Search Results for "pentesting"
Sort By:
Showing 60 open source projects for "pentesting"
View related business solutions-
Gemini 3 and 200+ AI Models on One PlatformBuild generative AI apps with Vertex AI. Switch between models without switching platforms.
-
Powerful App Monitoring Without Surprise BillsTired of monitoring tools that punish you for scaling? AppSignal offers transparent, predictable pricing with every feature unlocked on every plan. Track errors, monitor performance, detect anomalies, and manage logs across Ruby, Python, Node.js, and more. Trusted by developers since 2012 with free dev-to-dev support. No credit card required to start your 30-day trial.
-
1
Awesome Stars
A curated collection of top-tier penetration testing tools
...Because it aggregates rather than authors tooling, it serves as a navigation hub for both learners and seasoned testers. Actively starred and forked, signaling ongoing maintenance. Topic pages and GitHub listings surface it among popular pentesting resources, reinforcing its role as a go-to index. -
2
PEASS-ng
Privilege Escalation Awesome Scripts SUITE
These tools search for possible local privilege escalation paths that you could exploit and print them to you with nice colors so you can recognize the misconfigurations easily. All the scripts/binaries of the PEAS suite should be used for authorized penetration testing and/or educational purposes only. Any misuse of this software will not be the responsibility of the author or of any other collaborator. Use it at your own machines and/or with the owner's permission. Here you will find... -
3
OWASP Juice Shop
Probably the most modern and sophisticated insecure web application
...The hacking progress is tracked on a scoreboard. Finding this scoreboard is actually one of the (easy) challenges! Apart from the hacker and awareness training use case, pentesting proxies or security scanners can use Juice Shop as a “guinea pig”-application to check how well their tools cope with JavaScript-heavy application frontends and REST APIs. -
4
secator
Automated framework for running pentesting tools and workflows
Secator is a task and workflow runner designed to streamline security assessments by integrating many well-known penetration testing and reconnaissance tools into a unified framework. It acts as a centralized automation platform that helps security professionals run tasks, workflows, and scans more efficiently from a single command-line interface. It supports dozens of established security tools and organizes them into structured workflows, enabling users to perform complex reconnaissance... -
Stop Storing Third-Party Tokens in Your DatabaseRolling your own OAuth token storage can be a security liability. Token Vault securely stores access and refresh tokens from federated providers and handles exchange and renewal automatically. Connected accounts, refresh exchange, and privileged worker flows included.
-
5
OWASP Juice Shop
Probably the most modern and sophisticated insecure web application
...The hacking progress is tracked on a score board. Finding this score board is actually one of the (easy) challenges! Apart from the hacker and awareness training use case, pentesting proxies or security scanners can use Juice Shop as a "guinea pig"-application to check how well their tools cope with JavaScript-heavy application frontends and REST APIs. -
6
TinyPaw-Linux
Passive & Aggressive WiFi attack distro
Linux WiFi pentesting distribution built off Tiny Core Linux and inspired by the Xiaopan OS project. Lightweight with some new tools and updates to tools that have stood the test of time. Unfortunately at this time the TinyPaw-Linux project has been retired. This SourceForge will remain up, thank you for all the support and communities this project drew inspiration from. -
7
Hullu Vulnerable System
Pentesting OVA, suits VMware or VirtualBox
Hullu is a custom-built lightweight offensive security training VM based on Alpine Linux. It's intended for educational use, penetration testing practice, and Capture The Flag (CTF)-style scenarios in isolated virtual lab environments. Pre-installed Tools and Services: + Web Stack: - Python3 + Flask - Apache2 with HTTPS - PHP + MySQL (MariaDB) - phpMyAdmin - FlaskVA (Python-based vulnerable app) https://github.com/kaledaljebur/FlaskVA - DVWA (PHP-based vulnerable app)... -
8
ScaNetOS
Entorno funcional para auditoría web y pentesting
ScaNetOS : Entorno de Auditoría Web Automatizada (v1.0) ScaNetOS es una Máquina Virtual en formato .OVA, diseñada para ser una máquina de análisis web y pentesting preconfigurada. Su objetivo es proporcionar un entorno de trabajo rápido y eficiente para pentesters éticos y analistas de seguridad enfocados en la auditoría de aplicaciones web y APIs. El corazón de esta MV es el ScaNet Panel (Script Bash v1.0), un menú centralizado que orquesta herramientas avanzadas y automatiza los flujos de trabajo más comunes, minimizando el tiempo de configuración. ... -
9
SnoopGod
The #1 Linux CyberSecurity Operating System
SnoopGod Linux is more than an operating system, it is a Free Open Source Community Project with the aim of promoting the culture of security in IT environment and give its contribution to make it better and safer. For more information feel free to visit our website https://snoopgod.com -
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
10
VPLE (Linux) Vulnerable Pentesting Lab Environment VPLE is an Intentionally Vulnerable Linux Virtual Machine. This VM can be used to conduct security training, test security tools, and practice common penetration testing Labs. In VPLE bunch of labs are Available. NOTE:- "Only run in VMWare Pls Don’t run in VirtualBox" Will also run on the ProxMox server to understand how to do it pls refer to the doc in the zip named "Cybersecurity Lab Deployment on Proxmox" The default login and password is administrator: password. ...
-
11
CrackMapExec
A swiss army knife for pentesting networks
CrackMapExec (CME) is a versatile post-exploitation and enumeration tool designed for pentesters and red teams to assess Active Directory environments. It supports credential spraying, command execution, file transfers, and module-based extensions across SMB, RDP, LDAP, and other protocols. CME provides automation and insight into Windows networks and is commonly used during lateral movement and domain enumeration phases. -
12
Pentest-Tools
A collection of custom security tools for quick needs.
