header value (e.g. sqlmap for automatic SQL injection and database takeover tool). Also, it uses (optional) advanced heuristic... -
6
Splunk Attack Range
A tool that allows you to create vulnerable environments
The Splunk Attack Range is an open-source project maintained by the Splunk Threat Research Team. It builds instrumented cloud (AWS, Azure) and local environments (Virtualbox), simulates attacks, and forwards the data into a Splunk instance. This environment can then be used to develop and test the effectiveness of detections. -
7
Sippts
Set of tools to audit SIP based VoIP Systems
Sippts is a set of tools to audit VoIP servers and devices using SIP protocol. Sippts is programmed in Python and it allows us to check the security of a VoIP server using SIP protocol. You can freely use, modify and distribute. If modified, please put a reference to this site. Most security tools can be used for illegal purposes, but the purpose of this tool is to check the security of your own servers and not to use to do bad things. I am not responsible for the misuse of this tool. Sippts... -
8
Checkov
Prevent cloud misconfigurations during build-time for Terraform
... Templates, Serverless, Helm, and AWS CDK. Scan cloud resources in build-time for misconfigured attributes with a simple Python policy-as-code framework. Analyze relationships between cloud resources using Checkov’s graph-based YAML policies. Execute, test, and modify runner parameters in the context of a subject repository CI/CD and version control integrations. -
9
OWASP Mobile Application Security
Manual for mobile app security testing and reverse engineering
The OWASP Mobile Application Security (MAS) flagship project provides a security standard for mobile apps (OWASP MASVS) and a comprehensive testing guide (OWASP MASTG) that covers the processes, techniques, and tools used during a mobile app security test, as well as an exhaustive set of test cases that enables testers to deliver consistent and complete results. MAS Advocates are industry adopters of the OWASP MASVS and MASTG who have invested a significant and consistent amount of resources... -
User Testing Platform | TesteumTired of bugs and poor UX going unnoticed despite thorough internal testing? Testeum is the SaaS crowdtesting platform that connects mobile and web app creators with carefully selected testers based on your criteria.
-
10
Wemake Django Template
Bleeding edge django template focused on code quality and security
... be consistent, so we use strict quality and style checks. Development, testing, and production should have the same environment, so again we develop, test, and run our apps in docker containers. Documentation and codebase are the only sources of truth. This template is oriented on big projects, when there are multiple people working on it for a long period of time. -
11
aws-encryption-sdk-cli
CLI wrapper around aws-encryption-sdk-python
This command line tool can be used to encrypt and decrypt files and directories using the AWS Encryption SDK. If you have not already installed cryptography, you might need to install additional prerequisites as detailed in the cryptography installation guide for your operating system. Installation using a python virtual environment is recommended to avoid conflicts between system packages and user-installed packages. For the most part, the behavior of aws-encryption-cli in handling files... -
12
TorBot
Dark Web OSINT Tool
Contributions to this project are always welcome. To add a new feature fork the dev branch and give a pull request when your new feature is tested and complete. If its a new module, it should be put inside the modules directory. The branch name should be your new feature name in the format <Feature_featurename_version(optional)>. On Linux platforms, you can make an executable for TorBot by using the install.sh script. You will need to give the script the correct permissions using chmod +x... -
13
dirsearch
Web path scanner
An advanced command-line tool designed to brute force directories and files in webservers, AKA web path scanner. Wordlist is a text file, each line is a path. About extensions, unlike other tools, dirsearch only replaces the %EXT% keyword with extensions from -e flag. For wordlists without %EXT% (like SecLists), -f | --force-extensions switch is required to append extensions to every word in wordlist, as well as the /. To use multiple wordlists, you can separate your wordlists with commas... -
14
SharPyShell
Tiny and obfuscated ASP.NET webshell for C# web applications
SharPyShell is a tiny and obfuscated ASP.NET web shell that executes commands received by an encrypted channel compiling them in memory at runtime. SharPyShell supports only C# web applications that run on .NET Framework >= 2.0. SharPyShell is a post-exploitation framework written in Python. The main aim of this framework is to provide the penetration tester with a series of tools to ease the post-exploitation phase once exploitation has been successful against an IIS webserver. This tool... -
15
DDoS/Dos Attack Simulator
Distributed Denial of Service Attack Simulator
