Showing 228 open source projects for "user acceptance testing"

View related business solutions
  • Our Free Plans just got better! | Auth0 Icon
    Our Free Plans just got better! | Auth0

    With up to 25k MAUs and unlimited Okta connections, our Free Plan lets you focus on what you do best—building great apps.

    You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
    Try free now
  • Ship Agents Faster Icon
    Ship Agents Faster

    Transform your applications and workflows into powerful agentic systems at global scale.

    Gemini Enterprise Agent Platform lets you rapidly build, scale, govern and optimize production-ready agents grounded in your organization's data. The platform enables developers to build custom or pre-built agents for virtually any use case. New customers get $300 in free credits.
    Get Started Free
  • 1
    PEASS-ng

    PEASS-ng

    Privilege Escalation Awesome Scripts SUITE

    These tools search for possible local privilege escalation paths that you could exploit and print them to you with nice colors so you can recognize the misconfigurations easily. All the scripts/binaries of the PEAS suite should be used for authorized penetration testing and/or educational purposes only. Any misuse of this software will not be the responsibility of the author or of any other collaborator. Use it at your own machines and/or with the owner's permission. Here you will find...
    Downloads: 59 This Week
    Last Update:
    See Project
  • 2
    SimpleX

    SimpleX

    The first messaging platform operating without user identifiers

    Other apps have user IDs: Signal, Matrix, Session, Briar, Jami, Cwtch, etc. SimpleX does not, not even random numbers. This radically improves your privacy. The video shows how you connect to your friend via their 1-time QR-code, in person or via a video link. You can also connect by sharing an invitation link. Temporary anonymous pairwise identifiers SimpleX uses temporary anonymous pairwise addresses and credentials for each user contact or group member. It allows to deliver messages...
    Downloads: 36 This Week
    Last Update:
    See Project
  • 3
    BadUSB

    BadUSB

    Flipper Zero badusb payload library

    ...It typically contains firmware examples, payloads, and explanations showing how a device presenting as a Human Interface Device (HID) can inject keystrokes, open shells, or orchestrate data exfiltration when plugged into a machine. The codebase is frequently intended for security research and defensive testing: defenders and red teams use it to validate endpoint controls, USB whitelisting, and user training. Due to the dual-use nature of such techniques, responsible repositories emphasize lab-only experiments, consent-based testing, and mitigations like disabling autorun, enforcing device policies, and using endpoint detection.
    Downloads: 7 This Week
    Last Update:
    See Project
  • 4
    Splunk Attack Range

    Splunk Attack Range

    A tool that allows you to create vulnerable environments

    The Splunk Attack Range is an open-source project maintained by the Splunk Threat Research Team. It builds instrumented cloud (AWS, Azure) and local environments (Virtualbox), simulates attacks, and forwards the data into a Splunk instance. This environment can then be used to develop and test the effectiveness of detections.
    Downloads: 1 This Week
    Last Update:
    See Project
  • MongoDB Atlas runs apps anywhere Icon
    MongoDB Atlas runs apps anywhere

    Deploy in 115+ regions with the modern database for every enterprise.

    MongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
    Start Free
  • 5
    SSH-MITM

    SSH-MITM

    Server for security audits supporting public key authentication

    ssh man-in-the-middle (ssh-mitm) server for security audits supporting publickey authentication, session hijacking and file manipulation. SSH-MITM is a man in the middle SSH Server for security audits and malware analysis. Password and publickey authentication are supported and SSH-MITM is able to detect, if a user is able to login with publickey authentication on the remote server. This allows SSH-MITM to accept the same key as the destination server. If publickey authentication is not...
    Downloads: 2 This Week
    Last Update:
    See Project
  • 6
    emp3r0r

    emp3r0r

    Linux/Windows post-exploitation framework made by linux user

    A post-exploitation framework for Linux/Windows. Initially, emp3r0r was developed as one of my weaponizing experiments. It was a learning process for me trying to implement common Linux adversary techniques and some of my original ideas. So, what makes emp3r0r different? First of all, it is the first C2 framework that targets Linux platform including the capability of using any other tools through it. Take a look at the features for more valid reasons to use it.
    Downloads: 1 This Week
    Last Update:
    See Project
  • 7
    sqlmap

    sqlmap

    Automatic SQL injection and database takeover tool

    sqlmap is a powerful, feature-filled, open source penetration testing tool. It makes detecting and exploiting SQL injection flaws and taking over the database servers an automated process. sqlmap comes with a great range of features that along with its powerful detection engine make it the ultimate penetration tester. It offers full support for MySQL, Oracle, PostgreSQL, Microsoft SQL Server, Microsoft Access, IBM DB2, SQLite, Firebird, and many other database management systems. It also...
    Downloads: 5 This Week
    Last Update:
    See Project
  • 8
    ezXSS

    ezXSS

    ezXSS is an easy way for penetration testers and bug bounty hunters

    ezXSS is an open-source XSS (Cross-Site Scripting) testing platform designed to help security researchers identify and collect XSS vulnerabilities. It acts as a payload receiver and logger, storing details about triggered XSS attacks such as the user agent, cookies, DOM, and referrer. This tool is highly useful in bug bounty hunting and penetration testing for monitoring and documenting XSS vectors in real-time.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 9
    Claude BugHunter

