Showing 65 open source projects for "user acceptance testing"

View related business solutions
  • Our Free Plans just got better! | Auth0 Icon
    Our Free Plans just got better! | Auth0

    With up to 25k MAUs and unlimited Okta connections, our Free Plan lets you focus on what you do best—building great apps.

    You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
    Try free now
  • Ship Agents Faster Icon
    Ship Agents Faster

    Transform your applications and workflows into powerful agentic systems at global scale.

    Gemini Enterprise Agent Platform lets you rapidly build, scale, govern and optimize production-ready agents grounded in your organization's data. The platform enables developers to build custom or pre-built agents for virtually any use case. New customers get $300 in free credits.
    Get Started Free
  • 1
    Maltrail

    Maltrail

    Malicious traffic detection system

    Maltrail is a malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV reports and custom user-defined lists, where trail can be anything from domain name, URL, IP address (e.g. 185.130.5.231 for the known attacker) or HTTP User-Agent header value (e.g. sqlmap for automatic SQL injection and database takeover tool). Also, it uses (optional) advanced heuristic...
    Downloads: 1 This Week
    Last Update:
    See Project
  • 2
    Splunk Attack Range

    Splunk Attack Range

    A tool that allows you to create vulnerable environments

    The Splunk Attack Range is an open-source project maintained by the Splunk Threat Research Team. It builds instrumented cloud (AWS, Azure) and local environments (Virtualbox), simulates attacks, and forwards the data into a Splunk instance. This environment can then be used to develop and test the effectiveness of detections.
    Downloads: 1 This Week
    Last Update:
    See Project
  • 3
    sqlmap

    sqlmap

    Automatic SQL injection and database takeover tool

    sqlmap is a powerful, feature-filled, open source penetration testing tool. It makes detecting and exploiting SQL injection flaws and taking over the database servers an automated process. sqlmap comes with a great range of features that along with its powerful detection engine make it the ultimate penetration tester. It offers full support for MySQL, Oracle, PostgreSQL, Microsoft SQL Server, Microsoft Access, IBM DB2, SQLite, Firebird, and many other database management systems. It also...
    Downloads: 7 This Week
    Last Update:
    See Project
  • 4
    SSH-MITM

    SSH-MITM

    Server for security audits supporting public key authentication

    ssh man-in-the-middle (ssh-mitm) server for security audits supporting publickey authentication, session hijacking and file manipulation. SSH-MITM is a man in the middle SSH Server for security audits and malware analysis. Password and publickey authentication are supported and SSH-MITM is able to detect, if a user is able to login with publickey authentication on the remote server. This allows SSH-MITM to accept the same key as the destination server. If publickey authentication is not...
    Downloads: 2 This Week
    Last Update:
    See Project
  • $300 Free Credits to Build on Google Cloud Icon
    $300 Free Credits to Build on Google Cloud

    New to Google Cloud? Get $300 in credits to explore Compute Engine, BigQuery, Cloud Run, Gemini Enterprise Agent Platform, and more.

    Start your next project with $300 in free Google Cloud credit. Spin up VMs, run containers, query petabytes in BigQuery, or build agents with Gemini Enterprise Agent Platform. Once your credits are used, keep building with 20+ always-free tier products including Compute Engine, Cloud Storage, GKE, and Cloud Run functions. No commitment required—just sign up and start building.
    Claim $300 Free
  • 5
    Claude BugHunter

    Claude BugHunter

    A Claude Code skill bundle for bug hunting

    ...It includes curated patterns from public vulnerability reports, making it useful as a learning and workflow reference. Because it supports security testing, it should only be used on systems where the user has permission to test. Its strongest value is turning scattered bug bounty knowledge into reusable Claude Code workflows.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 6
    InQL Scanner

    InQL Scanner

    A Burp Extension for GraphQL Security Testing

    A security testing tool to facilitate GraphQL technology security auditing efforts. InQL can be used as a stand-alone script or as a Burp Suite extension. Since version 1.0.0 of the tool, InQL was extended to operate within Burp Suite. In this mode, the tool will retain all the stand-alone script capabilities and add a handy user interface for manipulating queries.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 7
    cloud_enum

