Open Source Mac Software Testing Tools
Sort By:
Software Testing Tools for Mac
View 50 business solutionsBrowse free open source Software Testing tools and projects for Mac below. Use the toggles on the left to filter open source Software Testing tools by OS, license, language, programming language, and project status.
-
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
Get Avast Free Antivirus with 24/7 AI-powered online scam detectionAward-winning antivirus protection, as well as protection against online scams, dangerous Wi-Fi connections, hacked accounts, and ransomware. It includes Avast Assistant, your built-in AI partner, which gives you help with suspicious online messages, offers, and more.
-
1
C Unit Testing Framework
Automated testing framework for C'
Automated testing framework for 'C'. -
2
TestLink
Test & requirements management
TestLink is a web based Test Management tool. The application provides Test specification, Test plans and execution, Reporting, Requirements specification and collaborate with well-known bug trackers. Repository: https://github.com/TestLinkOpenSourceTRMS -
3
tracetest
Build integration and end-to-end tests in minutes
Tracetest is a trace-based testing tool for integration and end-to-end testing using OpenTelemetry traces. Verify end-to-end transactions and side effects across microservices & event-driven apps by using trace data as test specs. Cypress and Selenium are constrained by using the browser for testing. Tracetest bypasses this entirely by using your existing OpenTelemetry instrumentation and trace data to run tests and assertions against traces in every step of a request transaction. -
4
Trivy
Find vulnerabilities, misconfigurations, secrets, SBOM in containers
Trivy is the most popular open source security scanner, reliable, fast, and easy to use. Use Trivy to find vulnerabilities & IaC misconfigurations, SBOM discovery, Cloud scanning, Kubernetes security risks,and more. Trivy is praised by professionals from organizations worldwide. Are you a Trivy fan as well? We’d love to hear from you! Trivy detects vulnerabilities from a wide array of operating systems and programming languages, across different versions, and vulnerability sources. Detect common misconfigurations with Trivy, using the same familiar tool and workflow that you already have in place for vulnerabilities. Trivy scans Terraform, CloudFormation, Docker, Kubernetes, and many other IaC configuration files for security issues right alongside vulnerabilities. Trivy IaC is brought to you by the team behind the popular tfsec project. Trivy is a single binary with no dependencies! There’s no database to maintain, no external tools it relies on, no runtime requirements whatsoever. -
Gen AI apps are built with MongoDB AtlasMongoDB Atlas is the developer-friendly database used to build, scale, and run gen AI and LLM-powered apps—without needing a separate vector database. Atlas offers built-in vector search, global availability across 115+ regions, and flexible document modeling. Start building AI apps faster, all in one place.
-
5
DrJava
A lightweight programming environment for Java
DrJava is a lightweight programming environment for Java designed to foster test-driven software development. It includes an intelligent program editor, an interactions pane for evaluating program text, a source level debugger, and a unit testing tool. -
6
Reactotron
Desktop app for inspecting your React JS and React Native projects
Reactotron is a macOS, Windows, and Linux app for inspecting your React JS and React Native apps. View your application state, show API requests & responses, perform quick performance benchmarks, subscribe to parts of your application state, display messages similar to console.log, track global errors with source-mapped stack traces including saga stack traces! You can dispatch actions like a government-run mind control experiment, hot swap your app's state using Redux or mobx-state-tree, track your sagas, show image overlay in React Native, track your Async Storage in React Native, etc. You plug it into your app as a dev dependency so it adds nothing to your product builds. Reactotron, as an open source project, is free to use and always will be. -
7
SoapUI
SoapUI is a free and open source cross-platform functional testing
SoapUI is the world's leading testing tool for API testing. See the SoapUI website to learn more. By downloading our software, you agree to our license and privacy policy. Automate and fit API testing into your team’s continuous delivery pipeline with the next-generation tool built for validation of REST, SOAP, GraphQL, microservices, and other back-end services. This is for developers and testers looking to accelerate their ability to deliver REST, SOAP, and GraphQL APIs. SoapUI Open Source is the simplest and easiest way to begin your API testing journey. APIs, or Application Programming Interfaces, have become the center of software development, connecting and transferring data and logic across disparate systems and applications. Luckily, testing them can greatly improve the efficiency of your testing strategy as a whole, helping you deliver software faster than ever. -
8
ZAP
The OWASP ZAP core project
The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by a dedicated international team of volunteers. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. It's also a great tool for experienced pentesters to use for manual security testing. ZAP is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. It stands between the tester’s browser and the web application so that it can intercept and inspect messages sent between browser and web application. -
9
Conftest
Write tests against structured configuration data
Conftest is a utility to help you write tests against structured configuration data. For instance, you could write tests for your Kubernetes configurations, Tekton pipeline definitions, Terraform code, Serverless configs, or any other structured data. Conftest relies on the Rego language from Open Policy Agent for writing policies. If you're unsure what exactly a policy is, or unfamiliar with the Rego policy language, the Policy Language documentation provided by the Open Policy Agent documentation site is a great resource to read. -
Picsart Enterprise Background Removal API for Stunning eCommerce VisualsWith our Remove Background API tool, you can access the transformative capabilities of automation , which will allow you to turn any photo asset into compelling product imagery. With elevated visuals quality on your digital platforms, you can captivate your audience, and therefore achieve higher engagement and sales.
