Search Results for "penetration testing tools"
Sort By:
Showing 82 open source projects for "penetration testing tools"
View related business solutions-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
Gemini 3 and 200+ AI Models on One PlatformBuild generative AI apps with Vertex AI. Switch between models without switching platforms.
-
1
Impacket
A collection of Python classes for working with network protocols
Impacket is a collection of Python classes designed for working with network protocols. It was primarily created in the hopes of alleviating some of the hindrances associated with the implementation of networking protocols and stacks, and aims to speed up research and educational activities. It provides low-level programmatic access to packets, and the protocol implementation itself for some of the protocols, like SMB1-3 and MSRPC. It features several protocols, including Ethernet, IP, TCP,... -
2
Pacu
The AWS exploitation framework, designed for testing security
Pacu (named after a type of Piranha in the Amazon) is a comprehensive AWS security-testing toolkit designed for offensive security practitioners. While several AWS security scanners currently serve as the proverbial “Nessus” of the cloud, Pacu is designed to be the Metasploit equivalent. Written in Python 3 with a modular architecture, Pacu has tools for every step of the pen testing process, covering the full cyber kill chain. -
3
One-Lin3r
Gives you one-liners that aids in penetration testing operations
One-Lin3r is a modular and lightweight penetration testing framework designed to provide security professionals with a centralized collection of one-liner commands for a wide range of offensive security tasks. It focuses on simplifying the execution of complex commands by organizing them into categorized modules, allowing users to quickly access and deploy payloads without manually searching or crafting them. -
4
CTFd
CTFs as you need them
CTFd is a Capture The Flag framework focusing on ease of use and customizability. It comes with everything you need to run a CTF and it's easy to customize with plugins and themes. Create your own challenges, categories, hints, and flags from the Admin Interface. Dynamic Scoring Challenges. Unlockable challenge support. Challenge plugin architecture to create your own custom challenges. Static & Regex-based flags. Custom flag plugins. Unlockable hints. File uploads to the server or an Amazon... -
Try Google Cloud Risk-Free With $300 in CreditUse your credit across every product. Compute, storage, AI, analytics. When it runs out, 20+ products stay free. You only pay when you choose to.
-
5
sqlmap
Automatic SQL injection and database takeover tool
sqlmap is a powerful, feature-filled, open source penetration testing tool. It makes detecting and exploiting SQL injection flaws and taking over the database servers an automated process. sqlmap comes with a great range of features that along with its powerful detection engine make it the ultimate penetration tester. It offers full support for MySQL, Oracle, PostgreSQL, Microsoft SQL Server, Microsoft Access, IBM DB2, SQLite, Firebird, and many other database management systems. ... -
6
Malicious PDF Generator
Generate a bunch of malicious pdf files with phone-home functionality
Generate ten different malicious PDF files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh. Used for penetration testing and/or red-teaming etc. I created this tool because I needed a third-party tool to generate a bunch of PDF files with various links. -
7
react2shell-scanner
High Fidelity Detection Mechanism for RSC/Next.js RCE
...This is especially valuable for projects that mix web UIs with server-side scripting, developer tooling, or plugin ecosystems where untrusted input could enter execution paths. The scanner integrates with standard CI/CD pipelines, letting teams detect issues early in development rather than discovering them in production or during penetration testing. -
8
Ansible Molecule
Molecule aids in the development and testing of Ansible roles
Molecule project is designed to aid in the development and testing of Ansible roles. Molecule provides support for testing with multiple instances, operating systems and distributions, virtualization providers, test frameworks and testing scenarios. Molecule encourages an approach that results in consistently developed roles that are well-written, easily understood and maintained. Molecule supports only the latest two major versions of Ansible (N/N-1), meaning that if the latest version is... -
9
Brownie
A Python-based development and testing framework for smart contracts
Brownie is a Python-based development and testing framework for smart contracts targeting the Ethereum Virtual Machine. Powerful debugging tools, including python-style tracebacks and custom error strings. The recommended way to install Brownie is via pipx. pipx installs Brownie into a virtual environment and makes it available directly from the command-line. Once installed, you will never have to activate a virtual environment prior to using Brownie. -
Full-stack observability with actually useful AI | Grafana CloudBuilt on open standards like Prometheus and OpenTelemetry, Grafana Cloud includes Kubernetes Monitoring, Application Observability, Incident Response, plus the AI-powered Grafana Assistant. Get started with our generous free tier today.
