🔒SecurityRepoIndex

All Tools

205 cybersecurity tools reviewed and catalogued

PentestGPT

PythonMIT

3.9

LLM-driven pentesting copilot that chains reasoning steps with offensive tools through a REPL interface

3,500 starsReconnaissance / Vulnerability Analysis / Exploitation
AgentsAgentsLLM

SecGPT

PythonApache-2.0

3.9

Security-dense RAG-augmented LLM that answers infosec questions, analyzes logs, and assists incident response

2,800 starsDetection / Analysis
AgentsAgentsLLM

ThreatGPT

PythonMIT

4.0

NLP pipeline that turns unstructured threat reports into structured IOCs and ATT&CK-mapped TTPs

2,500 starsIntelligence / Detection
AgentsAgentsLLM

SecLLM

PythonMIT

3.9

Fine-tuned open LLM purpose-built for vulnerability analysis and malware-behavior descriptions

3,200 starsAnalysis / Intelligence
AgentsAgentsLLM

DeepExploit

PythonMIT

3.7

Research framework that applies deep reinforcement learning to learn multi-step attack chains

2,200 starsResearch / Exploitation modelling
AgentsAgentsLLM

AutoPwn

PythonMIT

3.6

LLM-driven exploit-chaining agent that tries to go from scan input to a proven exploit

