Search Results for "pentesting"
Sort By:
Showing 58 open source projects for "pentesting"
View related business solutions-
Keep company data safe with Chrome EnterpriseMake AI work your way with Chrome Enterprise. Block unapproved sites and set custom data controls that align with your company's policies.
-
Build Securely on Azure with Proven FrameworksMoving to the cloud brings new challenges. How can you manage a larger attack surface while ensuring great network performance? Turn to Fortinet’s Tested Reference Architectures, blueprints for designing and securing cloud environments built by cybersecurity experts. Learn more and explore use cases in this white paper.
-
1
PEASS-ng
Privilege Escalation Awesome Scripts SUITE
These tools search for possible local privilege escalation paths that you could exploit and print them to you with nice colors so you can recognize the misconfigurations easily. All the scripts/binaries of the PEAS suite should be used for authorized penetration testing and/or educational purposes only. Any misuse of this software will not be the responsibility of the author or of any other collaborator. Use it at your own machines and/or with the owner's permission. Here you will find... -
2
OWASP Juice Shop
Probably the most modern and sophisticated insecure web application
... to exploit the underlying vulnerabilities. The hacking progress is tracked on a scoreboard. Finding this scoreboard is actually one of the (easy) challenges! Apart from the hacker and awareness training use case, pentesting proxies or security scanners can use Juice Shop as a “guinea pig”-application to check how well their tools cope with JavaScript-heavy application frontends and REST APIs. -
3
Awesome Stars
A curated collection of top-tier penetration testing tools
... is framed as community-driven—inviting exploration, contributions, and continuous enhancement of one’s toolkit. Because it aggregates rather than authors tooling, it serves as a navigation hub for both learners and seasoned testers. Actively starred and forked, signaling ongoing maintenance. Topic pages and GitHub listings surface it among popular pentesting resources, reinforcing its role as a go-to index. -
4
OWASP Juice Shop
Probably the most modern and sophisticated insecure web application
.... The application contains a vast number of hacking challenges of varying difficulty where the user is supposed to exploit the underlying vulnerabilities. The hacking progress is tracked on a score board. Finding this score board is actually one of the (easy) challenges! Apart from the hacker and awareness training use case, pentesting proxies or security scanners can use Juice Shop as a "guinea pig"-application to check how well their tools cope with JavaScript-heavy application frontends and REST APIs. -
Photo and Video Editing APIs and SDKsUnlock Picsart's full editing suite by embedding our Editor SDK directly into your platform. Offer your users the power of a full design suite without leaving your site.
-
5
TinyPaw-Linux
Passive & Aggressive WiFi attack distro
Linux WiFi pentesting distribution built off Tiny Core Linux and inspired by the Xiaopan OS project. Lightweight with some new tools and updates to tools that have stood the test of time. Unfortunately at this time the TinyPaw-Linux project has been retired. This SourceForge will remain up, thank you for all the support and communities this project drew inspiration from. -
6
Hullu Vulnerable System
Pentesting OVA, suits VMware or VirtualBox
Hullu is a custom-built lightweight offensive security training VM based on Alpine Linux. It's intended for educational use, penetration testing practice, and Capture The Flag (CTF)-style scenarios in isolated virtual lab environments. Pre-installed Tools and Services: + Web Stack: - Python3 + Flask - Apache2 with HTTPS - PHP + MySQL (MariaDB) - phpMyAdmin - FlaskVA (Python-based vulnerable app) https://github.com/kaledaljebur/FlaskVA - DVWA (PHP-based vulnerable app)... -
7
VPLE (Linux) Vulnerable Pentesting Lab Environment VPLE is an Intentionally Vulnerable Linux Virtual Machine. This VM can be used to conduct security training, test security tools, and practice common penetration testing Labs. In VPLE bunch of labs are Available. NOTE:- "Only run in VMWare Pls Don’t run in VirtualBox" Will also run on the ProxMox server to understand how to do it pls refer to the doc in the zip named "Cybersecurity Lab Deployment on Proxmox" The default login...
-
8
SnoopGod
The #1 Linux CyberSecurity Operating System
SnoopGod Linux is more than an operating system, it is a Free Open Source Community Project with the aim of promoting the culture of security in IT environment and give its contribution to make it better and safer. For more information feel free to visit our website https://snoopgod.com -
9
CrackMapExec
A swiss army knife for pentesting networks
CrackMapExec (CME) is a versatile post-exploitation and enumeration tool designed for pentesters and red teams to assess Active Directory environments. It supports credential spraying, command execution, file transfers, and module-based extensions across SMB, RDP, LDAP, and other protocols. CME provides automation and insight into Windows networks and is commonly used during lateral movement and domain enumeration phases. -
Level Up Your Cyber Defense with External Threat ManagementMove beyond alerts. Gain full visibility, context, and control over your external attack surface to stay ahead of every threat.
-
10
Pentest-Tools
A collection of custom security tools for quick needs.
