Search Results for "parrot-security-4"
Sort By:
Showing 668 open source projects for "parrot-security-4"
View related business solutions-
Gemini 3 and 200+ AI Models on One PlatformBuild generative AI apps with Vertex AI. Switch between models without switching platforms.
-
Try Google Cloud Risk-Free With $300 in CreditUse your credit across every product. Compute, storage, AI, analytics. When it runs out, 20+ products stay free. You only pay when you choose to.
-
1
ZAP
The OWASP ZAP core project
The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by a dedicated international team of volunteers. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. It's also a great tool for experienced pentesters to use for manual security testing. ZAP is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. ... -
2
SecLists
The Pentester’s Companion
SecLists is the ultimate security tester’s companion. It is a collection of various types of lists commonly used during security assessments, all in one place. SecLists helps to increase efficiency and productivity in security testing by conveniently providing all the lists a security tester may need in one repository. List types include those for usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and many more. -
3
PEASS-ng
Privilege Escalation Awesome Scripts SUITE
These tools search for possible local privilege escalation paths that you could exploit and print them to you with nice colors so you can recognize the misconfigurations easily. All the scripts/binaries of the PEAS suite should be used for authorized penetration testing and/or educational purposes only. Any misuse of this software will not be the responsibility of the author or of any other collaborator. Use it at your own machines and/or with the owner's permission. Here you will find... -
4
Trivy
Find vulnerabilities, misconfigurations, secrets, SBOM in containers
Trivy is the most popular open source security scanner, reliable, fast, and easy to use. Use Trivy to find vulnerabilities & IaC misconfigurations, SBOM discovery, Cloud scanning, Kubernetes security risks,and more. Trivy is praised by professionals from organizations worldwide. Are you a Trivy fan as well? We’d love to hear from you! Trivy detects vulnerabilities from a wide array of operating systems and programming languages, across different versions, and vulnerability sources. ... -
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
5
Pacu
The AWS exploitation framework, designed for testing security
Pacu (named after a type of Piranha in the Amazon) is a comprehensive AWS security-testing toolkit designed for offensive security practitioners. While several AWS security scanners currently serve as the proverbial “Nessus” of the cloud, Pacu is designed to be the Metasploit equivalent. Written in Python 3 with a modular architecture, Pacu has tools for every step of the pen testing process, covering the full cyber kill chain. -
6
Commando VM
Complete Mandiant Offensive VM (Commando VM)
Commando VM (by Mandiant) is a Windows-based offensive security / red-team distribution built to turn a fresh Windows installation into a fully featured penetration testing environment. It provides an automated installer (PowerShell script) that uses Chocolatey, Boxstarter, and MyGet package feeds to download, install, and configure dozens (100+ / 170+ depending on version) of offensive, fuzzing, enumeration, and exploitation tools. -
7
K8tools
Security- and exploitation-oriented utilities and proof-of-concepts
...The README and repository metadata present it as an “all-in-one” toolkit for offensive security tasks, with many archived executables, exploit payloads, and helper scripts (including PowerShell and Python examples) that target services such as WebLogic, Tomcat, Zimbra, Struts2, Zabbix and others. The repo is actively starred and forked by the community, shows a long commit history, and includes many archived artifacts. -
8
Hoverfly
Lightweight service virtualization/ API simulation / API mocking tool
Hoverfly is a lightweight, open source API simulation tool. Using Hoverfly, you can create realistic simulations of the APIs your application depends on. Replace unreliable test systems and restrictive API sandboxes with high-performance simulations in seconds. Run on MacOS, Windows or Linux, or use native Java or Python language bindings to get started quickly. Simulate API latency or failure when required by writing custom scripts in the language of your choice. -
9
DevSec Hardening
This Ansible collection provides battle tested hardening
...Although server hardening is a well-known topic with many guides out in the wild, it is still very cumbersome to apply and verify secure configuration. If you manage many server, they need to be configured properly and maintained, which is difficult and time-consuming to get right. To answer these needs for security, compliance, and maintainability, we decided to launch this project as a common ground for requirements and their fulfillment. The project founders where tasked with the challenge to automate different security requirements of Deutsche Telekom for their infrastructure. Deutsche Telekom, T-Labs and Telekom Security funded the initial research and allowed the team to open source the automation. -
Add Two Lines of Code. Get Full APM.Works out of the box for Rails, Django, Express, Phoenix, and more. Monitoring exceptions and performance in no time.
