The best Security Testing tools and resources on the internet.

Over 46+ awesome Security Testing tools and resources on the internet to supercharge your testing.

Metasploit

Metasploit

Free

The world’s most used penetration testing framework

Security Testing
NetExec

NetExec

Free

Ultimate Network Service Exploitation Tool

Security Testing
M

Mobile Security Framework (MobSF)

Free

All-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework.

Security Testing
Web Check

Web Check

Free

πŸ•΅οΈβ€β™‚οΈ All-in-one OSINT tool for analysing any website

Security Testing
Indetectables Toolkit

Indetectables Toolkit

Free

98 apps to perform reverse engineering and binary/malware analysis.

Security Testing
L

Lynis

Free

Security auditing and hardening tool, for UNIX-based systems.

Security Testing
P

Payloads All The Things

Free

A list of useful payloads and bypasses for Web Application Security

Security Testing
Burp Suite Logger++

Burp Suite Logger++

Free

Advanced Logging for Burp Suite.

Security Testing
P

Postman Security Test Generator

Free

Execute role based security tests on APIs

Security Testing
Open CRE

Open CRE

Free

A platform that interactively links resources together using connecting threats, weaknesses, standards, code samples, and test instructions.

Security Testing
MalwareBazaar

MalwareBazaar

Free

The purpose of the project is to collect and share malware samples.

Security Testing
Trufflehog

Trufflehog

Free

Sniffing out credentials.

Security Testing
X

XSSHunter

Free

Use Docker and Dockery Compose to test and find blind cross-site scripting vulnerabilities.

Security Testing
GradeJS

GradeJS

Free

Analyze webpack production bundle

Security Testing
Cherrybomb

Cherrybomb

Free

A CLI tool that helps you avoid undefined user behaviour by validating your API specifications.

Security Testing
BITB

BITB

Free

Browser templates for Browser In The Browser (BITB) attack.

Security Testing
L

Lockfile Lint

Free

Lint an npm or Yarn lockfile to analyze and detect security issues via predefined security policies.

Security Testing
R

RapiDAST

Free

Simple, continuous and fully automated application security testing.

Security Testing
N

Nogotofail

Free

An on-path blackbox network traffic security testing tool

Security Testing
Wfuzz

Wfuzz

Free

Automate web applications security assessments

Security Testing
beef

beef

Free

It is a penetration testing tool that focuses on the web browser.

Security Testing
Arachni

Arachni

Free

Web Application Security Scanner Framework

Security Testing
W

Wapiti

Free

Web vulnerability scanner written in Python3

Security Testing
Security List

Security List

Free

Curated lists of tools, tips and resources for protecting digital security and privacy

Security Testing
Violating GDPR

Violating GDPR

Free

Enter a URL and this tool will tell you if the website is violating GDPR laws.

Security Testing
S

Static Code Analysis

Free

List of Static Code Analyzers

Security Testing
DenyHosts

DenyHosts

Free

DenyHosts is a script intended to be run by Linux system administrators to help thwart SSH server attacks (also known as dictionary based attacks and brute force attacks).

Security Testing
Fail2ban

Fail2ban

Free

It scans log files (e.g. /var/log/apache/error_log) and bans IPs that show the malicious signs -- too many password failures, seeking for exploits, etc

Security Testing
Mozilla Observatory

Mozilla Observatory

Free

online tool that you can use to check any website’s header status.

Security Testing
PrivacyTests

PrivacyTests

Free

open source tests of web browser privacy.

Security Testing
Semgrep

Semgrep

Free

Static analysis at ludicrous speed.

Security Testing
Terrascan

Terrascan

Free

Static code analyzer for Infrastructure as Code

Security Testing
gitleaks

gitleaks

Free

Scan git repos (or files) for secrets using regex and entropy πŸ”‘

Security Testing
Deepfence ThreatMapper

Deepfence ThreatMapper

Free

Identify vulnerabilities in running containers, images, hosts and repositories

Security Testing
A

Awesome Penetration Testing

Free

A collection of awesome penetration testing and offensive cybersecurity resources.

Security Testing
Mariana Trench

Mariana Trench

Free

Mariana Trench is a security focused static analysis platform targeting Android.

Security Testing
SonarLint

SonarLint

Free

Clean Code starts in your IDE

Security Testing
N

Nuclei Templates

Free

Community curated list of templates for the nuclei engine to find security vulnerabilities in applications.

Security Testing
P

Pentest Bookmarkz

Free

A collection of useful links for Pentesters

Security Testing
Mobile Security Framework

Mobile Security Framework

Free

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

Security Testing
Nmap Security Scanner

Nmap Security Scanner

Free

Security Testing

Security Testing
security.txt

security.txt

Free

Security standard

Security Testing
sqlmap

sqlmap

Free

Automatic SQL injection and database takeover tool

Security Testing
Tails

Tails

Free

Operating System

Security Testing
Kali Linux

Kali Linux

Free

Operatng System

Security Testing
Zap

Zap

Free

Scanning tool for security vulnerabilities

Security Testing