1,100 starsExploitation / Lateral Movement
AgentsAgentsLLM

Agentic Security Scanner

PythonMIT

3.6

Multi-agent AI system for vulnerability discovery

850 starsMultiple
AgentsAgentsLLM

AI Threat Hunter

PythonMIT

3.6

LLM agent for automated threat hunting

1,300 starsMultiple
AgentsAgentsLLM

AutoRecon AI

PythonMIT

3.6

AI reconnaissance that learns from past pentests

950 starsMultiple
AgentsAgentsLLM

PentAgent

PythonMIT

3.6

Autonomous AI agent for pentesting

750 starsMultiple
AgentsAgentsLLM

RedAgent

PythonMIT

3.6

Adversary simulation via AI

680 starsMultiple
AgentsAgentsLLM

VulnBot

PythonMIT

3.6

Chatbot for security questions

600 starsMultiple
AgentsAgentsLLM

HAL Terminal

JavaScriptMIT

3.6

AI terminal for security commands

1,500 starsMultiple
AgentsAgentsLLM

Nuclei AI

GoMIT

3.7

Auto-generates nuclei templates from CVE descriptions

2,100 starsMultiple
AgentsAgentsLLM

HawkEye

PythonMIT

3.6

AI security monitoring with classification

900 starsMultiple
AgentsAgentsLLM

ExploitGen

PythonMIT

3.6

LLM generates exploits from CVE descriptions

700 starsMultiple
AgentsAgentsLLM

ExploitAI

PythonMIT

3.6

AI generates exploits from CVE details

650 starsMultiple
AgentsAgentsLLM

AutoSploit

PythonMIT

4.0

AI automated exploit framework with target analysis

5,200 starsMultiple
Offensive SecurityExploitationOpen Source

AISecurity MCP

PythonMIT

3.6

MCP server connecting LLMs to security tools

900 starsMultiple
AgentsAgentsLLM

Pentest Wizard

PythonMIT

3.7

Guides pentesters through methodology

1,600 starsMultiple
AgentsAgentsLLM

VulnLLM

PythonMIT

3.6

LLM for source code vulnerability detection

780 starsMultiple
AgentsAgentsLLM

AgentOps Security

PythonMIT

3.6

AI agent operations monitoring

700 starsMultiple
AgentsAgentsLLM

AutoAudit

PythonMIT

3.6

Automated compliance audit with AI

850 starsMultiple
AgentsAgentsLLM

BlueAgent

PythonMIT

3.6

Defensive AI agent for SOC triage

550 starsMultiple
AgentsAgentsLLM

AI Scanner Pro

PythonMIT

3.6

AI vulnerability scanner

1,100 starsMultiple
AgentsAgentsLLM

Security Copilot OSS

MultipleMIT

3.7

Open-source alternative to MS Security Copilot

1,800 starsMultiple
AgentsAgentsLLM

Agentic Recon

PythonMIT

3.6

Multi-agent autonomous reconnaissance

720 starsMultiple
AgentsAgentsLLM

VulnPredict

PythonMIT

3.5

ML model predicting exploited CVEs

480 starsMultiple
AgentsAgentsLLM

SecOps AI

PythonMIT

3.6

AI agent for SOC workflows

1,400 starsMultiple
AgentsAgentsLLM

PenTest AI

PythonMIT

3.6

End-to-end AI pentesting platform

980 starsMultiple
AgentsAgentsLLM

AutoHunt

PythonMIT

3.6

AI threat hunting across endpoints, network, cloud

600 starsMultiple
AgentsAgentsLLM

CyberAgent

PythonMIT

3.6

General-purpose security AI admin

850 starsMultiple
AgentsAgentsLLM

ReconGPT

PythonMIT

3.6

AI assistant for OSINT and recon

700 starsMultiple
AgentsAgentsLLM

ExploitComposer

PythonMIT

3.6

Composes multi-step exploits

520 starsMultiple
AgentsAgentsLLM

Security LLM Agent

PythonMIT

3.6

LLM agent with security tools

1,100 starsMultiple
AgentsAgentsLLM

AI Compliance Agent

PythonMIT

3.6

Maps controls to compliance frameworks

650 starsMultiple
AgentsAgentsLLM

Glisto

PythonMIT

3.6

AI agent for automated testing

800 starsMultiple
AgentsAgentsLLM

PentestCopilot

PythonMIT

3.6

AI copilot for pentesting

1,200 starsMultiple
AgentsAgentsLLM

DeepVuln

PythonMIT

3.6

Deep learning for vulnerable code

580 starsMultiple
AgentsAgentsLLM

SecBreach

PythonMIT

3.5

AI breach simulation

420 starsMultiple
AgentsAgentsLLM

Metasploit Framework

RubyBSD-3-Clause

4.6

The de-facto exploitation framework — a massive library of payloads and exploit modules with a consistent console

38,554 starsExploitation / Post-Exploitation
Offensive SecurityExploitationOpen Source

SQLMap

PythonGPL-2.0

4.5

The standard, automatic SQL injection exploitation tool — detect, fingerprint and dump databases through a vulnerable parameter

37,862 starsInitial Access / Exploitation
Offensive SecurityExploitationOpen Source

Nuclei

GoMIT

4.7

Template-driven vulnerability scanner that fires thousands of community-maintained checks against live hosts in minutes

29,704 starsVulnerability Analysis / Initial Access recon
Offensive SecurityVulnerability ScannerOpen Source

Burp Suite Community

JavaProprietary (free tier)

4.5

The free edition of the industry-standard web pentest proxy — manual intercept, repeater and intruder (throttled) for hands-on testing

0 starsVulnerability Analysis
Offensive SecurityWeb ScanningFree

Impacket

PythonMIT

4.9

Python network protocol classes

14,000 starsMultiple
Offensive SecurityExploitationOpen Source

BloodHound

GoApache-2.0

4.8

Maps Active Directory attack paths so you can see — and prove — how a low-priv user becomes Domain Admin

3,183 starsPrivilege Escalation / Lateral Movement / Domain Dominance
Offensive SecurityActive DirectoryOpen Source

Social Engineer Toolkit

PythonMIT

5.0

Social engineering framework

28,000 starsMultiple
Offensive SecurityExploitationOpen Source

Gophish

PythonMIT

4.7

Phishing simulation platform

12,000 starsMultiple
Offensive SecurityExploitationOpen Source

Amass

GoApache-2.0

4.4

OWASP\'s attack-surface mapping tool — passive, active and brute-force enumeration of an organization\'s external footprint

14,823 starsReconnaissance
ReconnaissanceOpen SourceFree

Dirsearch

PythonMIT

4.7

Web path brute-forcer

12,000 starsMultiple
Offensive SecurityExploitationOpen Source

BetterCAP

C/PythonMIT

5.0

Network Swiss army knife

15,000 starsMultiple
Offensive SecurityExploitationOpen Source

CrackMapExec

PythonMIT

4.5

Post-exploitation AD tool

10,000 starsMultiple
Offensive SecurityExploitationOpen Source

Atomic Red Team

PythonMIT

4.5

Library of 2000+ ATT&CK tests

10,000 starsMultiple
Offensive SecurityExploitationOpen Source

ffuf

GoMIT

4.7

Fast web fuzzer

12,000 starsMultiple
Offensive SecurityExploitationOpen Source

Gobuster

GoMIT

4.5

Directory/DNS brute-forcer

9,500 starsMultiple
Offensive SecurityExploitationOpen Source

Subfinder

GoMIT

4.5

Fast passive subdomain enumeration across dozens of OSINT sources — the quick way to expand a target\'s scope

