tlsfuzzer - SSL and TLS protocol test suite and fuzzer

  •        107

Fuzzer and test suite for TLS (SSLv2, SSLv3, v1.0, v1.1, v1.2, v1.3) implementations. Early alpha version - thus no API stability guarantees.

https://github.com/tomato42/tlsfuzzer

Tags
Implementation
License
Platform

   




Related Projects

karate - Test Automation Made Simple

  •    Java

Karate is the only open-source tool to combine API test-automation, mocks, performance-testing and even UI automation into a single, unified framework. The BDD syntax popularized by Cucumber is language-neutral, and easy for even non-programmers. Assertions and HTML reports are built-in, and you can run tests in parallel for speed.

Software Automation Framework Support

  •    Java

Multiplatform data-driven test automation execution services

wolfssl - (formerly CyaSSL) is a small, fast, portable implementation of TLS/SSL for embedded devices to the cloud

  •    C

The wolfSSL embedded SSL library (formerly CyaSSL) is a lightweight SSL/TLS library written in ANSI C and targeted for embedded, RTOS, and resource-constrained environments - primarily because of its small size, speed, and feature set. It is commonly used in standard operating environments as well because of its royalty-free pricing and excellent cross platform support.

karate - Test Automation Made Simple

  •    Java

Karate is the only open-source tool to combine API test-automation, mocks, performance-testing and even UI automation into a single, unified framework. The BDD syntax popularized by Cucumber is language-neutral, and easy for even non-programmers. Powerful JSON & XML assertions are built-in, and you can run tests in parallel for speed.

vuls - Vulnerability scanner for Linux/FreeBSD, agentless, written in Go

  •    Go

For a system administrator, having to perform security vulnerability analysis and software update on a daily basis can be a burden. To avoid downtime in production environment, it is common for system administrator to choose not to use the automatic update option provided by package manager and to perform update manually. This leads to the following problems. Vuls is a tool created to solve the problems listed above. It has the following characteristics.


Audit Test Project

  •    C

audit-test is a test suite designed to provide automated testing for the light-weight audit framework that first appeared in the 2.6.4 kernel. It has been used regularly since RHEL4 and has most recently been updated for RHEL6.3 and SLES11. The test suite now covers functionality beyond audit and includes the automated tests required for the BSI OSPP, including labeled security and virtualization.

Linux Desktop Testing Project

  •    C

Linux Desktop Testing Project is aimed at producing high quality test automation framework (using GNOME / Python) and cutting-edge tools that can be used to test Linux Desktop and improve it. It uses the Accessibility libraries to poke through the application's user interface. We strive to help in building a quality desktop.

Nogotofail - Network Security Testing Tool

  •    Python

Nogotofail is a network security testing tool designed to help developers and security researchers spot and fix weak TLS/SSL connections and sensitive cleartext traffic on devices and applications in a flexible, scalable, powerful way. It includes testing for common SSL certificate verification issues, HTTPS and TLS/SSL library bugs, SSL and STARTTLS stripping issues, cleartext issues, and more.

Playwright is a framework for Web Testing and Automation. It allows testing Chromium, Firefox and WebKit with a single API

  •    Typescript

Playwright is a framework for Web Testing and Automation. It allows testing Chromium, Firefox and WebKit with a single API. Playwright is built to enable cross-browser web automation that is ever-green, capable, reliable and fast. Headless execution is supported for all the browsers on all platforms.

django-DefectDojo - DefectDojo is an open-source application vulnerability correlation and security orchestration tool

  •    Python

DefectDojo is a security program and vulnerability management tool. DefectDojo allows you to manage your application security program, maintain product and application information, schedule scans, triage vulnerabilities and push findings into defect trackers. Consolidate your findings into one source of truth with DefectDojo. Try out DefectDojo in our testing environment.

webdriverio - Next-gen WebDriver test automation framework for Node.js

  •    Javascript

WebdriverIO is a test automation framework that allows you to run tests based on the Webdriver protocol and Appium automation technology. It provides support for your favorite BDD/TDD test framework and will run your tests locally or in the cloud using Sauce Labs, BrowserStack or TestingBot. Check out our CONTRIBUTING.md to get started with setting up the repo. This repository is a development repository for the new version.

DeepFence - Identify vulnerabilities in running containers, images, hosts and repositories

  •    Go

Deepfence ThreatMapper helps you to monitor and secure your running applications, in Cloud, Kubernetes, Docker, and Fargate Serverless. ThreatMapper scans your platforms and identifies pods, containers, applications, and infrastructure. Use ThreatMapper to discover the topology of your applications and attack surface. It obtains manifests of dependencies from running pods and containers, serverless apps, applications, and operating system. ThreatMapper matches these against vulnerability feeds to identify vulnerable components.

EarlGrey - :tea: iOS UI Automation Test Framework

  •    Objective-C

EarlGrey is a native iOS UI automation test framework that enables you to write clear, concise tests.With the EarlGrey framework, you have access to enhanced synchronization features. EarlGrey automatically synchronizes with the UI, network requests, and various queues; but still allows you to manually implement customized timings, if needed.

fwanalyzer - a tool to analyze filesystem images for security

  •    Go

FwAnalyzer is a tool to analyze (ext2/3/4), FAT/VFat, SquashFS, UBIFS filesystem images, cpio archives, and directory content using a set of configurable rules. FwAnalyzer relies on e2tools for ext filesystems, mtools for FAT filesystems, squashfs-tools for SquashFS filesystems, and ubi_reader for UBIFS filesystems. cpio for cpio archives. SELinux/Capability support for ext2/3/4 images requires a patched version of e2tools. SELinux/Capability support for SquashFS images requires a patched version of squashfs-tools. The main idea of FwAnalyzer is to provide a tool for rapid analysis of filesystem images as part of a firmware security Q&A check suite. FwAnalyzer takes a configuration file that defines various rules for files and directories and runs the configured checks against a given filesystem image. The output of FwAnalyzer is a report, which contains the list of files that violate any of the rules specified in the configuration. The report further contains meta information about the filesystem image and, if configured, information extracted from files within the analyzed filesystem. The report is formatted using JSON so it can be easily integrated as a step in a larger analysis.

UI Automation Verify (UIA Verify) Test Automation Framework

  •    

UIA Verify is a test automation framework that features the User Interface Automation Test Library (UIA Test Library) and Visual UI Automation Verify (Visual UIA Verify), the graphical user interface tool. The framework facilitates manual and automated testing of the Microsoft...

mountebank - Over the wire test doubles

  •    HTML

In fact, halfway through we discovered our corporate mocking software couldn’t handle the sheer amount of performance testing we were running as part of this effort (we completely crushed some pretty industrial enterprise software in the process). As a result, we made the call to move the entire program over to a Mountebank OSS-based solution with a custom provision to give us the ability to expand/shrink our mocking needs on demand. mountebank is the first open source tool to provide cross-platform, multi-protocol test doubles over the wire. Just point your application to mountebank instead of the real dependency, and test like you would with traditional stubs and mocks.

Watcher: Web security testing tool and passive vulnerability scanner

  •    

A Fiddler plugin that passively checks web application's for a variety of security issues. Watcher acts as assistant to the web developer, tester, or security auditor, by quickly identifying real issues and hot-spots that commonly lead to security problems in web apps.






We have large collection of open source products. Follow the tags from Tag Cloud >>


Open source products are scattered around the web. Please provide information about the open source projects you own / you use. Add Projects.