Pentest-Tools is a collection of penetration testing scripts and utilities designed to help security professionals and ethical hackers perform vulnerability assessments. It includes a wide range of tools for tasks like web scraping, reconnaissance, data extraction, and network analysis. The suite is modular, allowing users to choose the tools that best fit their specific pentesting needs, from web application analysis to network penetration testing. -
11
CyphyOS
CyphyOS is Debian-based Distro for Cyber Physical System Hackers
CyphyOS is Debian 10 x86_64 Based Distro Flavor, specifically for Cyber Physical System penetration testing. Powered with XFCE4. Out-Of-The-Box Dedicated to All Hardware Hackers. Especially for those who are still using the common pentesting tools and in need of hardware, Embedded System, IoT and SCADA tools as well. Also SDR tools are in place and configurations are made for HackRF, RTL-SDR and BladeRF. Tools Are Listed In Discussion Tab. Default Username : hackerman Default Password... -
12
IoT-PT
A new pentesting virtual environment for IoT Devices
OS info and Requirements Base OS : Lubuntu 18.04 LTS Processors : 2 (By default 4) RAM : 3GB (By default 8) VirtualBox 6+ username : iotpt ; password : iot1 -
13
VPLE
Vulnerable Pentesting Lab Environment
VPLE (Linux) Vulnerable Pentesting Lab Environment VPLE is an Intentionally Vulnerable Linux Virtual Machine. This VM can be used to conduct security training, test security tools, and practice common penetration testing Labs. In VPLE bunch of labs are Available. NOTE:- "Only run in VMWare Pls Don’t run in VirtualBox" The default login and password is administrator: password. List Of All Labs in one VM:- 1. Web-DVWA 2. Mutillidae 3. Webgoat 4. Bwapp 5. Juice-shop 6... -
14
DISCLAIMER: USE ON YOUR OWN RISK. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER OR CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES !!! ONLY FOR PENTESTING PURPOSES !!!
-
15
WinPwn
Automation for internal Windows Penetrationtest / AD-Security
WinPwn is a PowerShell-based toolkit for automating internal Windows penetration testing and Active Directory reconnaissance. It streamlines many manual steps by integrating reconnaissance modules like Seatbelt, Inveigh, Rubeus, and PrivescCheck. With proxy auto‑detection, endpoint enumeration, and exploitation routines, it's widely used in red team and blue team tool chains. -
16
Parrot Project
Security, Development and Privacy Defense, all in one place.
Parrot is a cloud friendly operating system designed for Pentesting, Computer Forensic, Reverse engineering, Hacking, Cloud pentesting, privacy/anonimity and cryptography. Based on Debian and developed by Frozenbox network. -
17
cynuxsecurity
Arch Linux Based Pentesting Distro
Cynux Security is arch based pentesting distribution comes with 200+ most recommended tools by professionals. The current release is testing so it have some bugs. The creds are cynux:cynux To install cynux 0.1 cli installer is available @ https://github.com/cynuxsecurity/cynux-installer To install cynux v2021.0.1 Type `sudo install_cynux` in terminal -
18
mongoaudit
A powerful MongoDB auditing and pentesting tool
mongoaudit is a CLI tool for auditing MongoDB servers, detecting poor security settings and performing automated penetration testing. It is widely known that there are quite a few holes in MongoDB's default configuration settings. This fact, combined with abundant lazy system administrators and developers, has led to what the press has called the MongoDB apocalypse. mongoaudit not only detects misconfigurations, known vulnerabilities and bugs but also gives you advice on how to fix them,... -
19
cintruder
CIntruder - OCR Bruteforcing Toolkit
Captcha Intruder is an automatic pentesting tool to bypass captchas. -> CIntruder-v0.4 (.zip) -> md5 = 6326ab514e329e4ccd5e1533d5d53967 -> CIntruder-v0.4 (.tar.gz) ->md5 = 2256fccac505064f3b84ee2c43921a68 -------------------------------------------- -
20
Black Artix
Artix Linux ISOs with BlackArch Repo enabled.
Artix + BlackArch = Black Artix , a nonsystemd pentesting distro, running on XFCE Desktop 64 Bits Only https://artixlinux.org/index.php https://www.blackarch.org/tools.html (more than 2500 tools) Thnx H3l3Kdh0riA for the project idea! This is an Unofficial Release and is not a supported ISO by Artix Linux or by BlackArch, packaged and delivered as such. Feel free to download it: https://www.fosshub.com/Black-Artix.html https://sourceforge.net/projects/artix-black/files/ISO... -
21
Nethunter&Andrax-android-10
Nethunter & Andrax Kernel
**This is only for Z2 PLUS running on Android 10** ***This is for educational purpose only, I AM NOT RESPONSIBLE FOR ANY MISUSE OR ILLEGAL USAGE**** This is the kernel required by Nethunter & Andrax Pentesting platforms to make use of the WiFi Adapter via OTG for WiFi Pentesting. -
22
SYPPS
small yet powerful php shell
SYPPS - small yet powerful php shell is another PHP shell for pentesting -
23
WiFiWare
WiFi pentesting linux distro with pre-installed networking tools.
WiFiWare is a wifi pentesting linux distro with some pre-installed networking tools to check-crack wifi networks easily. you can either live boot the image on the go or install it on your pc with windows-installer program. In this distro, you would not run in the problem of manually installing the dependencies or the tools inself! -
24
Appie
Android Pentesting Portable Integrated Environment
Appie is a software package that has been pre-configured to function as an Android Pentesting Environment.It is completely portable and can be carried on USB stick.This is a one stop answer for all the tools needed in Android Application Security Assessment. -
25
Pentdroid
Small tool for apk operations required during android app pentesting
Tools consist of mini modules which automates and reduces tester efforts for setting up the basic environment and typing long tool queries .