Search Results for "penetration testing tools" - Page 2
Sort By:
Showing 83 open source projects for "penetration testing tools"
View related business solutions-
AI-generated apps that pass security reviewRetool lets you generate dashboards, admin panels, and workflows directly on your data. Type something like “Build me a revenue dashboard on my Stripe data” and get a working app with security, permissions, and compliance built in from day one. Whether on our cloud or self-hosted, create the internal software your team needs without compromising enterprise standards or control.
-
Forever Free Full-Stack Observability | Grafana CloudBuilt on open standards like Prometheus and OpenTelemetry, Grafana Cloud includes Kubernetes Monitoring, Application Observability, Incident Response, plus the AI-powered Grafana Assistant. Get started with our generous free tier today.
-
1
Posting
The modern API client that lives in your terminal
...Overall, Posting brings a modern, customizable, and developer-centric API testing experience to the terminal. -
2
RLax
Library of JAX-based building blocks for reinforcement learning agents
RLax (pronounced “relax”) is a JAX-based library developed by Google DeepMind that provides reusable mathematical building blocks for constructing reinforcement learning (RL) agents. Rather than implementing full algorithms, RLax focuses on the core functional operations that underpin RL methods—such as computing value functions, returns, policy gradients, and loss terms—allowing researchers to flexibly assemble their own agents. It supports both on-policy and off-policy learning, as well as... -
3
AWS Chalice
Python Serverless Microframework for AWS
Chalice is a Python microframework for writing and deploying serverless applications on AWS with minimal ceremony. You define routes, event handlers, and background tasks in plain Python, and Chalice turns them into AWS Lambda functions wired to API Gateway, Amazon EventBridge schedulers, S3/SNS/SQS triggers, and more. A single command builds your app, bundles dependencies, generates infrastructure templates, and deploys to your account with sensible defaults. The framework includes local... -
4
SageMaker Spark Container
Docker image used to run data processing workloads
Apache Spark™ is a unified analytics engine for large-scale data processing. It provides high-level APIs in Scala, Java, Python, and R, and an optimized engine that supports general computation graphs for data analysis. It also supports a rich set of higher-level tools including Spark SQL for SQL and DataFrames, MLlib for machine learning, GraphX for graph processing, and Structured Streaming for stream processing. The SageMaker Spark Container is a Docker image used to run batch data... -
AI-powered service management for IT and enterprise teamsGive your IT, operations, and business teams the ability to deliver exceptional services—without the complexity. Maximize operational efficiency with refreshingly simple, AI-powered Freshservice.
-
5
FlowLens MCP
Open-source MCP server that gives your coding agent
FlowLens MCP Server is an open-source tool designed to give AI-powered coding agents (like Claude Code, Cursor, GitHub Copilot / Codex, and others) full, replayable browser context to dramatically improve debugging, bug reporting, and regression testing for web applications. It works together with a companion browser extension: when a user reproduces a bug or a complicated UI interaction, the extension captures a rich session log, including screen/video recording, network traffic, console... -
6
Wifipumpkin3
Powerful framework for rogue access point attack
wifipumpkin3 is powerful framework for rogue access point attack, written in Python, that allow and offer to security researchers, red teamers and reverse engineers to mount a wireless network to conduct a man-in-the-middle attack. -
7
OWASP Mobile Application Security
Manual for mobile app security testing and reverse engineering
The OWASP Mobile Application Security (MAS) flagship project provides a security standard for mobile apps (OWASP MASVS) and a comprehensive testing guide (OWASP MASTG) that covers the processes, techniques, and tools used during a mobile app security test, as well as an exhaustive set of test cases that enables testers to deliver consistent and complete results. MAS Advocates are industry adopters of the OWASP MASVS and MASTG who have invested a significant and consistent amount of resources to push the project forward by providing consistent high-impact contributions and continuously spreading the word. -
8
eCxx
A C++ library for AVR and NodeMCU
NOTE: This project is marked with 'Status: Abandoned' on SourceForge because not enough time can be dedicated to this project. However it may still get sporadic commits to the repository. eCxx is a library for AVR and NodeMCU tailored for micro LED displays and lighting effects. eCxx is utilizing Makefile build system. Java and Python based applications/tools are also included to ease the development and debugging process using the host PC. On one side, eCxx supports the original... -
9
FuzzBench
FuzzBench - Fuzzer benchmarking as a service
FuzzBench is a large-scale, open research platform developed by Google to evaluate and benchmark fuzzers — automated software testing tools that detect vulnerabilities through randomized input generation. It provides a standardized, reproducible environment for comparing the performance and effectiveness of different fuzzing algorithms on real-world software targets. FuzzBench integrates with the OSS-Fuzz infrastructure, allowing it to run experiments on authentic open source projects and collect meaningful data on crash discovery rates, code coverage, and bug-finding efficiency. ... -
Gemini 3 and 200+ AI Models on One PlatformBuild generative AI apps with Vertex AI. Switch between models without switching platforms.
