Open Source Python Penetration Testing Tools for Linux
Sort By:
Python Penetration Testing Tools for Linux
View 19 business solutionsBrowse free open source Python Penetration Testing Tools for Linux and projects below. Use the toggles on the left to filter open source Python Penetration Testing Tools for Linux by OS, license, language, programming language, and project status.
-
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
Context for your AI agentsBuild data pipelines that feed your AI models and agents without managing infrastructure. Crawl any website, transform content, and push directly to your preferred vector store. Use 10,000+ tools for RAG applications, AI assistants, and real-time knowledge bases. Monitor site changes, trigger workflows on new data, and keep your AIs fed with fresh, structured information. Cloud-native, API-first, and free to start until you need to scale.
-
1
Web Security Dojo
Virtual training environment to learn web app ethical hacking.
Web Security Dojo is a virtual machine that provides the tools, targets, and documentation to learn and practice web application security testing. A preconfigured, stand-alone training environment ideal for classroom and conferences. No Internet required to use. Ideal for those interested in getting hands-on practice for ethical hacking, penetration testing, bug bounties, and capture the flag (CTF). A single OVA file will import into VirtualBox and VMware. There is also an Ansible script for those brave souls that want transform their stock Ubuntu into a virtual dojo. Bow to your sensei! username: dojo password: dojo -
2
BerserkArch
A bleeding-edge, security-centric Arch-based Linux distribution.
BerserkArch is a security-focused, performance-tuned Linux operating system (OS) based on Arch Linux, designed for developers, hackers, and technical users. A bleeding-edge, security-centric Arch-based Linux distribution crafted for hackers, developers, and nerds alike. Following the Arch Linux philosophy, it is designed to be highly customizable, allowing users to build their environment with only the components they need, rather than having a lot of pre-installed software like some other security distributions (e.g., Kali Linux). As an Arch-based distribution, it benefits from the rolling release model, providing users with the latest software versions and kernel updates. BerserkArch is a dist "designed to make you powerful" for specific use cases like reverse-engineering binaries and automating exploits, rather than being an easy-to-use distribution for general beginners. -
3
<<Hack|Track GNU/Linux
Distro Penetrasing Live System Burn to USB Flash Disk & Run.
<<Hack|Track GNU/Linux is an open source operating system developed by the HTGL Project from Indonesia which provides penetration testing. -
4
dirsearch
Web path scanner
An advanced command-line tool designed to brute force directories and files in webservers, AKA web path scanner. Wordlist is a text file, each line is a path. About extensions, unlike other tools, dirsearch only replaces the %EXT% keyword with extensions from -e flag. For wordlists without %EXT% (like SecLists), -f | --force-extensions switch is required to append extensions to every word in wordlist, as well as the /. To use multiple wordlists, you can separate your wordlists with commas. Example: wordlist1.txt,wordlist2.txt. Default values for dirsearch flags can be edited in the configuration file: default.conf. The thread number (-t | --threads) reflects the number of separated brute force processes. And so the bigger the thread number is, the faster dirsearch runs. By default, the number of threads is 30, but you can increase it if you want to speed up the progress. -
Collect! is a highly configurable debt collection softwareThe flexible & scalable debt collection software built to automate your workflow. From startup to enterprise, we have the solution for you.
-
5
What is DracOS GNU/Linux Remastered ? DracOS GNU/Linux Remastered ( https://github.com/dracos-linux ) is the Linux operating system from Indonesia , open source is built based on Debian live project under the protection of the GNU General Public License v3.0. This operating system is one variant of Linux distributions, which is used to perform security testing (penetration testing). Dracos linux in Arm by hundreds hydraulic pentest, forensics and reverse engineering. Use a GUI-based tools-tools the software using the CLI (command line interface) and GUI (graphical user interface) to perform its operations. Now Dracos currently already up to version 3.1.5 with the code name "KUNTILANAK WITH REMASTERED".
