Search Results for "pentest"
Sort By:
Showing 55 open source projects for "pentest"
View related business solutions-
Powerful App Monitoring Without Surprise BillsTired of monitoring tools that punish you for scaling? AppSignal offers transparent, predictable pricing with every feature unlocked on every plan. Track errors, monitor performance, detect anomalies, and manage logs across Ruby, Python, Node.js, and more. Trusted by developers since 2012 with free dev-to-dev support. No credit card required to start your 30-day trial.
-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
1
Internal All The Things
Active Directory and Internal Pentest Cheatsheets
...It covers a broad range of topics; AD certificate services, Kerberos attacks, lateral movement, tooling, post-exploitation techniques, and networking. The content is designed to help both learners and experienced red-teamers fill gaps in their internal pentest knowledge, especially for environments where AD and internal tooling dominate. Because internal engagements often have more complexity and fewer online guides compared to internet-facing web apps, this repo serves as a converging point for best practices, write-ups, and cheat sheets. The repository is structured, continuously updated, and encourages contributions, so its value grows over time. ... -
2
HexStrike AI MCP Agents
HexStrike AI MCP Agents is an advanced MCP server
HexStrike AI is an MCP server that lets LLM agents autonomously operate a large catalog of offensive-security tools. Its goal is to bridge “language models” and practical pentest workflows—enumeration, exploitation, vulnerability discovery, and bug bounty reconnaissance—under safe, auditable controls. The server exposes typed tools and guardrails so agent prompts translate to concrete, parameterized actions rather than brittle shell strings. It ships with curated tool adapters, task orchestration, and guidance for connecting popular agent clients (Claude, GPT, Copilot) to a hardened execution environment. ... -
3
SSRFmap
Automatic SSRF fuzzer and exploitation tool
SSRFmap is a specialized security tool designed to automate the detection and exploitation of Server Side Request Forgery (SSRF) vulnerabilities. It takes as input a Burp request file and a user-specified parameter to fuzz, enabling you to fast-track the identification of SSRF attack surfaces. It includes multiple exploitation “modules” for common SSRF-based attacks or pivoting techniques, such as DNS zone transfers, MySQL/Postgres command execution, Docker API info leaks, and network scans.... -
4
Pentest-Tools
A collection of custom security tools for quick needs.
Pentest-Tools is a collection of penetration testing scripts and utilities designed to help security professionals and ethical hackers perform vulnerability assessments. It includes a wide range of tools for tasks like web scraping, reconnaissance, data extraction, and network analysis. The suite is modular, allowing users to choose the tools that best fit their specific pentesting needs, from web application analysis to network penetration testing. -
Try Google Cloud Risk-Free With $300 in CreditUse your credit across every product. Compute, storage, AI, analytics. When it runs out, 20+ products stay free. You only pay when you choose to.
-
5
GraphQLmap
GraphQLmap is a scripting engine to interact with endpoints
GraphQLmap is a Python-based scripting engine designed to interact with GraphQL endpoints for penetration testing purposes. It can connect to a target GraphQL endpoint, dump the schema (if introspection is enabled), query it interactively, and fuzz fields for NoSQL/SQL injection vectors, thereby revealing hidden attack surfaces. GraphQL endpoints represent a relatively newer attack vector compared to REST, and GraphQLmap helps bridge this gap by providing tooling tailored to the GraphQL... -
6
BlackBuntu Linux
BlackBuntu Linux
BlackBuntu is born from the passion and spirit of 2 specialists. Let’s cut the bullshit, this distribution is a GNU/Linux distribution based on Ubuntu and designed with Pentest, Security and Development in mind for the best experience. With advanced accessibility tools and options to change language, colour scheme and text size, Blackbuntu makes computing easy – whoever and wherever you are. BlackBuntu is a fully open source project, anyone can see what is inside. The building source code is publicly available at Github allowing everyone to contribute. -
7
Abdal 404 PenTest
Best tools for 404 WebApp stress
Abdal 404 PenTest tool is a powerful software with multi-thread processing capability to generate 404 errors on the target server or site that can check the level of security of the target. Be sure to watch this tool to better understand the tutorial. -
8
...This operating system is one variant of Linux distributions, which is used to perform security testing (penetration testing). Dracos linux in Arm by hundreds hydraulic pentest, forensics and reverse engineering. Use a GUI-based tools-tools the software using the CLI (command line interface) and GUI (graphical user interface) to perform its operations. Now Dracos currently already up to version 3.1.5 with the code name "KUNTILANAK WITH REMASTERED".