DDoS/DoS Attack Simulator is powerful Python-based software used for attacking servers, hosts, and websites using traffic. It disrupts the normal traffic of a targeted server, service, or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic. A server that does not have protection against it can experience extremely slow performance due to all of the traffic it sends. Extensive features will be added! Mega Feature - > DoS Tool. [ 1 ] Bugs... -
16
codecat
static code analysis, to find/track sinks and bugs
CodeCat is a open source tool to help you in static code analysis, to find/track sinks and bugs, this points follow regex rules... -
17
UltraDDOS-v2
DDOS tool
One of the most overpowered DDOS weapon on the internet. This software is mainly for pen testing websites or servers. Slava Ukraine! -
18
SIPVicious
Security tools that can be used to audit SIP based VoIP systems
SIPVicious OSS has been around since 2007 and is actively updated to help security teams, QA and developers test SIP-based VoIP systems and applications. Open-source security suite for auditing SIP based VoIP systems. Also known as friendly-scanner, it is freely available to help pentesters, security teams and developers quickly test their SIP systems. Download the latest source code from git or the latest release, send pull requests and open issues. Install the latest and greatest release... -
19
Offensive Web Testing Framework
Offensive Web Testing Framework (OWTF), is a framework
... on seemingly risky areas. Demonstrate true impact despite the short timeframes we are typically given to test. The tool is highly configurable and anybody can trivially create simple plugins or add new tests in the configuration files without having any development experience. OWTF is developed on KaliLinux and macOS but it is made for Kali Linux (or other Debian derivatives). -
20
CTS Surveyor
Foot traffic and facial analytics for your business and home
Surveyor is a software solution that monitors its environment via camera and gathers demographic information about the public in the surrounding area, providing important statistics such as number of people passing by as well as providing facial analytics to classify the pedestrians based on their age and gender. The statistical data is stored in a local database and is made available via RESTful API’s, and easy integration with other applications can be accomplished via a WebSocket interface... -
21
leet
Leet is CCEx's software application for on-the-fly encryption (OTFE).
The name leet stands for "Linux exquisite encryption tool", it will be a software application for on-the-fly encryption, similar in its functionality to TrueCrypt. The goal of leet however is to be simpler and as user friendly as possible, making encryption and securing of information accessible to anybody, even those who don't necessarily have any prior knowledge of data securing, algorithms and encryption. However it's not targeted at this group of users only, part of the ambition... -
22
Password Guessing Framework
A Framework for Comparing Password Guessing Strategies
The Password Guessing Framework is an open source tool to provide an automated and reliable way to compare password guessers. It can help to identify individual strengths and weaknesses of a guesser, its modes of operation or even the underlying guessing strategies. Therefor, it gathers information about how many passwords from an input file (password leak) have been cracked in relation to the amount of generated guesses. Subsequent to the guessing process an analysis of the cracked passwords... -
23
SpiderFoot
Open Source Intelligence Automation.
SpiderFoot is an open source intelligence automation tool. Its goal is to automate the process of gathering intelligence about a given target, which may be an IP address, domain name, hostname or network subnet. SpiderFoot can be used offensively, i.e. as part of a black-box penetration test to gather information about the target or defensively to identify what information your organisation is freely providing for attackers to use against you. -
24
FoxNuke
A Proffesional Stress-Testing(ddos) tool for pentesters
The FoxNuke program is written in python and uses Firefox in order to complete the distributed denial of service attack feature. Multiple headers are used from the Firefox browser, along with a personal configuration option for the Opera browser. The FoxNuke Program is still underdevelopment as of 8/24/17, full release is set to come out sometime during 2017-2018. If you would like to participate in the TESTING of this program and would like to help report bugs, etc. then please email... -
25
dhcpclientsimulator
Both a DHCP client simulator and a DHCP attack tool.
#DHCP Client Simulator For the DHCP client simulator mode, assuming there is an active DHCP server on the network, the user can choose to simulate any number of DHCP clients. All DHCP leases obtained from the server are saved in the DHCP_Leases.txt file, which is automatically generated by the program. The user can also release the leases received from the server, either one by one (by IP address) or all of them at once. After releasing all the addresses, the DHCP_Leases.txt file is...