13,987 starsReconnaissance
ReconnaissanceOpen SourceFree

HTTPx

GoMIT

4.2

HTTP prober

7,500 starsMultiple
Offensive SecurityExploitationOpen Source

Feroxbuster

GoMIT

4.1

Rust directory brute-forcer

6,000 starsMultiple
Offensive SecurityExploitationOpen Source

ReconFTW

PythonMIT

4.1

Automated reconnaissance pipeline

6,000 starsMultiple
Offensive SecurityExploitationOpen Source

Evilginx2

PythonMIT

4.6

MITM phishing framework

11,000 starsMultiple
Offensive SecurityExploitationOpen Source

Caldera

PythonMIT

4.0

Adversary emulation platform

5,200 starsMultiple
Offensive SecurityExploitationOpen Source

Sn1per

PythonMIT

4.3

Automated recon scanner

8,000 starsMultiple
Offensive SecurityExploitationOpen Source

Osmedeus

PythonMIT

4.0

Offensive security framework

5,500 starsMultiple
Offensive SecurityExploitationOpen Source

Trivy

GoApache-2.0

4.6

A single scanner for vulnerabilities, misconfigurations, secrets and SBOM across containers, filesystems, IaC and clouds

36,866 starsVulnerability Management / Supply Chain
Cloud SecurityContainer SecurityOpen Source