-
9
Abdal FTP BruteForce
FTP BruteForce tool For real Pentest
Abdal FTP BruteForce tool is a powerful software with zero error rate to test the intrusion of servers that work with FTP protocol, this tool supports proxy for attacks and can transfer all your traffic in the hacking process to the proxy Slowly -
Gemini 3 and 200+ AI Models on One PlatformBuild generative AI apps with Vertex AI. Switch between models without switching platforms.
-
10
Droid Pentest
Droid Pentest New version help you to find all android apps for penetr
Droid Pentest New version help you to find all android apps for penetration testing and hacking so you can make complete penetration test platform for Ethical hackers, IT administrator and Cyber security professional to perform different tasks like reconnaissance, scanning performing exploits etc with More then 60 Plus App. -
11
Zynix-Fusion
zynix-Fusion is a framework for hacking
zynix-Fusion is a framework that aims to centralize, standardizeand simplify the use of various security tools for pentest professionals.zynix-Fusion (old name: Linux evil toolkit) has few simple commands, one of which is theinit function that allows you to define a target, and thus use all the toolswithout typing anything else. -
12
zynix-fusion
zynix-Fusion is a framework for hacking
zynix-Fusion is a framework that aims to centralize, standardizeand simplify the use of various security tools for pentest professionals.zynix-Fusion (old name: Linux evil toolkit) has few simple commands, one of which is theinit function that allows you to define a target, and thus use all the toolswithout typing anything else. -
13
PivotSuite
Network Pivoting Toolkit
...Using this we can reach different subnet hosts from our pentest machine, which was only accessible from the compromised machine. -
14
httest is a script based tool for testing and benchmarking web applications, web servers, proxy servers and web browsers. httest can emulate clients and servers in the same test script, very useful for testing proxys.
-
15
cRPi-BOX
Raspberry Pi3 pentest box
-
16
KaliBang
Kali Linux Openbox
KaliBang Linux is a lightweight Linux pentest distribution. It is inspired by Crunchbang Linux, and based on Kali Linux. -
17
Andspoilt
Run interactive android exploits in linux.
Andspoilt is a command line user interface designed to easily exploit android devices. Run interactive android exploits in linux by giving the users easy interface to exploit android devices Uses an intergration with Metaspoilt Framework by giving the user an easy interface to create payloads and launch android exploits. Current Additional feature is a simple web server for file distribution. -
18
Laudanum is a collection of injectable files, designed to be used in a pentest when SQL injection flaws are found and are in multiple languages for different environments.They provide functionality such as shell, DNS query, LDAP retrieval and others.
-
19
Dracos Linux is an open source operating system provides to penetration testing. Packed with a ton of pentest tools including information gathering, forensics, malware analysis, mantaining access, and reverse engineering.
-
20
Nozes_cmd-manager
tool to follow pentest and gain time at attacks.
Nozes CMD manager, is a tool to follow pentest and gain time at attacks. https://github.com/CoolerVoid/nozes https://www.youtube.com/watch?v=14CPnr7-gw4 -
21
USB Rubber Ducky
A human interface device programmable
...The USB Rubber Ducky injects keystrokes at superhuman speeds, violating the inherent trust computers have in humans by posing as a keyboard. Inventing keystroke injection in 2010, the USB Rubber Ducky became the must-have pentest tool. With a covert design and simple "Ducky Script" language, this bad USB infiltrates systems and imaginations the world over. -
22
Ooze - beta
Ooze is a PHP web tool to using at pentest with Social engineering
Ooze is a tool to using at pentest with Social engineering, have a lot functions, like a phishing manager and have a web shell with auth/ACL. -
23
PenTest-w-grep
script to perform pentest using grep
PenTest-w-grep script to perform pentest using grep -
24
...https://www.hackercoolmagazine.com/how-to-setup-vulnerawa-in-wamp-server/ To see how to set up a web app pen testing lab with Vulnerawa. https://www.hackercoolmagazine.com/how-to-create-a-web-application-pentest-lab/
-
25
FUNtoolkit
tool kit for Pentest automated, simple and useful.
tool kit for Pentest automated, simple and useful, developed by Jonatas Fil and Yuri Crowz, hope you like it !!! ENJOY !!!