-
6
Build by Rajib Acharyya(Spid3r64) ANONIMITY Metasploit Armitage Cobalt Strike & veil WIRELESS SECURITY SNIFFERS PYTHON,PERL & RUBY FORENSICS BRUTE FORCE & DDOS ANDROID TOOLS Based on : Ubuntu 12.04 LTS(32bit) (Custom Backbox) user:root pass:india Kernel version =>3.8.0-29 generic Desktop environment's => xfce,conky,Docky Version 1.0(full) Extra Softwares inbuilt => Skype,Virtualbox,Filezila,Chromium Browser,XDM(Xtreme Download Manager) ,Gimp,Python...many more Credit List: Pedro Ubuntu(r00tsect0r) For Netool.sh Asif Iqbal (cobalt strike) w0lf3nst3in3 Rohit Verma(Startx) Navonil Sanpui(M3ghnath) Team BHS
-
7
HackShark Linux
Lightweight Linux distro for penetration testing
Based on MATE environment HackShark Linux is a lightweight distribution for penetration testing, cyber forensic investigation and vulnerability assessment purpose. -
8
Inguma is a free penetration testing and vulnerability discovery toolkit entirely written in python. Framework includes modules to discover hosts, gather information about, fuzz targets, brute force usernames and passwords, exploits, and a disassembl
-
9
MrFish
A anti-phishing Python script with headers and proxies!
MrFish is a powerful tool designed to automate the creation of fake account submissions for phishing tests and vulnerability assessments. With the ability to generate random usernames, passwords, and even credit card data, it simulates real user behavior to help test the security of online forms. Featuring customizable settings for proxy support, user inputs (email or username), and multiple threads for speed, MrFish provides an efficient way to stress-test web servers and form-handling systems. It's ideal for security researchers looking to automate the process of probing online platforms for vulnerabilities while maintaining anonymity. Please use responsibly and ensure compliance with all applicable laws and ethical guidelines when using MrFish for testing purposes. -
Say goodbye to broken revenue funnels and poor customer experiencesLeanData is a Demand Management solution that supports all go-to-market strategies such as account-based sales development, geo-based territories, and more. LeanData features a visual, intuitive workflow native to Salesforce that enables users to view their entire lead flow in one interface. LeanData allows users to access the drag-and-drop feature to route their leads. LeanData also features an algorithms match that uses multiple fields in Salesforce.
-
10
RemoteSploit
Automated exploitation tool for SSH and RDP
Automated exploitation tool for SSH and RDP -
11
ODS3 Virtual Machine Challenge
Virtual Machine Image To Test Penetration Skills
The ODS3 Virtual Machine Challenge are downloadable images that can be run as VMWare or VirtualBox instances. The Idea behind the challenge is to test and exercise web application penetration testing in a controlled environment. These images are great for cyber security students, penetration testers and hobbyist. Care should be taken if installed on an Internet access host as the application are purposely vulnerable to attack and exploitation. -
12
BashCore
A custom Debian live ISO with security tools, no GUI, only Bash.
BashCore is a Debian-based live ISO for security pros, networking enthusiasts, and students. Minimalist and GUI-free, it relies entirely on Bash. Lightweight, fast, GPU-ready, and now offering an optional PREEMPT_RT kernel, it provides a fresh environment on every boot, ideal for safe experimentation, learning, and diagnostics. Built with Debian live-build, MIT-licensed, no branding, telemetry, or tracking. Also available: BashCoreX adds XFCE with Firefox, Tor & Mullvad browsers, Wireshark, GParted, and FileZilla. BashCoreT is CLI-only, Debian 13 “Trixie” with Linux 6.12 (PREEMPT_RT selectable at boot). BashCoreTX combines XFCE with Debian 13, Linux 6.12, Firefox, Tor & Mullvad browsers, and Wireshark. BashCoreZ is ultra-minimal CLI, live Debian 13 netinst, PREEMPT_RT kernel. BashLabOS is for everyday use, XFCE with GIMP, FileZilla, VLC, LibreOffice, GParted, Tor, Mullvad, Tor & LibreWolf browsers, Proxychains4. Info & download at https://www.bashcore.org -
13
A daemon that creates realtime dynamic, expirable iptables rules to block/drop IP addresses attempting brute-force breakin attacks on a linux host via ssh or other mechanism. Highly customizable and extensible.
