Search Results for "test" - Page 2
Sort By:
Showing 111 open source projects for "test"
View related business solutions-
Gen AI apps are built with MongoDB AtlasMongoDB Atlas provides built-in vector search and a flexible document model so developers can build, scale, and run gen AI apps without stitching together multiple databases. From LLM integration to semantic search, Atlas simplifies your AI architecture—and it’s free to get started.
-
Level Up Your Cyber Defense with External Threat ManagementMove beyond alerts. Gain full visibility, context, and control over your external attack surface to stay ahead of every threat.
-
1
CanCanCan
The authorization Gem for Ruby on Rails
CanCanCan is an authorization library for Ruby and Ruby on Rails which restricts what resources a given user is allowed to access. All permissions can be defined in one or multiple ability files and not duplicated across controllers, views, and database queries, keeping your permissions logic in one place for easy maintenance and testing. Authorizations library that allows you to define the rules to access different objects, and provides helpers to check for those permissions. Rails helpers... -
2
Kernelhub
Kernel privilege escalation vulnerability collection
The original intention of making the project is for, learning, analyzing, and research the latest kernel vulnerabilities are not needed to see the system and related content. This project is a collection of proprietary, except for test failure or unspecified Exp, Demo GIF map. If there is an omission of the omission of CVE vulnerabilities, please join your issues and bring your use of code. Project code is prohibited from testing in a real environment! The reliability of the code is self... -
3
Shennina
Automating Host Exploitation with AI
... to identify recommended exploits for the attacks, and then attempts to test and attack the targets. If the attack succeeds, Shennina proceeds with the post-exploitation phase. The AI engine is initially trained against live targets to learn reliable exploits against remote services. Shennina also supports a "Heuristics" mode for identfying recommended exploits. -
4
Gophish
Open-Source Phishing Framework
Gophish is a powerful open-source phishing toolkit that makes it easy to test an organization’s exposure to phishing. Designed for businesses and penetration testers, Gophish lets you quickly and easily set up and launch phishing campaigns, track results and set up security awareness training. Gophish works on most platforms, including Windows, Mac OS X and Linux. -
The All-in-One Commerce Platform for Businesses - ShopifyShopify is a leading all-in-one commerce platform that enables businesses to start, build, and grow their online and physical stores. It offers tools to create customized websites, manage inventory, process payments, and sell across multiple channels including online, in-person, wholesale, and global markets. The platform includes integrated marketing tools, analytics, and customer engagement features to help merchants reach and retain customers. Shopify supports thousands of third-party apps and offers developer-friendly APIs for custom solutions. With world-class checkout technology, Shopify powers over 150 million high-intent shoppers worldwide. Its reliable, scalable infrastructure ensures fast performance and seamless operations at any business size.
-
5
PushNotifications
A macOS, Linux, Windows app to test push notifications on iOS Android
PushNotitication is an app used for testing push notifications on iOS and Android. Support macOS, Windows, Linux. Support using certificate and token for authentication with APNS. Auto save settings. To connect to APNs you can use either Provider certificate or Authentication Token. They are different ways and Authentication Token is a new one. Provider certificate expires every year and needs to be regenerated (and reuploaded to your server as .p12). Authentication Token is unlimited and... -
6
Kubesploit
Kubesploit is a cross-platform post-exploitation HTTP/2 Command
Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent dedicated for containerized environments written in Golang and built on top of Merlin project by Russel Van Tuyl. While researching Docker and Kubernetes, we noticed that most of the tools available today are aimed at passive scanning for vulnerabilities in the cluster, and there is a lack of more complex attack vector coverage. They might allow you to see the problem but not exploit it. It is... -
7
SIPVicious
Security tools that can be used to audit SIP based VoIP systems
SIPVicious OSS has been around since 2007 and is actively updated to help security teams, QA and developers test SIP-based VoIP systems and applications. Open-source security suite for auditing SIP based VoIP systems. Also known as friendly-scanner, it is freely available to help pentesters, security teams and developers quickly test their SIP systems. Download the latest source code from git or the latest release, send pull requests and open issues. Install the latest and greatest release... -
8
OpenSK
OpenSK is an open-source implementation for security keys
.... Developers can flash reference hardware, customize UX (LEDs, buttons, PIN), and experiment with extensions while staying interoperable with major browsers and platforms. A test and conformance suite validates protocol behavior against the WebAuthn/CTAP specs to ensure compatibility. -
9
Sudomy
Sudomy is a subdomain enumeration tool to collect subdomains
Sudomy is a subdomain enumeration tool to collect subdomains and analyze domains performing advanced automated reconnaissance (framework). This tool can also be used for OSINT (Open-source intelligence) activities. Easy, light, fast and powerful. Bash script (controller) is available by default in almost all Linux distributions. By using bash script multiprocessing feature, all processors will be utilized optimally. Subdomain enumeration process can be achieved by using active method or... -
Simple, Secure Domain RegistrationRegister or renew your domain and pay only what we pay. No markups, hidden fees, or surprise add-ons. Choose from over 400 TLDs (.com, .ai, .dev). Every domain is integrated with Cloudflare's industry-leading DNS, CDN, and free SSL to make your site faster and more secure. Simple, secure, at-cost domain registration.