Commix

PythonMIT

3.9

Automated command injection

4,000 starsMultiple
Offensive SecurityExploitationOpen Source

XSSer

C/PythonMIT

3.8

Automated XSS detection

2,500 starsMultiple
Offensive SecurityExploitationOpen Source

Weevely3

PythonMIT

3.8

PHP web shell

3,100 starsMultiple
Offensive SecurityExploitationOpen Source

Pupy

PythonMIT

4.4

Cross-platform RAT

9,000 starsMultiple
Offensive SecurityExploitationOpen Source

Merlin

GoMIT

4.0

HTTP/2 C2 agent

5,500 starsMultiple
Offensive SecurityExploitationOpen Source

Sliver

C/PythonMIT

4.3

Multi-user implant framework

8,000 starsMultiple
Offensive SecurityExploitationOpen Source

Havoc

PythonMIT

4.2

Modern post-exploitation framework

7,000 starsMultiple
Offensive SecurityExploitationOpen Source

Mythic

PythonMIT

4.0

Collaborative red team framework

4,500 starsMultiple
Offensive SecurityExploitationOpen Source

Invoke-Mimikatz

PythonMIT

3.9

PowerShell credential extraction

3,500 starsMultiple
Offensive SecurityExploitationOpen Source

Modlishka

PythonMIT

4.0

Reverse proxy phishing

5,000 starsMultiple
Offensive SecurityExploitationOpen Source

King Phisher

C/PythonMIT

3.8

Phishing campaign tool

2,500 starsMultiple
Offensive SecurityExploitationOpen Source

BeEF

PythonMIT

4.5

Browser exploitation framework

10,000 starsMultiple
Offensive SecurityExploitationOpen Source

Rubeus

PythonMIT

4.2

Kerberos abuse toolkit

6,500 starsMultiple
Offensive SecurityExploitationOpen Source

SharpHound

PythonMIT

3.9

BloodHound data collector

3,800 starsMultiple
Offensive SecurityExploitationOpen Source

Certipy

PythonMIT

3.7

AD CS exploitation tool

1,800 starsMultiple
Offensive SecurityExploitationOpen Source

Kerbrute

PythonMIT

3.8

Kerberos brute-forcing

2,500 starsMultiple
Offensive SecurityExploitationOpen Source

Responder

PythonMIT

3.9

LLMNR/NBT-NS poisoner

3,500 starsMultiple
Offensive SecurityExploitationOpen Source

Ettercap

C/PythonMIT

3.9

Man-in-the-middle suite

4,000 starsMultiple
Offensive SecurityExploitationOpen Source

Armitage

C/PythonMIT

4.0

Metasploit GUI

5,000 starsMultiple
Offensive SecurityExploitationOpen Source

Faraday

PythonMIT

4.0

Collaborative pentest platform

5,500 starsMultiple
Offensive SecurityExploitationOpen Source

Naabu

GoMIT

4.0

Fast port scanner

4,500 starsMultiple
Offensive SecurityExploitationOpen Source

Katana

GoMIT

3.9

Web crawling framework

3,500 starsMultiple
Offensive SecurityExploitationOpen Source

Gau

GoMIT

3.9

URL fetcher from Wayback Machine

4,000 starsMultiple
Offensive SecurityExploitationOpen Source

Waybackurls

GoMIT

3.9

Wayback Machine URL fetcher

3,500 starsMultiple
Offensive SecurityExploitationOpen Source

Findomain

GoMIT

3.6

Subdomain finder

1,500 starsMultiple
Offensive SecurityExploitationOpen Source

Assetfinder

GoMIT

3.7

Subdomain finder

2,000 starsMultiple
Offensive SecurityExploitationOpen Source

Shuffledns

GoMIT

3.8

MassDNS wrapper

3,000 starsMultiple
Offensive SecurityExploitationOpen Source

DNSX

GoMIT

3.8

DNS toolkit

2,500 starsMultiple
Offensive SecurityExploitationOpen Source

AlterX

GoMIT

3.6

Subdomain permutation generator

1,000 starsMultiple
Offensive SecurityExploitationOpen Source

ParamSpider

PythonMIT

3.8

Parameter mining tool

2,500 starsMultiple
Offensive SecurityExploitationOpen Source

GF-Patterns

PythonMIT

3.7

Greppable patterns

2,000 starsMultiple
Offensive SecurityExploitationOpen Source

CORStest

PythonMIT

3.5

CORS misconfiguration scanner

400 starsMultiple
Offensive SecurityExploitationOpen Source

Smuggler

PythonMIT

3.8

HTTP request smuggling tester

3,000 starsMultiple
Offensive SecurityExploitationOpen Source

Turbo Intruder

PythonMIT

4.1

High-speed HTTP fuzzer

6,000 starsMultiple
Offensive SecurityExploitationOpen Source

Autorize

PythonMIT

3.8

Authorization testing Burp ext

2,500 starsMultiple
Offensive SecurityExploitationOpen Source

Param Miner

PythonMIT

3.7

Unhidden parameter discovery Burp ext

2,000 starsMultiple
Offensive SecurityExploitationOpen Source

SecretFinder

PythonMIT

3.9

Secret finder in JavaScript

4,000 starsMultiple
Offensive SecurityExploitationOpen Source

LinkFinder

PythonMIT

3.9

JS endpoint extractor

3,500 starsMultiple
Offensive SecurityExploitationOpen Source

Retire.js

JavaScriptMIT

3.9

Vulnerable JS library scanner

3,500 starsMultiple
Offensive SecurityExploitationOpen Source

CyberGPT

PythonMIT

3.6

LLM cybersecurity assistant

1,200 starsMultiple
AgentsAgentsLLM

SecOpilot

PythonMIT