-
10
Maltrail
Malicious traffic detection system
Maltrail is a malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV reports and custom user-defined lists, where trail can be anything from domain name, URL, IP address (e.g. 185.130.5.231 for the known attacker) or HTTP User-Agent header value (e.g. sqlmap for automatic SQL injection and database takeover tool). Also, it uses (optional) advanced heuristic... -
11
sqlmap
Automatic SQL injection and database takeover tool
sqlmap is a powerful, feature-filled, open source penetration testing tool. It makes detecting and exploiting SQL injection flaws and taking over the database servers an automated process. sqlmap comes with a great range of features that along with its powerful detection engine make it the ultimate penetration tester. It offers full support for MySQL, Oracle, PostgreSQL, Microsoft SQL Server, Microsoft Access, IBM DB2, SQLite, Firebird, and many other database management systems. It also... -
12
JUnit 5
Programmer-friendly testing framework for Java and the JVM
The 5th major version of the programmer-friendly testing framework for Java and the JVM. JUnit 5 is the next generation of JUnit. The goal is to create an up-to-date foundation for developer-side testing on the JVM. This includes focusing on Java 8 and above, as well as enabling many different styles of testing. Official CI build server for JUnit 5. Used to perform quick checks on submitted pull requests and for build matrices including the latest released OpenJDK and early access builds of... -
13
Zuul
Gateway service providing dynamic routing, monitoring and more
...These functions include security authentication, dynamic routing, stress testing, load shedding and more. -
14
Zerocode
API automation and load testing framework
A community-developed, free, open source, microservices API automation and load testing framework built using JUnit core runners for Http REST, SOAP, Security, Database, Kafka and much more. Zerocode Open Source enables you to create, change, orchestrate and maintain your automated test cases declaratively with absolute ease. Zerocode makes it easy to create and maintain automated tests with absolute minimum overhead for REST,SOAP, Kafka Real Time Data Streams and much more. It has the best of best ideas and practices from the community to keep it super simple, and the adoption is rapidly growing among the developer/tester community. ... -
15
Exegol
Fully featured and community-driven hacking environment
Exegol is a community-driven hacking environment, powerful and yet simple enough to be used by anyone in day-to-day engagements. Exegol is the best solution to deploy powerful hacking environments securely, easily, and professionally. No more unstable, not-so-security-focused systems lacking major offensive tools. Kali Linux (and similar alternatives) are great toolboxes for learners, students, and junior pentesters. However professionals have different needs, and their context requires a whole new design. -
16
Docker-Android
Android in docker solution with noVNC supported and video recording
...Docker-Android are being used by 100+ countries around the world. noVNC to see what happen inside docker container. Emulator for different devices/skins, such as Samsung Galaxy S6, LG Nexus 4, HTC Nexus One and more. Ability to connect to Selenium Grid. Ability to control emulator from the outside container by using adb connect. Supports real devices with screen mirroring. Ability to record video during test execution for debugging. Integrated with other cloud solutions, e.g. Genymotion Cloud. Open-source with more features coming. -
17
CDK
Make security testing of K8s, Docker, and Containerd easier
CDK is an open-sourced container penetration toolkit, designed for offering stable exploitation in different slimmed containers without any OS dependency. It comes with useful net-tools and many powerful PoCs/EXPs and helps you to escape container and take over K8s cluster easily. -
18
dperf
DPDK based 100Gbps network performance and load testing software
...Based on DPDK, dperf can generate huge traffic with a single x86 server: tens of millions of HTTP CPS,hundreds of Gbps throughput and billions of concurrent connections. Provides detailed statistics and identify every packet loss. Support multiple scenarios. Load testing and stability testing for Layer 4 Load Balancer and other Layer 4 gateways. Network performance testing for servers on cloud. Performance test of network package processing capability for NIC and CPU. Can be used as a high-performance HTTP server or client for load testing. -
19
nodejs-integration-tests-best-practices
Beyond the basics of Node.js testing
...Detailed instructions on how to write component tests in the RIGHT way including code example and reference to the example application. A Complete showcase of a typical Node.js backend with performant tests setup (50 tests in 4 seconds! including database!) -
20
Concurrent Ruby
Modern concurrency tools including agents, futures, promises, etc.
...It is small, lean, and loosely coupled, thread-safety, and with backward compatibility. Concurrent Ruby makes one of the strongest thread safety guarantees of any Ruby concurrency library, providing consistent behavior and guarantees on all four of the main Ruby interpreters (MRI/CRuby, JRuby, Rubinius, TruffleRuby). -
21
Zerocopy
Zerocopy makes zero-cost memory manipulation effortless
Zerocopy is a Rust library designed to make zero-cost memory manipulation both safe and effortless. It allows developers to reinterpret or convert raw byte sequences into structured types—and vice versa—without writing unsafe code directly. The crate provides safe abstractions for transmuting data while preserving Rust’s strict safety guarantees, removing the need for manual memory manipulation. Zerocopy introduces a suite of conversion traits such as TryFromBytes, FromBytes, IntoBytes, and... -
22
Wapiti
Wapiti is a web-application vulnerability scanner
Wapiti is a vulnerability scanner for web applications. It currently search vulnerabilities like XSS, SQL and XPath injections, file inclusions, command execution, XXE injections, CRLF injections, Server Side Request Forgery, Open Redirects... It use the Python 3 programming language. -
23
SANTETIN
Santetin is a website stress test and DDOS simulation tool
Santetin is a powerful desktop application built with Electron to perform website stress tests, penetration testing simulations, DDOS attacks, and traffic jingling for testing and educational purposes. ⚠️ Disclaimer: This tool is intended for educational and testing purposes only. Do not use it against any website without explicit permission from the owner. -
24
PyKCS11: a complete PKCS#11 wrapper for Python, created using the SWIG compiler. API documentation: http://pkcs11wrap.sourceforge.net/api/
-
25
DBD2
A multi-threaded, multi-database tcp-based database insertion app.
DBD2 inserts database records from TCP input. It is a companion project to Syslgod2 and an application in its own right. It ships with a backgrounding client for generic use. The client sends whatever information the user puts on the command-line to the back-end daemon via TCP. Upon successful transmission, the client exits. On failure, it backs off and retries until its life-time timer expires. The back-end daemon accepts data from Syslogd2 or its own client and inserts that data...
