Search Results for "attacks"
Sort By:
Showing 72 open source projects for "attacks"
View related business solutions-
Earn up to 15% annual interest with Nexo.Generate interest, borrow against your crypto, and trade a range of cryptocurrencies — all in one platform. Geographic restrictions, eligibility, and terms apply.
-
Earn up to 15% annual interest with Nexo.Put idle assets to work with competitive interest rates, borrow without selling, and trade with precision. All in one platform. Geographic restrictions, eligibility, and terms apply.
-
1
WAFW00F
WAFW00F allows one to identify and fingerprint Web App Firewall
...If that is also not successful, it analyses the responses previously returned and uses another simple algorithm to guess if a WAF or security solution is actively responding to our attacks. For further details, check out the source code on our main repository. -
2
Pants Build System
The Pants Build System
...Pants has out-of-the-box support for multiple dependency resolves and their corresponding lockfiles, so you can have hermetic, repeatable builds that are resilient to supply chain attacks, even in complex situations where you have multiple versions of the same dependencies in different parts of the codebase. -
3
LLM Guard
The Security Toolkit for LLM Interactions
LLM Guard is an open-source security toolkit designed to protect large language model applications from various security risks and adversarial attacks. The library acts as a protective layer between users and language models by analyzing inputs and outputs before they reach or leave the model. It includes scanning mechanisms that detect malicious prompts, prompt injection attempts, toxic content, and other harmful inputs that could compromise AI systems. The toolkit also helps prevent sensitive information leaks by identifying secrets such as API keys or credentials before they are processed by the model. ... -
4
Agentic Security
Agentic LLM Vulnerability Scanner / AI red teaming kit
The open-source Agentic LLM Vulnerability Scanner. -
Run applications fast and securely in a fully managed environmentRun frontend and backend services, batch jobs, deploy websites and applications, and queue processing workloads without the need to manage infrastructure.
-
5
Wfuzz
Web application fuzzer
...A payload in Wfuzz is a source of data. This simple concept allows any input to be injected in any field of an HTTP request, allowing to perform complex web security attacks in different web application components such as: parameters, authentication, forms, directories/files, headers, etc. -
6
TextAttack
Python framework for adversarial attacks, and data augmentation
Generating adversarial examples for NLP models. TextAttack is a Python framework for adversarial attacks, data augmentation, and model training in NLP. -
7
AgentOps
Python SDK for agent monitoring, LLM cost tracking, benchmarking, etc.
...Visually track events such as LLM calls, tools, and multi-agent interactions. Rewind and replay agent runs with point-in-time precision. Keep a full data trail of logs, errors, and prompt injection attacks from prototype to production. Native integrations with the top agent frameworks. -
8
Splunk Attack Range
A tool that allows you to create vulnerable environments
The Splunk Attack Range is an open-source project maintained by the Splunk Threat Research Team. It builds instrumented cloud (AWS, Azure) and local environments (Virtualbox), simulates attacks, and forwards the data into a Splunk instance. This environment can then be used to develop and test the effectiveness of detections. -
9
Locust
Scalable open source load testing tool
Locust is an open source user load testing tool written in Python. The idea behind Locust is to swarm your web site or other systems with attacks from simulated users during a test, with each user behavior defined by you using Python code. This swarming process is then monitored from a web UI in real-time, and will help identify any bottlenecks in your code before real users can come in. As it is completely event-based, Locust can have thousands or even millions of simultaneous users distributed over multiple machines swarming your system. ... -
Contractor Foreman is the most affordable all-in-one construction management software for contractors and is trusted by contractors in more than 75 countries.Starting at $49/m for the WHOLE company, Contractor Foreman is the most affordable all-in-one construction management system for contractors. Our customers in 75+ countries and industry awards back it up. And it's all backed by a 100 day guarantee.
-
10
FLEXible
Federated Learning (FL) experiment simulation in Python
FLEXible (Federated Learning Experiments) is a Python framework offering tools to simulate FL with deep learning. It includes built-in datasets (MNIST, CIFAR10, Shakespeare), supports TensorFlow/PyTorch, and has extensions for adversarial attacks, anomaly detection, and decision trees. -
11
RedAmon
AI-powered framework for automated penetration testing and red teaming
...RedAmon then uses an AI agent orchestrator to analyze this data, select appropriate tools, and perform exploitation steps such as credential brute forcing or CVE-based attacks. All discovered assets, relationships, and vulnerabilities are stored in a Neo4j knowledge graph, allowing the system to reason about the environment and make informed decisions during the attack process. -
12
Impacket
A collection of Python classes for working with network protocols
Impacket is a collection of Python classes designed for working with network protocols. It was primarily created in the hopes of alleviating some of the hindrances associated with the implementation of networking protocols and stacks, and aims to speed up research and educational activities. It provides low-level programmatic access to packets, and the protocol implementation itself for some of the protocols, like SMB1-3 and MSRPC. It features several protocols, including Ethernet, IP, TCP,... -
13
GuardDog
GuardDog is a CLI tool to Identify malicious PyPI and npm packages
guarddog is an open-source security tool by DataDog designed to detect risks in open-source dependencies. It helps developers analyze software supply chain risks and prevent malicious or vulnerable packages from being used. -
14
status-react
A free (libre) open source, mobile OS for Ethereum
...Safely send, store and receive cryptocurrencies including ERC20 and ERC721 tokens with the Status crypto wallet. Only you hold the keys to your funds. Status' intuitive design protects you and your funds from attacks. Status uses an open-source, peer-to-peer protocol, and end-to-end encryption to protect your messages from third parties. -
15
Foolbox