    cloud_enum

    Multi-cloud OSINT tool for discovering public cloud resources

    ...It focuses on enumerating assets in Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform using keyword-based discovery techniques. It works by taking user-provided keywords and generating variations through mutation wordlists, then testing these combinations against common cloud service naming patterns. cloud_enum performs both HTTP probing and DNS lookups to identify resources such as storage buckets, cloud applications, and databases that may be exposed or accessible. cloud_enum uses concurrent processing to speed up scanning, enabling efficient enumeration of large numbers of possible resource names. ...
    Downloads: 1 This Week
    Last Update:
    See Project
  • 8
    linkedin2username

    linkedin2username

    Generate probable usernames from LinkedIn company employee lists

    linkedin2username is an open source OSINT (Open Source Intelligence) tool designed to generate lists of potential usernames by scraping employee information from a company’s LinkedIn page. It logs into LinkedIn using valid user credentials and collects publicly visible employee names associated with a specified organization. Using these names, it automatically generates multiple possible username formats that organizations commonly use for accounts or email addresses. This process helps security researchers, penetration testers, and investigators perform reconnaissance by building potential username lists for further security testing or OSINT analysis. ...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 9

    RansomWare

    This tools implements a RansomWare (cryptolocker, exfiltration, ...).

    This tools implements a RansomWare (cryptolocker, data exfiltration, ransomnote, ...).
    Leader badge
    Downloads: 69 This Week
    Last Update:
    See Project
  • Error to trace to log to deploy. One click. No SSH. Icon
    Error to trace to log to deploy. One click. No SSH.

    Catch the cause before the pager goes off.

    AppSignal links every error to the trace, the trace to the log, the log to the deploy that shipped it.
    Free 30 days.
  • 10
    <<Hack|Track GNU/Linux

    <<Hack|Track GNU/Linux

    Distro Penetrasing Live System Burn to USB Flash Disk & Run.

    <<Hack|Track GNU/Linux is an open source operating system developed by the HTGL Project from Indonesia which provides penetration testing.
    Leader badge
    Downloads: 468 This Week
    Last Update:
    See Project
  • 11
    AWS Secrets Manager Python caching

    AWS Secrets Manager Python caching

    Enables in-process caching of secrets for Python applications

    The AWS Secrets Manager Python caching client enables in-process caching of secrets for Python applications. To use this client you must have Python 3.6 or newer. Use of Python versions 3.5 or older are not supported. An Amazon Web Services (AWS) account to access secrets stored in AWS Secrets Manager. To create an AWS account, go to Sign In or Create an AWS Account and then choose I am a new user. Follow the instructions to create an AWS account. To create a secret in AWS Secrets Manager,...
    Downloads: 2 This Week
    Last Update:
    See Project
  • 12
    MrFish

    MrFish

    A anti-phishing Python script with headers and proxies!

    ...Please use responsibly and ensure compliance with all applicable laws and ethical guidelines when using MrFish for testing purposes.
    Downloads: 1 This Week
    Last Update:
    See Project
  • 13
    BerserkArch

    BerserkArch

    A bleeding-edge, security-centric Arch-based Linux distribution.

    BerserkArch is a security-focused, performance-tuned Linux operating system (OS) based on Arch Linux, designed for developers, hackers, and technical users. A bleeding-edge, security-centric Arch-based Linux distribution crafted for hackers, developers, and nerds alike. Following the Arch Linux philosophy, it is designed to be highly customizable, allowing users to build their environment with only the components they need, rather than having a lot of pre-installed software like some other...
    Downloads: 57 This Week
    Last Update:
    See Project
  • 14
    Wapiti

    Wapiti

    Wapiti is a web-application vulnerability scanner

    Wapiti is a vulnerability scanner for web applications. It currently search vulnerabilities like XSS, SQL and XPath injections, file inclusions, command execution, XXE injections, CRLF injections, Server Side Request Forgery, Open Redirects... It use the Python 3 programming language.
    Downloads: 14 This Week
    Last Update:
    See Project
  • 15
    PyKCS11: a complete PKCS#11 wrapper for Python, created using the SWIG compiler. API documentation: http://pkcs11wrap.sourceforge.net/api/
    Downloads: 0 This Week
    Last Update:
    See Project
  • 16
    Digna Web Scanner

    Digna Web Scanner

    A tool to check web apps for vulnerabilty

    This web application scanner is a powerful tool designed to identify potential security vulnerabilities in websites with full GUI (no need to cli). It currently performs checks for: SQL Injection (SQLi): Detects vulnerabilities that could allow attackers to inject malicious SQL code and manipulate the database. XSS Cross-site-scripting: Detect vulnerability that allow attackers to inject client-side scripts into web pages Cross-Site Request Forgery (CSRF): Helps discover...
    Downloads: 1 This Week
    Last Update:
    See Project
  • 17
    BashCore

    BashCore

    A custom Debian live ISO with security tools, no GUI, only Bash.

