Showing 1021 open source projects for "web-erp"

View related business solutions
  • Build Agents and Models on One Platform Icon
    Build Agents and Models on One Platform

    Everything you need to build production-ready agents and models. Access 200+ Google and third-party AI models and tools.

    Gemini Enterprise Agent Platform is Google Cloud's comprehensive platform for developers to build, scale, govern, and optimize agents and models. Choose from Google's most advanced models and third-party models like Anthropic's Claude Model Family.
    Try It Free
  • Train ML Models With SQL You Already Know Icon
    Train ML Models With SQL You Already Know

    BigQuery automates data prep, analysis, and predictions with built-in AI assistance.

    Build and deploy ML models using familiar SQL. Automate data prep with built-in Gemini. Query 1 TB and store 10 GB free monthly.
    Try Free
  • 1
    Web-Check

    Web-Check

    All-in-one OSINT tool for analysing any website

    Comprehensive, on-demand open source intelligence for any website. Get an insight into the inner-workings of a given website: uncover potential attack vectors, analyse server architecture, view security configurations, and learn what technologies a site is using. Currently the dashboard will show: IP info, SSL chain, DNS records, cookies, headers, domain info, search crawl rules, page map, server location, redirect ledger, open ports, traceroute, DNS security extensions, site performance,...
    Downloads: 2 This Week
    Last Update:
    See Project
  • 2
    DVWA

    DVWA

    PHP/MySQL web application

    Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and aid teachers/students to teach/learn web application security in a classroom environment.
    Downloads: 427 This Week
    Last Update:
    See Project
  • 3
    Nikto

    Nikto

    Web server vulnerability scanner for security assessments

    Nikto is an open-source web server scanner that performs comprehensive tests to detect potentially dangerous files, outdated server software, and configuration issues. It’s widely used by penetration testers and security professionals for auditing web applications and infrastructure. Nikto supports multiple output formats and can integrate with other tools for automated scanning workflows.
    Downloads: 107 This Week
    Last Update:
    See Project
  • 4
    Tor Browser

    Tor Browser

    Browser for using Tor on Windows, Mac OS X or Linux

    ...This effectively prevents anyone watching your Internet connection from learning what sites you visit; it prevents the sites you visit from learning your physical location; and allows you access to sites which are blocked. Tor Browser can run off a USB flash drive, comes with a pre-configured web browser to protect your anonymity, and is self-contained (portable).
    Downloads: 993 This Week
    Last Update:
    See Project
  • Our Free Plans just got better! | Auth0 Icon
    Our Free Plans just got better! | Auth0

    With up to 25k MAUs and unlimited Okta connections, our Free Plan lets you focus on what you do best—building great apps.

    You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
    Try free now
  • 5
    ZAP

    ZAP

    The OWASP ZAP core project

    ...ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. It stands between the tester’s browser and the web application so that it can intercept and inspect messages sent between browser and web application.
    Downloads: 86 This Week
    Last Update:
    See Project
  • 6
    PentestGPT

    PentestGPT

    Automated Penetration Testing Agentic Framework Powered by LLMs

    ...Published at USENIX Security 2024, it combines advanced reasoning with an agentic workflow to automate tasks traditionally handled by human pentesters. The platform supports multiple penetration testing categories, including web security, cryptography, reversing, forensics, privilege escalation, and binary exploitation. PentestGPT runs in a Docker-first environment, providing a secure, reproducible setup with built-in tooling and session persistence. It offers real-time feedback and live walkthroughs, allowing users to observe each step of the testing process as it unfolds. ...
    Downloads: 341 This Week
    Last Update:
    See Project
  • 7
    Wfuzz

    Wfuzz

    Web application fuzzer

    Wfuzz provides a framework to automate web applications security assessments and could help you to secure your web applications by finding and exploiting web application vulnerabilities. Wfuzz it is based on a simple concept: it replaces any reference to the FUZZ keyword by the value of a given payload. A payload in Wfuzz is a source of data. This simple concept allows any input to be injected in any field of an HTTP request, allowing to perform complex web security attacks in different web application components such as: parameters, authentication, forms, directories/files, headers, etc.
    Downloads: 16 This Week
    Last Update:
    See Project
  • 8
    ModSecurity

    ModSecurity

    Cross platform web application firewall (WAF) engine for Apache

    ModSecurity is an open-source, cross-platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language that provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. Libmodsecurity is one component of the ModSecurity v3 project.
    Downloads: 18 This Week
    Last Update:
    See Project
  • 9
    OSINT Framework

    OSINT Framework

    OSINT Framework

    OSINT-Framework is a web-based intelligence resource map designed to help investigators and researchers quickly locate free open-source intelligence tools and data sources. Rather than functioning as an automated scanner, it organizes hundreds of OSINT resources into a structured, navigable interface grouped by investigation type, such as usernames, email addresses, domains, and social media.
    Downloads: 115 This Week
    Last Update:
    See Project
  • Your monitoring isn't a stack. It's a pile. Fix that. Icon
    Your monitoring isn't a stack. It's a pile. Fix that.