Python toolbox to create adversarial examples
Foolbox: Fast adversarial attacks to benchmark the robustness of machine learning models in PyTorch, TensorFlow, and JAX. Foolbox 3 is built on top of EagerPy and runs natively in PyTorch, TensorFlow, and JAX. Foolbox provides a large collection of state-of-the-art gradient-based and decision-based adversarial attacks. Catch bugs before running your code thanks to extensive type annotations in Foolbox. -
16
Status - a Mobile Ethereum OS
A free (libre) open source, mobile OS for Ethereum
...Safely send, store and receive cryptocurrencies including ERC20 and ERC721 tokens with the Status crypto wallet. Only you hold the keys to your funds. Status' intuitive design protects you and your funds from attacks. Status uses an open-source, peer-to-peer protocol, and end-to-end encryption to protect your messages from third parties. Keep your private messages private with Status. Browse the growing ecosystem of DApps including marketplaces, exchanges, games, and social networks. The latest security standards ensure a private browsing experience. ... -
17
In-The-Wild Jailbreak Prompts on LLMs
A dataset consists of 15,140 ChatGPT prompts from Reddit
In-The-Wild Jailbreak Prompts on LLMs is an open-source research repository that provides datasets and analytical tools for studying jailbreak prompts used to bypass safety restrictions in large language models. The project is part of a research effort to understand how users attempt to circumvent alignment and safety mechanisms built into modern AI systems. The repository includes a large collection of prompts gathered from real-world platforms such as Reddit, Discord, prompt-sharing... -
18
Cr3dOv3r
Know the dangers of credential reuse attacks
Cr3dOv3r is a penetration testing and security auditing tool designed to demonstrate and analyze the risks associated with credential reuse across multiple online services. It allows users to input an email address and automatically checks for data breaches and leaked credentials using public databases. The tool then attempts to verify whether those credentials are reused across various popular platforms, highlighting potential vulnerabilities. It is primarily intended for educational and... -
19
Pokete
A terminal based Pokemon like game
...First of all you get a starter Pokete (Steini), that you can use to fight battles with other Poketes. Use W, A, S and D to move around. When entering the high grass (;), you may be attacked by a wild Pokete. By pressing 1 you can choose between the attacks your Pokete has (as long their AP is over 0). By pressing the according number, or navigating with the * cursor to the attack and pressing Enter you can use the attack selected. The wild Pokete will fight back, but you can kill it and gain XP to level up your Pokete. If you would like to catch a wild Pokete, you must first weaken it and then throw a Poketeball. ... -
20
dnstwist
Detects phishing and lookalike domains using DNS fuzzing techniques
...It works by generating a large set of domain name permutations based on a target domain and analyzing whether any of those variants are actively registered or used. These permutations simulate common techniques used in phishing attacks, typosquatting, and brand impersonation campaigns. Security teams can use the tool to discover potential threats where attackers attempt to deceive users with lookalike domains. dnstwist also helps detect phishing activity by comparing web page content and visual similarity between domains using fuzzy hashing and perceptual hashing techniques. ... -
21
Pacu
The AWS exploitation framework, designed for testing security
Pacu (named after a type of Piranha in the Amazon) is a comprehensive AWS security-testing toolkit designed for offensive security practitioners. While several AWS security scanners currently serve as the proverbial “Nessus” of the cloud, Pacu is designed to be the Metasploit equivalent. Written in Python 3 with a modular architecture, Pacu has tools for every step of the pen testing process, covering the full cyber kill chain. Pacu is the aggregation of all of the exploitation experience... -
22
AI-Tutorials/Implementations Notebooks
Codes/Notebooks for AI Projects
...The repository contains numerous Jupyter notebooks and code samples that demonstrate modern techniques in machine learning, deep learning, data science, and large language model workflows. It includes implementations for a wide range of AI topics such as computer vision, agent systems, federated learning, distributed systems, adversarial attacks, and generative AI. Many of the tutorials focus on building AI agents, multi-agent systems, and workflows that integrate language models with external tools or APIs. The codebase acts as a hands-on learning resource, allowing users to experiment with new frameworks, architectures, and machine learning workflows through guided examples. -
23
GRR
GRR Rapid Response, remote live forensics for incident response
...It consists of a python client (agent) that is installed on target systems, and python server infrastructure that can manage and talk to clients. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR client is deployed on systems that one might want to investigate. On every such system, once deployed, GRR client periodically polls GRR frontend servers for work. “Work” means running a specific action, downloading file, listing a directory, etc. GRR server infrastructure consists of several components (frontends, workers, UI servers, fleetspeak) and provides a web-based graphical user interface and an API endpoint that allows analysts to schedule actions on clients and view and process collected data. -
24
SSRFmap
Automatic SSRF fuzzer and exploitation tool
...It takes as input a Burp request file and a user-specified parameter to fuzz, enabling you to fast-track the identification of SSRF attack surfaces. It includes multiple exploitation “modules” for common SSRF-based attacks or pivoting techniques, such as DNS zone transfers, MySQL/Postgres command execution, Docker API info leaks, and network scans. Because SSRF often leads to lateral movement or internal network access, SSRFmap is especially useful for red-teamers and pentesters who want to explore chains rather than just the vulnerability surface. ... -
25
promptmap2
A security scanner for custom LLM applications
...The repository emphasizes broad coverage, including test rules for prompt stealing, jailbreaks, harmful content generation, hate-related outputs, social bias, and distraction attacks. It also supports multiple providers such as OpenAI, Anthropic, Google, xAI, and open-source models through Ollama, making it flexible for both commercial and local deployments.