    Claude BugHunter

    A Claude Code skill bundle for bug hunting

    ...It includes curated patterns from public vulnerability reports, making it useful as a learning and workflow reference. Because it supports security testing, it should only be used on systems where the user has permission to test. Its strongest value is turning scattered bug bounty knowledge into reusable Claude Code workflows.
    Downloads: 0 This Week
    Last Update:
    See Project
  • Custom VMs From 1 to 96 vCPUs With 99.95% Uptime Icon
    Custom VMs From 1 to 96 vCPUs With 99.95% Uptime

    General-purpose, compute-optimized, or GPU/TPU-accelerated. Built to your exact specs.

    Live migration and automatic failover keep workloads online through maintenance. One free e2-micro VM every month.
    Try Free
  • 10
    Brook

    Brook

    Brook is a cross-platform strong encryption and not detectable proxy

    Brook is a cross-platform strong encryption and not detectable proxy. Brook's goal is to keep it simple, stupid and not detectable. You can run commands after entering the command-line interface. Usually, everyone uses the command line interface on Linux servers. Of course, Linux also has desktops that can also run GUI. Of course, macOS and Windows also have command-line interfaces, but you may not use them frequently. Usually, the applications opened by double-clicking/clicking on...
    Downloads: 7 This Week
    Last Update:
    See Project
  • 11
    Themis

    Themis

    Easy to use cryptographic framework for data protection

    Cross-platform high-level cryptographic library. Themis helps to build simple and complex cryptographic features easily, quickly, and securely. It’s a perfect fit for multi-platform apps. Themis hides cryptographic details and eliminates popular mistakes. Themis provides ready-made building blocks (“cryptosystems”) for secure data storage, message exchange, socket connections, and authentication. Secure Cell is a multi-mode cryptographic container suitable for storing anything from encrypted...
    Downloads: 1 This Week
    Last Update:
    See Project
  • 12
    sbctl

    sbctl

    Secure Boot key manager

    sbctl intends to be a user-friendly secure boot key manager capable of setting up secure boot, offering key management capabilities, and keeping track of files that need to be signed in the boot chain. It is written top-to-bottom in Golang using go-uefi for the API layer and doesn't rely on existing secure boot tooling. It also tries to sport some integration testing towards tianocore utilizing vmtest.
    Downloads: 4 This Week
    Last Update:
    See Project
  • 13
    Username Anarchy

    Username Anarchy

    Username generator for penetration testing and user enumeration

    Username Anarchy is an open source command line tool designed to generate possible usernames for use in penetration testing and security assessments. It focuses on solving one of the common challenges in authentication attacks: identifying valid usernames before attempting password attacks. It generates large sets of potential usernames based on a person’s name and common naming conventions used in corporate or online systems. These generated username lists can then be used for activities...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 14
    Merlin HTTP/2

    Merlin HTTP/2

    Merlin is a cross-platform post-exploitation HTTP/2 Command

    Merlin is a cross-platform post-exploitation Command & Control server and agent written in Go. The Merlin server is a self-contained command line program that requires no installation. You just simply download it and run it. The command-line interface only works great if it will be used by a single operator at a time. The Merlin agent can be controlled through Mythic, which features a web-based user interface that enables multiplayer support, and a slew of other features inherent to the project.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 15
    InQL Scanner

    InQL Scanner

    A Burp Extension for GraphQL Security Testing

    A security testing tool to facilitate GraphQL technology security auditing efforts. InQL can be used as a stand-alone script or as a Burp Suite extension. Since version 1.0.0 of the tool, InQL was extended to operate within Burp Suite. In this mode, the tool will retain all the stand-alone script capabilities and add a handy user interface for manipulating queries.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 16
    UACMe