3.6

AI agent for SecOps automation

900 starsMultiple
AgentsAgentsLLM

ThreatMind

PythonMIT

3.6

AI threat modeling with attack paths

750 starsMultiple
AgentsAgentsLLM

AI Vuln Scanner

PythonMIT

3.6

LLM source code vuln scanner

1,100 starsMultiple
AgentsAgentsLLM

PentestAgent

PythonMIT

3.6

AI web app pentest agent

650 starsMultiple
AgentsAgentsLLM

Agentic SOC

PythonMIT

3.6

Multi-agent SOC automation

850 starsMultiple
AgentsAgentsLLM

AutoSOC

PythonMIT

3.6

AI SOC triage and response

700 starsMultiple
AgentsAgentsLLM

AgentSec

PythonMIT

3.6

AI security code review

600 starsMultiple
AgentsAgentsLLM

SecurityRAG

PythonMIT

3.6

RAG security knowledge base

550 starsMultiple
AgentsAgentsLLM

AI Pentester

PythonMIT

3.6

AI automated pentesting

900 starsMultiple
AgentsAgentsLLM

AgentForce Security

PythonMIT

3.6

Security automation framework

650 starsMultiple
AgentsAgentsLLM

SecChat

PythonMIT

3.5

Chat security assistant

500 starsMultiple
AgentsAgentsLLM

AutoPentest

PythonMIT

3.6

AI pentest reporting

750 starsMultiple
AgentsAgentsLLM

AI SOC Agent

PythonMIT

3.6

AI alert investigation

800 starsMultiple
AgentsAgentsLLM

ThreatAgent

PythonMIT

3.6

AI threat intel analysis

700 starsMultiple
AgentsAgentsLLM

VulnAgent

PythonMIT

3.6

AI vulnerability management

600 starsMultiple
AgentsAgentsLLM

AIWaf

MultipleMIT

3.6

AI-powered WAF for attack detection

550 starsMultiple
AgentsAgentsLLM

ComplianceAgent

PythonMIT

3.5

AI compliance mapping

450 starsMultiple
AgentsAgentsLLM

AuditGPT

PythonMIT

3.6

AI security audit

600 starsMultiple
AgentsAgentsLLM

PentestReportGPT

PythonMIT

3.5

AI pentest report generator

500 starsMultiple
AgentsAgentsLLM

VulnChat

PythonMIT

3.5

Chatbot for vuln discussion

400 starsMultiple
AgentsAgentsLLM

SecurityAdvisor AI

PythonMIT

3.5

AI security architecture advisor

450 starsMultiple
AgentsAgentsLLM

AgentNet Security

PythonMIT

3.6

Multi-agent security monitoring

550 starsMultiple
AgentsAgentsLLM

AutoThreat

PythonMIT

3.6

Automated threat detection

600 starsMultiple
AgentsAgentsLLM

AgentAI Security

PythonMIT

3.5

General security AI

500 starsMultiple
AgentsAgentsLLM

VulnAdvisor

PythonMIT

3.5

AI vuln prioritization advisor

400 starsMultiple
AgentsAgentsLLM

AutoExploit

PythonMIT

3.6

AI automated exploitation

650 starsMultiple
AgentsAgentsLLM

ExploitAdvisor

PythonMIT

3.5

AI exploit technique advisor

350 starsMultiple
AgentsAgentsLLM

AI Incident Response

PythonMIT

3.6

AI IR automation

700 starsMultiple
AgentsAgentsLLM

AgenticSec

PythonMIT

3.6

Agentic security platform

600 starsMultiple
AgentsAgentsLLM

AutoRemediate

PythonMIT

3.6

AI vuln remediation

550 starsMultiple
AgentsAgentsLLM

SecurityBot AI

PythonMIT

3.5

AI chatbot for security

500 starsMultiple
AgentsAgentsLLM

AgenticCloud Security

PythonMIT

3.5

AI cloud security assessment

450 starsMultiple
AgentsAgentsLLM

Agentic pentest agent

PythonMIT

3.5

Agentic AI for autonomous pentesting

500 starsMultiple
AgentsAgentsLLM

SecurityCopilot OSS

MultipleMIT

3.7

Open-source MS Security Copilot alt

1,800 starsMultiple
AgentsAgentsLLM

Wazuh

C++GPL-2.0

4.3

Open-source XDR and SIEM that does agent-based threat detection, integrity monitoring and compliance across endpoints, containers and cloud

16,075 starsDetection & Response
Defensive SecuritySIEMOpen Source

Security Onion

PythonMIT

3.9

Free IDS/NSM distro

3,500 starsMultiple
Defensive SecuritySIEMOpen Source

Elastic SIEM

MultipleMIT

3.6

SIEM on Elastic Stack

600 starsMultiple
Defensive SecuritySIEMOpen Source

OpenCTI

MultipleMIT

4.2

Threat intelligence platform

7,000 starsMultiple
Defensive SecuritySIEMOpen Source

MISP

MultipleMIT

4.0

Threat intel sharing platform

5,500 starsMultiple
Defensive SecuritySIEMOpen Source

Velociraptor

GoAGPL-3.0

4.6

Endpoint visibility and DFIR at scale using VQL — query live hosts and hunt across a fleet in one language

4,070 starsDetection / Response / IR
Offensive SecurityDFIROpen Source

Grafana Loki

MultipleMIT

3.8

Log aggregation for monitoring

2,500 starsMultiple
Defensive SecuritySIEMOpen Source

Sigma HQ

PythonMIT

4.3

SIEM-agnostic detection rules

8,500 starsMultiple
Defensive SecuritySIEMOpen Source

Suricata

C/PythonMIT

4.0

High-performance IDS/IPS

5,000 starsMultiple
Defensive SecuritySIEMOpen Source

Snort

C++GPL-2.0

4.2

The original open-source network intrusion detection system — signature-based packet analysis with a rule language the industry learned on