-
10
Professional Services
Common solutions and tools developed by Google Cloud
Professional Services repository is a collection of real-world solutions, tools, and reference implementations developed by Google Cloud’s Professional Services team to address common enterprise challenges. Unlike simple sample repositories, it focuses on production-oriented use cases such as data pipelines, machine learning workflows, infrastructure automation, and security management. The repository contains a wide variety of projects, including tools for validating data migrations, generating large datasets for testing, building analytics dashboards, and automating policy enforcement in cloud environments. ... -
11
simple-modern-uv
A minimal, modern Python project template
simple-modern-uv is a minimal yet production-ready Python project template that uses the uv toolchain to streamline dependency management, virtualenvs, and packaging. It aims to be “small but serious,” giving you the essentials—testing, linting, type checking, formatting, GitHub Actions—without burying you in boilerplate. The layout is opinionated around a pyproject.toml so configuration is centralized and easy to inspect. Defaults encourage good hygiene from day one, including reproducible... -
12
Testinfra
Testinfra test your infrastructures
With Testinfra you can write unit tests in Python to test the actual state of your servers configured by management tools like Salt, Ansible, Puppet, Chef and so on. Testinfra aims to be a Serverspec equivalent in python and is written as a plugin to the powerful Pytest test engine. By default Testinfra launches tests on the local machines, but you can also test remotes systems using paramiko. If you have a lot of tests, you can use the pytest-xdist plugin to run tests using multiple... -
13
Airweave CLI
The Airweave CLI for developers and AI agents
Airweave CLI is a command-line interface designed to streamline the development, deployment, and management of AI-powered workflows and agent-based systems. It provides developers with a lightweight tool to interact with Airweave’s platform directly from the terminal, enabling rapid iteration on AI pipelines without relying on graphical interfaces. The CLI simplifies tasks such as configuring environments, running AI agents, managing prompts, and integrating external APIs, making it... -
14
ComfyUI
The most powerful and modular diffusion model GUI, api and backend
...This UI will let you design and execute advanced stable diffusion pipelines using a graph/nodes/flowchart-based interface. We are a team dedicated to iterating and improving ComfyUI, supporting the ComfyUI ecosystem with tools like node manager, node registry, cli, automated testing, and public documentation. Open source AI models will win in the long run against closed models and we are only at the beginning. Our core mission is to advance and democratize AI tooling. We believe that the future of AI tooling is open-source and community-driven. -
15
AWS SAM CLI
CLI tool to build, test, debug, and deploy Serverless applications
The AWS Serverless Application Model (SAM) CLI is an open-source CLI tool that helps you develop serverless applications containing Lambda functions, Step Functions, API Gateway, EventBridge, SQS, SNS and more. The AWS Serverless Application Model (SAM) is an open-source framework for building serverless applications. It provides shorthand syntax to express functions, APIs, databases, and event source mappings. With just a few lines per resource, you can define the application you want and... -
16
frida
Dynamic instrumentation toolkit for developers
...Install the Node.js bindings from npm, grab a Python package from PyPI, or use Frida through its Swift bindings, .NET bindings, Qt/Qml bindings, or C API. Frida is and will always be free software (free as in freedom). We want to empower the next generation of developer tools, and help other free software developers achieve interoperability through reverse engineering. We are proud that NowSecure is using Frida to do fast, deep analysis of mobile apps at scale. Frida has a comprehensive test-suite and has gone through years of rigorous testing across a broad range of use-cases. -
17
Exegol
Fully featured and community-driven hacking environment
Exegol is a community-driven hacking environment, powerful and yet simple enough to be used by anyone in day-to-day engagements. Exegol is the best solution to deploy powerful hacking environments securely, easily, and professionally. No more unstable, not-so-security-focused systems lacking major offensive tools. Kali Linux (and similar alternatives) are great toolboxes for learners, students, and junior pentesters. However professionals have different needs, and their context requires a... -
18