-
14
Penetration-Testing-Toolkit v1.0
A web interface for various penetration testing tools
Penetration-Testing-Toolkit is a web based project to automate Scanning a network,Exploring CMS, Generating Undectable metasploit payload, DNS-Queries, IP related informations, Information Gathering, Domain related info etc -
15
Setra
Password protected zip file cracker.
Setra is a cross-platform command line utility used to brute-force password protected zip file. It is written in the Python programming language. -
16
Sherlock Roams is a Python-based password auditing tool for Un*x-based systems. It uses a brute force approach on the shadow file (or the regular password file if that fails) to determine which users on your system have obviously insecure passwords.
-
17
The_Deck_Linux
Portable Penetration Testing Operating System
It is an Portable Penetration Testing Operating System designed for Beagle Bone AI. It is an debian based operating system fully packed with all latest Hacking Tools. The Root file system used in this Deck Linux is Ubuntu 20.04 LTS. It can be installed in Beagle Board AI and can use as a replacement for Laptop, Desktop. It can be placed on a drone too. It has a pre-installed MeshDeck (written by Philip Polstra) so it can be runned in a ZigBee network. We can attacks from up to a mile away using multiple devices connected via 802.15.4 networking (MeshDeck). -
18
Wordpie Python Based Brute Force
Python Based Brute Force Password Cracking Assistant By Clownsec
A python script used to generate all possible password combinations for cracking WAP and other logins or password files. This program is open source. If you see the need to repair or change something by all means do so, but share your findings. *HONK* Usage: wordpie.py [-h] [-o OUTPUT] [-min MIN_SIZE] [-max MAX_SIZE] [-N] [-L] [-U] [-S] [-A] [-v] Generate a wordlist with all possible combinations of letters including: -L (Lowercase Letters) -U (Uppercase Letters) -N (Numbers) -S (Special Characters) -A (All Characters, Numbers, and Letters) -min (Minimum Size) -max (Maximum Size) -o outputfile.gz or -o stdout By default -o filename.gz to create a GZ compressed text file of all the words. Use the keyword "stdout" to print to screen or for use with other programs like Aircrack-ng or Medusa ./wordpie.py | xargs -L 1 medusa -h 192.168.1.1 -u admin -M web-form -p ./wordpie.py -o stdout -A | aircrack-ng -b XX:XX:XX:XX:XX:XX -w - *.cap -
19
Etherwall is a free and open source network security tool that prevents Man in The Middle (MITM) through ARP Spoofing/Poisoning attacks. It Also prevent it from various attacks such as Sniffing, Hijacking, Netcut, DHCP Spoofing, DNS Spoofing, WEB Spoofing, and others. Note: For personal computer use only (client security) if you like this program, please give us your vote at http://sourceforge.net/projects/etherwall/reviews/
-
20
netool toolkit 4.6
MitM pentesting opensource toolkit
Operative Systems Suported are: Linux-ubuntu, kali-linux, backtack-linux (un-continued), freeBSD, Mac osx (un-continued) Netool its a toolkit written using 'bash, python, ruby' that allows you to automate frameworks like Nmap, Driftnet, Sslstrip, Metasploit and Ettercap MitM attacks. this toolkit makes it easy tasks such as SNIFFING tcp/udp traffic, Man-In-The-Middle attacks, SSL-sniff, DNS-spoofing, D0S attacks in wan/lan networks, TCP/UDP packet manipulation using etter-filters, and gives you the ability to capture pictures of target webbrowser surfing (driftnet), also uses macchanger to decoy scans changing the mac address. Rootsector module allows you to automate some attacks over DNS_SPOOF + MitM (phishing - social engineering) using metasploit, apache2 and ettercap frameworks. Like the generation of payloads, shellcode, backdoors delivered using dns_spoof and MitM method to redirect a target to your phishing webpage. recent as introducted the scanner inurlbr (by cleiton) -
21
sectest
Security & Penetration Testing Suite
Open source Penetration Testing Suite for IT professionals and penetration testers. SecTest automates the boring repetitive procedures of penetration testing.
- Previous
- You're on page 1
- Next