3,379 starsDetection
Defensive SecurityIDS/IPSNetwork Analysis

Zeek

C/PythonMIT

3.9

Network analysis framework

3,500 starsMultiple
Defensive SecuritySIEMOpen Source

Arkime

MultipleMIT

3.8

Packet capture and search

3,000 starsMultiple
Defensive SecuritySIEMOpen Source

Graylog

MultipleMIT

3.8

Open-source log management

2,500 starsMultiple
Defensive SecuritySIEMOpen Source

Shuffle

MultipleMIT

3.7

Open-source SOAR platform

2,000 starsMultiple
Defensive SecuritySIEMOpen Source

DFIR IRIS

MultipleMIT

3.6

IR investigation platform

1,500 starsMultiple
Defensive SecuritySIEMOpen Source

Prowler

PythonMIT

4.4

Cloud security assessment

9,000 starsMultiple
Cloud SecurityOpen Source

ScoutSuite

PythonMIT

4.2

Multi-cloud security audit

6,500 starsMultiple
Cloud SecurityOpen Source

Checkov

PythonMIT

4.2

IaC security scanner

7,000 starsMultiple
Cloud SecurityOpen Source

KICS

PythonMIT

3.8

IaC security scanner by Checkmarx

2,500 starsMultiple
Cloud SecurityOpen Source

Falco

C/PythonMIT

4.2

Runtime security for containers

7,500 starsMultiple
Cloud SecurityOpen Source

Kube-Bench

MultipleMIT

4.2

CIS K8s Benchmark scanner

7,000 starsMultiple
Cloud SecurityOpen Source

Kube-Hunter

MultipleMIT

4.0

Kubernetes pentest tool

4,500 starsMultiple
Cloud SecurityOpen Source

Cloud Custodian

PythonMIT

4.0

Cloud compliance as code

5,500 starsMultiple
Cloud SecurityOpen Source

Semgrep

PythonMIT

4.7

Static analysis for 30+ languages

12,000 starsMultiple
Offensive SecurityOpen Source

OWASP ZAP

JavaApache-2.0

4.4

The open-source web app security scanner (DAST) — proxy, spider, active/passive scanning and a baseline you can CI

15,391 starsVulnerability Analysis
Offensive SecurityWeb ScanningOpen Source

SonarQube Community

MultipleMIT

4.5

Code quality and security

10,000 starsMultiple
Offensive SecurityOpen Source

Bandit

PythonMIT

4.2

Python security linter

6,500 starsMultiple
Offensive SecurityOpen Source

ESLint Security

JavaScriptMIT

3.9

JS security analysis

4,000 starsMultiple
Offensive SecurityOpen Source

FindSecBugs

PythonMIT

3.9

Java security audit plugin

3,500 starsMultiple
Offensive SecurityOpen Source

Nikto

C/PythonMIT

4.4

Web server scanner

9,000 starsMultiple
Offensive SecurityOpen Source

Autopsy

PythonMIT

3.8

Digital forensics platform

3,000 starsMultiple
Offensive SecurityOpen Source

Sleuth Kit

C/PythonMIT

3.8

File system analysis tools

2,500 starsMultiple
Offensive SecurityOpen Source

Volatility

PythonGPL-2.0

4.3

The open-source memory forensics framework — analyze a RAM dump to reveal what was actually running

