Offensive & Pentesting OSS tools — 8 tracked with release & CVE alerts

Prowler Healthy open source

Tool based on AWS-CLI commands for Amazon Web Services account security assessment and hardening.

pentest-ai Healthy open source

Offensive-security MCP server with 205 wrapped tools, 17 specialist agents, and 60 SPA-aware probes for OWASP Top 10. CLI + MCP, BYO LLM. No API key needed on MCP path.

AI-Infra-Guard by Tencent Zhuque Lab Healthy open source

A full-stack AI Red Teaming platform securing AI ecosystems via OpenClaw Security Scan, Agent Scan, Skills Scan, MCP scan, AI Infra scan and LLM jailbreak evaluation.

Stratus Red Team | DataDog Healthy open source

cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud

mitmproxy Healthy open source

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

NullSec Linux At Risk open source

Security-focused Linux distribution with 140+ pre-installed forensic and offensive security tools, custom hardened kernel, and integrated incident response workflows.

Anubis At Risk open source

Web AI firewall utility which protects upstream resources from scraper bots.

Lonkero At Risk open source

Lonkero - Wraps around your attack surface. Professional-grade scanner for real penetration testing. Fast. Modular. Rust.

Tools