-
10
Splinter
Splinter - Python test framework for web applications
Splinter is a Python test framework for web applications, providing a simple and consistent API for browser automation and testing. -
11
dirsearch
Web path scanner
An advanced command-line tool designed to brute force directories and files in webservers, AKA web path scanner. Wordlist is a text file, each line is a path. About extensions, unlike other tools, dirsearch only replaces the %EXT% keyword with extensions from -e flag. For wordlists without %EXT% (like SecLists), -f | --force-extensions switch is required to append extensions to every word in wordlist, as well as the /. To use multiple wordlists, you can separate your wordlists with commas.... -
12
Komodo Edit
Komodo Edit is a fast and free multi-language code editor
Code faster with the IDE for today’s web languages – Python, PHP, Perl, Golang, Ruby, and more. Powerful editor with syntax highlighting, autocomplete, code refactoring, and more. Visual debugger and more to debug, inspect, and test your code. Support for Git, Mercurial, Subversion, CVS, Perforce and Bazaar. Tons of add-ons for customizing and extending features. Great tools for pair programming and collaboration. Python, PHP, Perl, Go, Ruby, Node.js, JavaScript, and more. Define your own... -
13
agglo
Multi facets CASE/AGL for easy project developments
Agglo is a CASE (Computer Aided Software Engineering) or AGL (Atelier Génie Logiciel), whose aim is to facilitate installation ans use of various tools (either existing opensource tools, or agglo tools), in several facets of project development: - requirements management - unit tests - automated integration tests - toolkit for various languages (cpp, c, python, shell, xsl) other facets are to come ultimately: - coverage tests - planification - integration with hudson - code... -
14
SharPyShell
Tiny and obfuscated ASP.NET webshell for C# web applications
...SharPyShell supports only C# web applications that run on .NET Framework >= 2.0. SharPyShell is a post-exploitation framework written in Python. The main aim of this framework is to provide the penetration tester with a series of tools to ease the post-exploitation phase once exploitation has been successful against an IIS webserver. This tool is not intended as a replacement for the frameworks for C2 Server (i.e. Meterpreter, Empire, etc..) but this should be used when you land on a fully restricted server where inbound and outbound connections are very limited. ... -
15
Amazon Braket Ocean Plugin
A Python plugin for using Ocean with Amazon Braket
The Amazon Braket Ocean Plugin is an open-source library in Python that provides a framework that you can use to interact with Ocean tools on top of Amazon Braket. Before you begin working with the Amazon Braket Ocean Plugin, make sure that you've installed or configured the following prerequisites. Download and install Python 3.7.2 or greater from Python.org. If you are using Windows, choose Add Python to environment variables before you begin the installation. Make sure that your AWS... -
16
...DracOS GNU/Linux Remastered ( https://github.com/dracos-linux ) is the Linux operating system from Indonesia , open source is built based on Debian live project under the protection of the GNU General Public License v3.0. This operating system is one variant of Linux distributions, which is used to perform security testing (penetration testing). Dracos linux in Arm by hundreds hydraulic pentest, forensics and reverse engineering. Use a GUI-based tools-tools the software using the CLI (command line interface) and GUI (graphical user interface) to perform its operations. Now Dracos currently already up to version 3.1.5 with the code name "KUNTILANAK WITH REMASTERED".