    Errors, performance, logs, uptime. One install, one invoice, one UI.

    Replace Datadog, New Relic, and Sentry without adding three more dashboards.
    Free 30 days.
  • 10
    Adguard Browser Extension

    Adguard Browser Extension

    AdGuard browser extension

    AdGuard is a fast and lightweight ad-blocking browser extension that effectively blocks all types of ads and trackers. AdGuard is a fast and lightweight ad blocking browser extension that effectively blocks all types of ads and trackers on all web pages. We focus on advanced privacy protection features to not just block known trackers, but prevent web sites from building your shadow profile. Unlike its standalone counterparts (AG for Windows, Mac), the browser extension is completely free and open source. You can learn more about the difference here. AdGuard does not collect any information about you, and does not participate in any acceptable ads program. ...
    Downloads: 44 This Week
    Last Update:
    See Project
  • 11
    Shannon

    Shannon

    Fully autonomous AI hacker to find actual exploits in your web apps

    Shannon is an autonomous AI penetration testing system built to find and prove real, exploitable vulnerabilities in web applications rather than stopping at static warnings or best-guess alerts. It focuses on “proof by exploitation,” meaning it actively hunts for attack vectors in your code and then attempts to execute end-to-end exploits to demonstrate impact. The project blends source-aware analysis with automated web interaction so it can validate issues like injection flaws, authentication bypasses, and other exploitable paths in a way that resembles an actual attacker’s workflow. ...
    Downloads: 25 This Week
    Last Update:
    See Project
  • 12
    Robin

    Robin

    AI-powered tool for dark web OSINT search and investigation

    Robin is an AI-powered open source tool designed to assist investigators and researchers in conducting dark web OSINT (Open Source Intelligence) investigations. It combines automated dark web search capabilities with large language models (LLMs) to analyze and summarize information discovered across hidden services and Tor-based search engines. The tool helps refine investigative queries, collect results from multiple dark web sources, and filter relevant intelligence using AI-driven processing. ...
    Downloads: 15 This Week
    Last Update:
    See Project
  • 13
    WhatsApp Beacon

    WhatsApp Beacon

    OSINT tool for tracking WhatsApp online status via Web automation

    WhatsApp Beacon is an open source OSINT tool designed to monitor and analyze the online activity status of WhatsApp users through WhatsApp Web. It uses Selenium automation to interact with the web interface and detect when a target account goes online or offline. By continuously monitoring these changes, WhatsApp Beacon records connectivity patterns and builds a historical dataset of activity sessions. The collected information is stored in logs and a local database, allowing users to review behavioral patterns over time. ...
    Downloads: 29 This Week
    Last Update:
    See Project
  • 14
    UFONet

    UFONet

    UFONet - Denial of Service Toolkit

    UFONet is a powerful and controversial Python-based toolkit for testing and conducting Distributed Denial of Service (DDoS) attacks using unconventional methods, such as leveraging third-party web applications as attack vectors. It automates the discovery of vulnerable targets and enables attackers or researchers to launch large-scale amplification attacks without directly using botnets. While primarily intended for penetration testing and educational purposes, UFONet emphasizes anonymity through the use of proxies, TOR, and encrypted command channels.
    Downloads: 25 This Week
    Last Update:
    See Project
  • 15
    mitmproxy

    mitmproxy

    A free and open source interactive HTTPS proxy

    ...It's the ideal tool for penetration testers and software developers, able to debug, test, and make privacy measurements. It can intercept, inspect, modify and replay web traffic, and can even prettify and decode a variety of message types. Its web-based interface mitmweb gives you a similar experience as Chrome's DevTools, with the addition of features like request interception and replay. Its command-line version mitmdump allows you to write powerful addons and script mitmproxy so it can automatically modify messages, redirect traffic, and perform many other custom commands.
    Downloads: 20 This Week
    Last Update:
    See Project
  • 16
    WAFW00F

    WAFW00F

    WAFW00F allows one to identify and fingerprint Web App Firewall

    The Web Application Firewall Fingerprinting Tool. Sends a normal HTTP request and analyses the response; this identifies a number of WAF solutions. If that is not successful, it sends a number of (potentially malicious) HTTP requests and uses simple logic to deduce which WAF it is. If that is also not successful, it analyses the responses previously returned and uses another simple algorithm to guess if a WAF or security solution is actively responding to our attacks.
    Downloads: 7 This Week
    Last Update:
    See Project
  • 17
    World Monitor

    World Monitor

    Real-time global intelligence dashboard

    ...The application can run as a native desktop app or progressive web app, reflecting a focus on accessibility and offline-capable intelligence workflows. Overall, worldmonitor positions itself as a free OSINT-style monitoring hub for analysts, researchers, and anyone needing real-time global awareness.
    Downloads: 56 This Week
    Last Update:
    See Project
  • 18
    Blokada Apps