...It includes a wide range of tools for tasks like web scraping, reconnaissance, data extraction, and network analysis. The suite is modular, allowing users to choose the tools that best fit their specific pentesting needs, from web application analysis to network penetration testing. -
13
IoT-PT
A new pentesting virtual environment for IoT Devices
OS info and Requirements Base OS : Lubuntu 18.04 LTS Processors : 2 (By default 4) RAM : 3GB (By default 8) VirtualBox 6+ username : iotpt ; password : iot1 -
14
CyphyOS
CyphyOS is Debian-based Distro for Cyber Physical System Hackers
CyphyOS is Debian 10 x86_64 Based Distro Flavor, specifically for Cyber Physical System penetration testing. Powered with XFCE4. Out-Of-The-Box Dedicated to All Hardware Hackers. Especially for those who are still using the common pentesting tools and in need of hardware, Embedded System, IoT and SCADA tools as well. Also SDR tools are in place and configurations are made for HackRF, RTL-SDR and BladeRF. Tools Are Listed In Discussion Tab. Default Username : hackerman Default Password : cyphy -
15
VPLE
Vulnerable Pentesting Lab Environment
VPLE (Linux) Vulnerable Pentesting Lab Environment VPLE is an Intentionally Vulnerable Linux Virtual Machine. This VM can be used to conduct security training, test security tools, and practice common penetration testing Labs. In VPLE bunch of labs are Available. NOTE:- "Only run in VMWare Pls Don’t run in VirtualBox" The default login and password is administrator: password. -
16
...IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES !!! ONLY FOR PENTESTING PURPOSES !!!
-
17
cynuxsecurity
Arch Linux Based Pentesting Distro
Cynux Security is arch based pentesting distribution comes with 200+ most recommended tools by professionals. The current release is testing so it have some bugs. The creds are cynux:cynux To install cynux 0.1 cli installer is available @ https://github.com/cynuxsecurity/cynux-installer To install cynux v2021.0.1 Type `sudo install_cynux` in terminal -
18
Parrot Project
Security, Development and Privacy Defense, all in one place.
Parrot is a cloud friendly operating system designed for Pentesting, Computer Forensic, Reverse engineering, Hacking, Cloud pentesting, privacy/anonimity and cryptography. Based on Debian and developed by Frozenbox network. -
19
WinPwn
Automation for internal Windows Penetrationtest / AD-Security
WinPwn is a PowerShell-based toolkit for automating internal Windows penetration testing and Active Directory reconnaissance. It streamlines many manual steps by integrating reconnaissance modules like Seatbelt, Inveigh, Rubeus, and PrivescCheck. With proxy auto‑detection, endpoint enumeration, and exploitation routines, it's widely used in red team and blue team tool chains. -
20
mongoaudit
A powerful MongoDB auditing and pentesting tool
mongoaudit is a CLI tool for auditing MongoDB servers, detecting poor security settings and performing automated penetration testing. It is widely known that there are quite a few holes in MongoDB's default configuration settings. This fact, combined with abundant lazy system administrators and developers, has led to what the press has called the MongoDB apocalypse. mongoaudit not only detects misconfigurations, known vulnerabilities and bugs but also gives you advice on how to fix them,... -
21
Black Artix
Artix Linux ISOs with BlackArch Repo enabled.
Artix + BlackArch = Black Artix , a nonsystemd pentesting distro, running on XFCE Desktop 64 Bits Only https://artixlinux.org/index.php https://www.blackarch.org/tools.html (more than 2500 tools) Thnx H3l3Kdh0riA for the project idea! This is an Unofficial Release and is not a supported ISO by Artix Linux or by BlackArch, packaged and delivered as such. Feel free to download it: https://www.fosshub.com/Black-Artix.html https://sourceforge.net/projects/artix-black/files/ISO/ Minimum Specs: One gigabyte (GB) of memory Thirty gigabytes (GB) of hard disk space A one gigahertz (Ghz) processor A high definition (HD) graphics card and monitor A broadband internet connection Recommended Specs: Four gigabyte (GB) of memory Sixty gigabytes (GB) of hard disk space A three gigahertz (Ghz)+, processor A high definition (HD) graphics card and monitor A broadband internet connection https://linuxer.gr -
22
cintruder
CIntruder - OCR Bruteforcing Toolkit
Captcha Intruder is an automatic pentesting tool to bypass captchas. -> CIntruder-v0.4 (.zip) -> md5 = 6326ab514e329e4ccd5e1533d5d53967 -> CIntruder-v0.4 (.tar.gz) ->md5 = 2256fccac505064f3b84ee2c43921a68 -------------------------------------------- -
23
Nethunter&Andrax-android-10
Nethunter & Andrax Kernel
**This is only for Z2 PLUS running on Android 10** ***This is for educational purpose only, I AM NOT RESPONSIBLE FOR ANY MISUSE OR ILLEGAL USAGE**** This is the kernel required by Nethunter & Andrax Pentesting platforms to make use of the WiFi Adapter via OTG for WiFi Pentesting. -
24
SYPPS
small yet powerful php shell
SYPPS - small yet powerful php shell is another PHP shell for pentesting -
25
WiFiWare
WiFi pentesting linux distro with pre-installed networking tools.
WiFiWare is a wifi pentesting linux distro with some pre-installed networking tools to check-crack wifi networks easily. you can either live boot the image on the go or install it on your pc with windows-installer program. In this distro, you would not run in the problem of manually installing the dependencies or the tools inself!
