Offensive & Pentesting OSS tools — 9 tracked with release & CVE alerts

Prowler Healthy open source

Tool based on AWS-CLI commands for Amazon Web Services account security assessment and hardening.

pentest-ai Healthy open source

Offensive-security MCP server with 205 wrapped tools, 17 specialist agents, and 60 SPA-aware probes for OWASP Top 10. CLI + MCP, BYO LLM. No API key needed on MCP path.

cap Healthy open source

The privacy-first, self-hosted CAPTCHA for the modern web.

AI-Infra-Guard by Tencent Zhuque Lab Healthy open source

A full-stack AI Red Teaming platform securing AI ecosystems via OpenClaw Security Scan, Agent Scan, Skills Scan, MCP scan, AI Infra scan and LLM jailbreak evaluation.

sysreptor Healthy open source

A customizable and powerful penetration testing reporting platform for offensive security professionals. Simplify, customize, and automate your pentest reports with ease.

cyntrisec/cyntrisec-cli Healthy open source

Local-first AWS security analyzer that discovers attack paths and generates remediations using graph theory.

Stratus Red Team | DataDog Healthy open source

cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud

shellfirm Healthy open source

Safety guardrails for ai coding agents and human terminal commands

mitmproxy Healthy open source

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

Tools