    BashCore is a Debian-based live ISO for security, networking, and learning. CLI-only, Bash-driven, lightweight, GPU-ready, with optional PREEMPT_RT kernel. Fresh environment on every boot, ideal for safe experimentation. Also available: BashCoreX (XFCE GUI) BashCoreT (Trixie CLI, Linux 6.12) BashCoreTX (Trixie XFCE) BashCoreZ (ultra-minimal CLI) BashLabOS (XFCE, daily use & privacy tools) BashCoreGee (GNOME, installable via Calamares) Info: https://www.bashcore.org
    Downloads: 0 This Week
    Last Update:
    See Project
  • 18
    belch
    BELCH Password List Generator is a simple tool to generate password lists based on a given pattern. You can specify the password pattern and generate multiple unique passwords.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 19
    pdf password cracker

    pdf password cracker

    Pdf password cracker using password list

    Pdf password cracker using password list
    Downloads: 0 This Week
    Last Update:
    See Project
  • 20
    PhoenixC2

    PhoenixC2

    Command & Control-Framework created for collaboration in python3

    PhoenixC2 is a command & control framework. The purpose of this software is, to aid red teamers and penetration testers in their operations, by providing a way to manage hacked devices.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 21

    The_Deck_Linux

    Portable Penetration Testing Operating System

    It is an Portable Penetration Testing Operating System designed for Beagle Bone AI. It is an debian based operating system fully packed with all latest Hacking Tools. The Root file system used in this Deck Linux is Ubuntu 20.04 LTS. It can be installed in Beagle Board AI and can use as a replacement for Laptop, Desktop. It can be placed on a drone too. It has a pre-installed MeshDeck (written by Philip Polstra) so it can be runned in a ZigBee network. We can attacks from up to a mile away...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 22
    DracOS GNU/Linux Remastered
    ...DracOS GNU/Linux Remastered ( https://github.com/dracos-linux ) is the Linux operating system from Indonesia , open source is built based on Debian live project under the protection of the GNU General Public License v3.0. This operating system is one variant of Linux distributions, which is used to perform security testing (penetration testing). Dracos linux in Arm by hundreds hydraulic pentest, forensics and reverse engineering. Use a GUI-based tools-tools the software using the CLI (command line interface) and GUI (graphical user interface) to perform its operations. Now Dracos currently already up to version 3.1.5 with the code name "KUNTILANAK WITH REMASTERED".
    Downloads: 9 This Week
    Last Update:
    See Project
  • 23
    phpsploit

    phpsploit

    Full-featured C2 framework which silently persists on webserver

    Full-featured C2 framework which silently persists on webserver via polymorphic PHP oneliner. The obfuscated communication is accomplished using HTTP headers under standard client requests and web server's relative responses, tunneled through a tiny polymorphic backdoor. Detailed help for any option (help command) Cross-platform on both client and server. CLI supports auto-completion & multi-command. Session saving/loading feature & persistent history. Multi-request support for large...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 24
    ANDRAX Hacker's Platform

    ANDRAX Hacker's Platform

    Advanced Ethical Hacking and Penetration Testing Platform

    The most complete and Advanced Penetration Testing and Ethical Hacking Platform dedicated to Advanced Professionals. Developed to bring the power of Offensive Security in the anyone's pocket 100% OPEN SOURCE - ANDRAX is a independent solution for Security professionals who loves Linux
    Leader badge
    Downloads: 65 This Week
    Last Update:
    See Project
  • 25
    mongoaudit

    mongoaudit

    A powerful MongoDB auditing and pentesting tool

    mongoaudit is a CLI tool for auditing MongoDB servers, detecting poor security settings and performing automated penetration testing. It is widely known that there are quite a few holes in MongoDB's default configuration settings. This fact, combined with abundant lazy system administrators and developers, has led to what the press has called the MongoDB apocalypse. mongoaudit not only detects misconfigurations, known vulnerabilities and bugs but also gives you advice on how to fix them,...
    Downloads: 0 This Week
    Last Update:
    See Project
  • Previous
  • You're on page 1
  • 2
  • 3
  • Next
Auth0 Logo