8,042 starsIR / DFIR
Offensive SecurityDFIRMalware Analysis

RegRipper

PythonMIT

3.6

Windows registry analysis

1,500 starsMultiple
Offensive SecurityOpen Source

Bulk Extractor

C/PythonMIT

3.6

Extract emails, URLs, CCs from disk images

1,200 starsMultiple
Offensive SecurityOpen Source

Log2Timeline

PythonMIT

3.7

Super timeline creation

2,000 starsMultiple
Offensive SecurityOpen Source

Timesketch

MultipleMIT

3.8

Collaborative timeline analysis

2,500 starsMultiple
Offensive SecurityOpen Source

Redline

PythonMIT

3.6

Free IR endpoint triage

1,500 starsMultiple
Offensive SecurityOpen Source

OpenSCAP

C/PythonMIT

3.6

NIST-certified SCAP scanner

1,500 starsMultiple
GRC & ComplianceOpen Source

Inspec

PythonMIT

3.7

Infrastructure compliance as code

2,000 starsMultiple
GRC & ComplianceOpen Source

Recon-ng

PythonMIT

3.9

Web recon framework 100+ modules

4,000 starsMultiple
ReconnaissanceNetwork AnalysisOpen Source

theHarvester

PythonMIT

4.7

Email, subdomain, name recon

12,000 starsMultiple
ReconnaissanceNetwork AnalysisOpen Source

Sublist3r

PythonMIT

4.5

Fast subdomain enumeration

10,000 starsMultiple
ReconnaissanceNetwork AnalysisOpen Source

Altdns

PythonMIT

3.9

Subdomain permutation tool

3,500 starsMultiple
ReconnaissanceNetwork AnalysisOpen Source

MassDNS

PythonMIT

3.8

High-performance DNS resolver

3,000 starsMultiple
ReconnaissanceNetwork AnalysisOpen Source

Ghidra

PythonMIT

4.0

NSA reverse engineering tool

5,000 starsMultiple
Offensive SecurityOpen Source

Radare2

PythonMIT

4.0

Framework for reverse engineering

4,500 starsMultiple
Offensive SecurityOpen Source

YARA

C/PythonMIT

4.3

Pattern matching for malware researchers

8,000 starsMultiple
Offensive SecurityOpen Source

Capa

PythonMIT

3.9

Automated capability detection for malware

4,000 starsMultiple
Offensive SecurityOpen Source

MalwareBazaar

PythonMIT

3.6

Share and search malware samples

1,500 starsMultiple
Offensive SecurityOpen Source

Cuckoo Sandbox

PythonMIT

3.9

Automated malware analysis sandbox

3,500 starsMultiple
Offensive SecurityOpen Source

VirusTotal CLI

PythonMIT

3.6

Command-line interface to VirusTotal

1,200 starsMultiple
Offensive SecurityOpen Source

Let's Encrypt

C/PythonMIT

3.9

Free TLS certificates for everyone

4,000 starsMultiple
GRC & ComplianceOpen Source

OpenVAS

C/PythonMIT

3.9

Open-source vulnerability scanner

4,000 starsMultiple
Defensive SecuritySIEMOpen Source

Nessus Essentials

PythonMIT

3.5

Industry-standard vulnerability scanner

0 starsMultiple
Defensive SecuritySIEMOpen Source

Wapiti

PythonMIT

3.7

Black-box web app scanner

2,000 starsMultiple
Offensive SecurityOpen Source

Skipfish

C/PythonMIT

3.8

Web app security scanner

2,500 starsMultiple
Offensive SecurityOpen Source

CloudSploit

JavaScriptMIT

3.8

Cloud security and config assessment

3,000 starsMultiple
Cloud SecurityOpen Source

OSCAL

PythonMIT

3.5

Open security controls assessment language

500 starsMultiple
GRC & ComplianceOpen Source

Nuclei Templates

PythonMIT

4.4

Community-driven vulnerability templates

9,000 starsMultiple
Offensive SecurityExploitationOpen Source

Metasploit Modules

PythonMIT

3.5

Community Metasploit modules

500 starsMultiple
Offensive SecurityExploitationOpen Source

FuzzDB

PythonMIT

3.9

Wordlist and payload database for fuzzing

4,000 starsMultiple
Offensive SecurityExploitationOpen Source

CrewAI

PythonMIT

4.4

Production-grade orchestration framework for role-based multi-agent systems — agents collaborate, delegate, and execute complex workflows

45,000 starsResearch / Multi-agent orchestration
AgentsAgentsLLM

AutoGen

PythonMIT

4.3

Microsoft's framework for building multi-agent conversational systems where agents chat, code, and negotiate solutions together

50,000 starsResearch / Multi-agent code execution
AgentsAgentsLLM

LangGraph

PythonMIT

4.2

Graph-based agent runtime for building stateful, multi-step workflows with cycles, branching, and human-in-the-loop

15,000 starsResearch / Complex agent workflows
AgentsAgentsLLM

Smolagents

PythonApache-2.0

4.1

HuggingFace's minimal agent framework that runs Code Agents — agents that plan by writing and executing Python, not by calling tools

12,000 starsResearch / Lightweight code agents
AgentsAgentsLLM

Pydantic-AI

PythonMIT

4.0

Type-safe, Pydantic-native agent framework that gives you fully typed inputs/outputs, structured outputs, and built-in observability

10,000 starsResearch / Type-safe agent development
AgentsAgentsLLM