LocalStack
Develop and test your cloud apps offline
LocalStack is a fully functional local AWS cloud stack that enables you to develop and test your cloud and serverless apps offline. It spins up an easy-to-use testing environment on your local machine that has the same APIs and works the same way as the real AWS cloud environment. It can spin up a number of different core Cloud APIs on your local machine, including API Gateway, Kinesis, DynamoDB, Firehose, Lambda and many others. LocalStack was built on some of today’s best-of-breed mocking/testing tools, combining them and making them interoperable, and adding important functionality such as error injection and pluggable services. ... -
19
HTTPie CLI
Modern, user-friendly command-line HTTP client for the API era
HTTPie (pronounced aitch-tee-tee-pie) is a command-line HTTP client. Its goal is to make CLI interaction with web services as human-friendly as possible. HTTPie is designed for testing, debugging, and generally interacting with APIs & HTTP servers. The HTTP & HTTPS commands allow for creating and sending arbitrary HTTP requests. They use simple and natural syntax and provide formatted and colorized output. -
20
Claude Code Templates
CLI tool for configuring and monitoring Claude Code
Claude Code Templates is a popular open-source CLI tool and template ecosystem designed to streamline how developers work with Anthropic’s Claude Code by providing a rich catalog of ready-to-use code templates, AI agents, custom commands, settings, hooks, and external integrations that can be installed interactively or via the command line. It lets you quickly scaffold domain-specific AI agents (like security auditors, performance optimizers, or database architects), fill in consistent... -
21
Robot Framework
Generic automation framework for acceptance testing and RPA
Robot Framework is a generic open source automation framework. It can be used for test automation and robotic process automation (RPA). Robot Framework is supported by Robot Framework Foundation. Many industry-leading companies use the tool in their software development. Robot Framework is open and extensible. Robot Framework can be integrated with virtually any other tool to create powerful and flexible automation solutions. Robot Framework is free to use without licensing costs. Robot... -
22
Django
The Web framework for perfectionists with deadlines
Django is a high-level, free and open-source Python web framework founded on the Model–Template–View (MTV) pattern, designed to facilitate rapid development of secure, maintainable, and scalable database-driven websites. First, read docs/intro/install.txt for instructions on installing Django. Next, work through the tutorials in order (docs/intro/tutorial01.txt, docs/intro/tutorial02.txt, etc.). If you want to set up an actual deployment server, read docs/howto/deployment/index.txt for... -
23
Goose Developer Agent
Goose is a developer agent that operates from your command line
Goose is a developer agent that supercharges your software development by automating an array of coding tasks directly within your terminal or IDE. Guided by you, it can intelligently assess your project's needs, generate the required code or modifications, and implement these changes on its own. Goose can interact with a multitude of tools via external APIs such as Jira, GitHub, Slack, infrastructure and data pipelines, and more -- if your task uses a shell command or can be carried out by... -
24
Google Toolbox for Mac
Google Toolbox for Mac
Google Toolbox for Mac (GTMSession) is a comprehensive collection of open source Objective-C utilities and frameworks developed by Google to support macOS and iOS application development. It consolidates reusable code components drawn from various internal Google projects, offering developers a wide range of tools for building efficient, maintainable Apple platform software. The library includes modules for networking, logging, testing, data handling, and user interface extensions, helping developers avoid reinventing common functionality. Its modular design allows developers to integrate only the components they need, improving project flexibility and performance. ... -
25
RLax
Library of JAX-based building blocks for reinforcement learning agents
RLax (pronounced “relax”) is a JAX-based library developed by Google DeepMind that provides reusable mathematical building blocks for constructing reinforcement learning (RL) agents. Rather than implementing full algorithms, RLax focuses on the core functional operations that underpin RL methods—such as computing value functions, returns, policy gradients, and loss terms—allowing researchers to flexibly assemble their own agents. It supports both on-policy and off-policy learning, as well as...