-
17
SageMaker Scikit-Learn Extension
A library of additional estimators and SageMaker tools based on scikit
A library of additional estimators and SageMaker tools based on scikit-learn. This project contains standalone scikit-learn estimators and additional tools to support SageMaker Autopilot. Many of the additional estimators are based on existing scikit-learn estimators. SageMaker Scikit-Learn Extension is a Python module for machine learning built on top of scikit-learn. In order to use the I/O functionalies in the sagemaker_sklearn_extension.externals module, you will also need to install the... -
18
SageMaker TensorFlow Serving Container
A TensorFlow Serving solution for use in SageMaker
SageMaker TensorFlow Serving Container is an a open source project that builds docker images for running TensorFlow Serving on Amazon SageMaker. Some of the build and tests scripts interact with resources in your AWS account. Be sure to set your default AWS credentials and region using aws configure before using these scripts. Amazon SageMaker uses Docker containers to run all training jobs and inference endpoints. The Docker images are built from the Dockerfiles in docker/. The Dockerfiles... -
19
Zebrunner Community Edition
Test Automation Management Tool
Zebrunner CE (Community Edition) is a Test Automation Management Tool for continuous testing and continuous deployment. It allows you to run various kinds of tests and gain successive levels of confidence in the code quality. Zebrunner CE is integrated by default with Carina open-source TestNG framework and uses Jenkins as a CI Tool. It is built on top of popular docker solutions and includes Postgres database, Zebrunner Reporting, Jenkins Master/Slaves Nodes, Selenium Hub, Mobile... -
20
Hack-Tools
Hack tools
hack-tools is a collection of various hacking tools and utilities. It serves as a comprehensive toolkit for penetration testers and cybersecurity enthusiasts, encompassing a wide range of functionalities. -
21
HTTP Prompt
An interactive command-line HTTP and API testing client
HTTP Prompt is an interactive command-line HTTP client featuring autocomplete and syntax highlighting. You'll never have to memorize the whole commands and HTTP headers thanks to autocomplete with fuzzy matching. Improve readability by rendering JSON, HTML and commands with 27 builtin color themes, borrowed from Pygments. Designed to work with and built on top of HTTPie, HTTP Prompt makes a perfect companion for HTTPie. Cookie-based authentication made easy as incoming cookies are... -
22
Makani
Makani was developed a commercial-scale airborne wind turbine
Makani was an ambitious Google X project that sought to harness wind energy using airborne wind turbines — autonomous kites capable of generating power while flying in crosswind patterns. This open-source repository contains the complete software stack that powered Makani’s research and flight systems, including the flight simulator, autopilot controller, avionics firmware, visualization tools, and ground control software. The software enables simulation, control, and analysis of the Makani... -
23
macOS Simple KVM
Tools to set up a quick macOS VM in QEMU, accelerated by KVM
...It simplifies what is typically a complex process by offering a straightforward approach to creating a macOS VM on Linux systems with hardware virtualization support. The repository includes tools for preparing installation media, configuring virtual hardware, and managing VM launch scripts. By using KVM acceleration, the virtual machine runs with near-native performance, making it useful for testing, development, or personal experimentation. The project also supports GPU passthrough and other advanced configurations for users who want a more optimized macOS VM environment. ... -
24
Offensive Web Testing Framework
Offensive Web Testing Framework (OWTF), is a framework
OWASP OWTF is a project focused on penetration testing efficiency and alignment of security tests to security standards like the OWASP Testing Guide (v3 and v4), the OWASP Top 10, PTES and NIST so that pentesters will have more time to see the big picture and think out of the box. More efficiently find, verify and combine vulnerabilities. Have time to investigate complex vulnerabilities like business logic/architectural flaws or virtual hosting sessions. -
25
WiFi-Pumpkin
WiFi-Pumpkin - Framework for Rogue Wi-Fi Access Point Attack
The WiFi-Pumpkin is a rogue AP framework to easily create these fake networks, all while forwarding legitimate traffic to and from the unsuspecting target. It comes stuffed with features, including rogue Wi-Fi access points, deauth attacks on client APs, a probe request and credentials monitor, transparent proxy, Windows update attack, phishing manager, ARP Poisoning, DNS Spoofing, Pumpkin-Proxy, and image capture on the fly. moreover, the WiFi-Pumpkin is a very complete framework for...