    Blokada Apps

    Repo for Blokada apps

    Blokada is the popular ad blocker and privacy app for Android and iOS. It's being supported and actively developed by the amazing open-source community. Our modern solution for mobile content blocking. Protect multiple devices from ads and tracking, and manage your preferences in one place. Enjoy zero battery drain, no noticeable slowdowns, and highly reliable adblocking. If you want to efficiently block ads, trackers, malware, save on your data plan, speed up your device and protect your...
    Downloads: 144 This Week
    Last Update:
    See Project
  • 19
    Coraza

    Coraza

    OWASP Coraza WAF is a golang modsecurity compatible firewall library

    Coraza is an open-source, enterprise-grade, high-performance Web Application Firewall (WAF) ready to protect your beloved applications. It is written in Go, supports ModSecurity SecLang rulesets and is 100% compatible with the OWASP Core Rule Set. Coraza is a drop-in alternative to replace the soon-to-be abandoned Trustwave ModSecurity Engine and supports industry-standard SecLang rule sets. Coraza runs the OWASP Core Rule Set (CRS) to protect your web applications from a wide range of attacks, including the OWASP Top Ten, with a minimum of false alerts. ...
    Downloads: 9 This Week
    Last Update:
    See Project
  • 20
    ntfy.sh

    ntfy.sh

    Send push notifications to your phone or desktop using PUT/POST

    ...The service can be used through the public ntfy.sh instance or self-hosted on private infrastructure. It is useful for server alerts, cron job results, monitoring notifications, CI/CD updates, and personal automation. ntfy includes web, mobile, and command-line clients, making it accessible across different environments. Its main value is providing lightweight, open-source notifications without forcing users into a heavy messaging platform or paid push service.
    Downloads: 37 This Week
    Last Update:
    See Project
  • 21
    Gobuster

    Gobuster

    Directory/File, DNS and VHost busting tool written in Go

    Gobuster is a tool used to brute-force. This project is born out of the necessity to have something that didn't have a fat Java GUI (console FTW), something that did not do recursive brute force, something that allowed me to brute force folders and multiple extensions at once, something that compiled to native on multiple platforms, something that was faster than an interpreted script (such as Python), and something that didn't require a runtime. Provides several modes, like the classic...
    Downloads: 49 This Week
    Last Update:
    See Project
  • 22
    Boulder

    Boulder

    An ACME-based certificate authority, written in Go

    ...The ACME protocol allows the CA to automatically verify that an applicant for a certificate actually controls an identifier, and allows domain holders to issue and revoke certificates for their domains. Boulder is the software that runs Let's Encrypt. This component model lets us separate the function of the CA by security context. The Web Front End, Validation Authority, OCSP Responder and Publisher need access to the Internet, which puts them at greater risk of compromise. The Registration Authority can live without Internet connectivity, but still needs to talk to the Web Front End and Validation Authority. The Certificate Authority need only receive instructions from the Registration Authority. ...
    Downloads: 13 This Week
    Last Update:
    See Project
  • 23
    BrowserBox

    BrowserBox

    Remote isolated browser API for security

    Remote isolated browser API for security, automation visibility and interactivity. Run-on our cloud, or bring your own. Full scope double reverse web proxy with a multi-tab, mobile-ready browser UI frontend. Plus co-browsing, advanced adaptive streaming, secure document viewing and more! But only in the Pro version. BrowserBox is a full-stack component for a web browser that runs on a remote server, with a UI you can embed on the web. BrowserBox lets your provide controllable access to web resources in a way that's both more sandboxed than, and less restricted than, traditional web <iframe> elements. ...
    Downloads: 3 This Week
    Last Update:
    See Project
  • 24
    Headlamp

    Headlamp

    A Kubernetes web UI that is fully-featured, user-friendly

    ...It checks RBAC and displays actions like delete or edit only if the user has permission to do so. Keeping with Headlamp’s goal of supporting a fully customizable experience, it can be run as a web app, desktop app, or both.
    Downloads: 15 This Week
    Last Update:
    See Project
  • 25
    fsociety

    fsociety

    Modular CLI framework for managing penetration testing tools

    ...Instead of implementing its own security scanners, the framework acts as a wrapper and orchestrator that helps users discover, install, and execute tools from various GitHub repositories. Its modular architecture organizes tools into categories such as information gathering, networking, web application security, and password testing. This structure allows users to quickly navigate through different security tasks while maintaining a consistent interface. fsociety can automatically clone and manage required tools, reducing the manual effort typically needed to set up a penetration testing toolkit. fsociety is distributed as a Python package.
    Downloads: 108 This Week
    Last Update:
    See Project
  • Previous
  • You're on page 1
  • 2
  • 3
  • 4
  • 5
  • Next