    UACMe

    Defeating Windows user account control

    Run executable from command line, akagi32 [Key] [Param] or akagi64 [Key] [Param]. First parameter is a number of methods to use, second is an optional command (executable file name including full path) to run. The second parameter can be empty - in this case, the program will execute elevated cmd.exe from the system32 folder. Since 3.5.0 version all "fixed" methods are considered obsolete and removed altogether with all supporting code/units. If you still need them. This tool shows ONLY...
    Downloads: 3 This Week
    Last Update:
    See Project
  • 17
    cloud_enum

    cloud_enum

    Multi-cloud OSINT tool for discovering public cloud resources

    ...It focuses on enumerating assets in Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform using keyword-based discovery techniques. It works by taking user-provided keywords and generating variations through mutation wordlists, then testing these combinations against common cloud service naming patterns. cloud_enum performs both HTTP probing and DNS lookups to identify resources such as storage buckets, cloud applications, and databases that may be exposed or accessible. cloud_enum uses concurrent processing to speed up scanning, enabling efficient enumeration of large numbers of possible resource names. ...
    Downloads: 1 This Week
    Last Update:
    See Project
  • 18
    linkedin2username

    linkedin2username

    Generate probable usernames from LinkedIn company employee lists

    linkedin2username is an open source OSINT (Open Source Intelligence) tool designed to generate lists of potential usernames by scraping employee information from a company’s LinkedIn page. It logs into LinkedIn using valid user credentials and collects publicly visible employee names associated with a specified organization. Using these names, it automatically generates multiple possible username formats that organizations commonly use for accounts or email addresses. This process helps security researchers, penetration testers, and investigators perform reconnaissance by building potential username lists for further security testing or OSINT analysis. ...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 19
    Qtum

    Qtum

    Qtum Core Wallet

    ...It achieves this through the revolutionary Account Abstraction Layer which allows the EVM to communicate with Qtum's Bitcoin-like UTXO blockchain. Welcome to the Qtum Ignition Main Network. This is the main network where the tokens hold value and should be guarded very carefully. If you are testing the network or developing unstable software on Qtum, we highly recommend using either testnet or regtest mode. A Proof of Stake consensus system which is optimized for Qtum's contract model. Any user can stake and help to secure the network. There is no voting, master nodes, or minimum amount required. There have been transactions as small as 2 Qtum that have created blocks in the past. ...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 20
    VeraCrypt

    VeraCrypt

    Open source disk encryption with strong security for the Paranoid

    VeraCrypt is a free disk encryption software brought to you by IDRIX (https://www.idrix.fr) and based on TrueCrypt 7.1a. It adds enhanced security to the algorithms used for system and partitions encryption making it immune to new developments in brute-force attacks. It also solves many vulnerabilities and security issues found in TrueCrypt. This enhanced security adds some delay ONLY to the opening of encrypted partitions without any performance impact to the application use phase....
    Leader badge
    Downloads: 6,078 This Week
    Last Update:
    See Project
  • 21
    SANTETIN

    SANTETIN

    Santetin is a website stress test and DDOS simulation tool

    Santetin is a powerful desktop application built with Electron to perform website stress tests, penetration testing simulations, DDOS attacks, and traffic jingling for testing and educational purposes. ⚠️ Disclaimer: This tool is intended for educational and testing purposes only. Do not use it against any website without explicit permission from the owner.
    Downloads: 17 This Week
    Last Update:
    See Project
  • 22

    RansomWare

    This tools implements a RansomWare (cryptolocker, exfiltration, ...).

    This tools implements a RansomWare (cryptolocker, data exfiltration, ransomnote, ...).
    Leader badge
    Downloads: 64 This Week
    Last Update:
    See Project
  • 23
    ZipUnlocker2026

    ZipUnlocker2026

    Zip Unlocker WinZip/WinRAR Password Unlocker

    This WinZip/WinRAR Password Unlocker is a powerful and efficient tool designed to help users recover lost or forgotten passwords for their password-protected ZIP and RAR files. Whether you're dealing with important compressed files or simply can't access your archive, this password unlocker can assist in restoring your access. With its easy-to-use interface and fast recovery process, the program supports multiple attack methods, such as brute-force and dictionary attacks, to quickly guess...
    Downloads: 85 This Week
    Last Update:
    See Project
  • 24
    apk-mitm

    apk-mitm

    Application that automatically prepares Android APK files for HTTPS

    Inspecting a mobile app's HTTPS traffic using a proxy is probably the easiest way to figure out how it works. However, with the Network Security Configuration introduced in Android 7 and app developers trying to prevent MITM attacks using certificate pinning, getting an app to work with an HTTPS proxy has become quite tedious.
    Downloads: 16 This Week
    Last Update:
    See Project
  • 25
    Address_Decode

    Address_Decode

    Decode various cryptocurrency addresses

    Address to hash160 is an efficient multi-threaded tool designed to decode various cryptocurrency addresses (such as Bitcoin BTC,Bitcoin Cash BCH, Litecoin LTC, Bitcoin Gold BTG, etc.) to extract hash160 values. It is often used in research such as brainflayer, keyhunt, BitCrack, ecloop, keyhunt cuda, etc.
    Downloads: 13 This Week
    Last Update:
    See Project
  • Previous
  • You're on page 1
  • 2
  • 3
  • 4
  • 5
  • Next
Auth0 Logo