-
10
Shaark
Self-hosted platform to keep and share your content
... able to active 2-FA (2 factors authentication). By default 2-FA is disabled but you can update it from your app settings. Code length and code expiration are also configurable. Test if you application can send emails before enabling this feature. Since 1.2.9, all chests data are encrypted in your database using AES-256-CBC and your app key. Others users can be admin or non-admin. Admin users are like the main user and have an access to the entire content. -
11
American Fuzzy Lop
American fuzzy lop - a security-oriented fuzzer
... it iterate. AFL is known for finding serious security issues in complex software due to its corpus minimization, queue management, and deterministic mutation stages that balance breadth and depth. It provides crash triage helpers and test case minimization so developers can reproduce and fix issues quickly. The design deliberately optimizes for robustness and speed on commodity hardware, which helped it become a standard part of many security testing pipelines. -
12
Gitkube
Build and deploy docker images to Kubernetes using git push
Gitkube is a tool for building and deploying Docker images on Kubernetes using git push. After a simple initial setup, users can simply keep git push-ing their repos to build and deploy to Kubernetes automatically. Ideal for development where you can push your WIP branch to the cluster to test. Reference implementation for writing git-based automation on your server. Fork this repo and create your own CRD + controller + git remote hook that can do things on the Kubernetes cluster... -
13
Wayne
Kubernetes multi-cluster management and publishing platform
... for more than two years, and withstood the test of production. -
14
Phrase-Chaser
Expands a passphrase into several variations
If one knew a passphrase was "password", or "melon", but didn't know the exact variations a user may have employed, this project will expand those simple phrases into many of their possible derivatives. For penetration testers and home-users looking to test the security of their authorized devices' passphrases :) -
15
SSH MITM
SSH man-in-the-middle tool
This penetration testing tool allows an auditor to intercept SSH connections. A patch applied to the OpenSSH v7.5p1 source code causes it to act as a proxy between the victim and their intended SSH server; all plaintext passwords and sessions are logged to disk. Of course, the victim's SSH client will complain that the server's key has changed. But because 99.99999% of the time this is caused by a legitimate action (OS re-install, configuration change, etc), many/most users will disregard... -
16
Offensive Web Testing Framework
Offensive Web Testing Framework (OWTF), is a framework
... on seemingly risky areas. Demonstrate true impact despite the short timeframes we are typically given to test. The tool is highly configurable and anybody can trivially create simple plugins or add new tests in the configuration files without having any development experience. OWTF is developed on KaliLinux and macOS but it is made for Kali Linux (or other Debian derivatives). -
17
Metasploitable
Metasploitable is an intentionally vulnerable Linux virtual machine
This is Metasploitable2 (Linux) Metasploitable is an intentionally vulnerable Linux virtual machine. This VM can be used to conduct security training, test security tools, and practice common penetration testing techniques. The default login and password is msfadmin:msfadmin. Never expose this VM to an untrusted network (use NAT or Host-only mode if you have any questions what that means). To contact the developers, please send email to msfdev@metasploit.com -
18
Firing Range
Firing Range is a test bed for web application security scanners
Firing Range is an intentionally vulnerable web application designed to evaluate the real-world effectiveness of web security scanners and training exercises. Deployed as a cloud-friendly app, it aggregates dozens of vulnerability patterns in repeatable, labeled routes so tools can be benchmarked on coverage and noise. The project doesn’t just include simple XSS forms; it spans variants such as DOM-based issues, context-sensitive sinks, template mishandling, CSRF, open redirects, and mixed... -
19
GORSK
Idiomatic Golang Restful Starter Kit
... of spending time wiring up your project, thinking how and where to place HTTP handlers, how to inject dependencies, test your application services and database using table tests and mocking, handle sessions and more - use Gorsk as a base foundation for your application and start adding business logic, or get learn from it and copy only what you need/like to your application. That was the primary idea behind this project. -
20
APIthet
An Application to security test RESTful web APIs.
APIthet is an application to security test RESTful web APIs. Assessing APIs help in detecting security vulnerabilities at an early stage of the SDLC. Compare this with assessing an Android application that uses APIs on a backend server. This kind of assessment happens at a much later phase of the SDLC. Even worse, it does not necessarily touch all the APIs. That's not all. You specify one of the JSON parameters as random. This helps set a unique value for a specific JSON parameter... -
21
SQUEEZER
Squeezer framework, build serverless dApps
... by using a special mechanism that will deploy smart contracts and dApp services where code changed. Silent deployments, no interruption for the current functionality (really useful on production). One single command to simultaneously deploy all available functions on your project where code changed from the last deployment. Test your code locally on a simulated functions platform for a faster development cycle. -
22
Wi-Fi Cracking
Crack WPA Wi-Fi routers with Airodump-ng and Aircrack-ng Hashcat
Crack Wi-Fi networks that are secured using weak passwords. It is not exhaustive, but it should be enough information for you to test your own network's security or break into one nearby. Begin by listing wireless interfaces that support monitor mode. If you do not see an interface listed then your wireless card does not support monitor mode. Start listening to 802.11 Beacon frames broadcast by nearby wireless routers using your monitor interface. WPA/WPA2 uses a 4-way handshake to authenticate... -
23
Advanced Persistent Security
Advanced Persistent Threat Security
..., The system will deny the pings, scan nmap and any type of test that is made to the system, Protecting from the core The mechanism of the system will prevent the retrieval of information or any forence attempt by creating a different identity at each beginning of the system and permanently erasing the previous identity with a click on you can hide your activity, delete safely with different modules, each identity is different to avoid the digital forensic analysis. advanceatz6x2ozf.onion / Site -
24
SpiderFoot
Open Source Intelligence Automation.
SpiderFoot is an open source intelligence automation tool. Its goal is to automate the process of gathering intelligence about a given target, which may be an IP address, domain name, hostname or network subnet. SpiderFoot can be used offensively, i.e. as part of a black-box penetration test to gather information about the target or defensively to identify what information your organisation is freely providing for attackers to use against you. -
25
Hash Value Tester (GUI)
Hash Checker
With this tool you are able to test different hashes: - MD2 - MD5 - SHA1 - SHA224 - SHA256 - SHA384 - SHA512 Recommended Java 8 For any questions you may use the ticketing system .