-
10
ESP8266 Deauther Version 2
Affordable WiFi hacking platform for testing and learning
Scan for WiFi devices, block selected connections, create dozens of networks and confuse WiFi scanners! Version 3 is in development. It is stable to use, but it is very different. It is command-line based, which allows it to offer not just more features, but make them more customizable. This software allows you to easily perform a variety of actions to test 802.11 wireless networks by using an inexpensive ESP8266 WiFi SoC (System On A Chip). The main feature, the deauthentication attack, is used to disconnect devices from their WiFi network. No one seems to care about this huge vulnerability in the official 802.11 WiFi standard, so I took action and enabled everyone who has less than 10 USD to spare to recreate this project. I hope it raises more attention on the issue. In 2009 the WiFi Alliance actually fixed the problem (see 802.11w), but only a few companies implemented it into their devices and software. -
11
JUnit 5
Programmer-friendly testing framework for Java and the JVM
The 5th major version of the programmer-friendly testing framework for Java and the JVM. JUnit 5 is the next generation of JUnit. The goal is to create an up-to-date foundation for developer-side testing on the JVM. This includes focusing on Java 8 and above, as well as enabling many different styles of testing. Official CI build server for JUnit 5. Used to perform quick checks on submitted pull requests and for build matrices including the latest released OpenJDK and early access builds of the next OpenJDK. The JUnit Platform serves as a foundation for launching testing frameworks on the JVM. It also defines the TestEngine API for developing a testing framework that runs on the platform. Furthermore, the platform provides a Console Launcher to launch the platform from the command line and the JUnit Platform Suite Engine for running a custom test suite using one or more test engines on the platform. First-class support for the JUnit Platform also exists in popular IDEs. -
12
Goss
Quick and Easy server testing/validation
For testing docker containers see the dgoss wrapper. Also, user submitted wrapper scripts for Kubernetes kgoss and Docker Compose dcgoss. Goss is a YAML-based serverspec alternative tool for validating a server’s configuration. It eases the process of writing tests by allowing the user to generate tests from the current system state. Once the test suite is written they can be executed, waited-on, or served as a health endpoint. An initial set of tests can be derived from the system state by using the add or auto add commands. A Json draft 7 schema available in docs/goss-json-schema.yaml makes it easier to edit simple goss.yaml files in IDEs, providing usual coding assistance such as inline documentation, completion and static analysis. -
13
PEASS-ng
Privilege Escalation Awesome Scripts SUITE
These tools search for possible local privilege escalation paths that you could exploit and print them to you with nice colors so you can recognize the misconfigurations easily. All the scripts/binaries of the PEAS suite should be used for authorized penetration testing and/or educational purposes only. Any misuse of this software will not be the responsibility of the author or of any other collaborator. Use it at your own machines and/or with the owner's permission. Here you will find privilege escalation tools for Windows and Linux/Unix and MacOS. Find the latest versions of all the scripts and binaries in the releases page. Check the parsers directory to transform PEASS outputs to JSON, HTML and PDF. -
14
MailHog
Web and API based SMTP testing
Inspired by MailCatcher, easier to install. Built with Go, MailHog runs without installation on multiple platforms. Run it from Docker Hub or using the provided Dockerfile. The SMTP server starts on port 1025, the HTTP server starts on port 8025, in-memory message storage. ESMTP server implementing RFC5321. Support for SMTP AUTH (RFC4954) and PIPELINING (RFC2920). Web interface to view messages (plain text, HTML or source). Supports RFC2047 encoded headers. Real-time updates using EventSource. Release messages to real SMTP servers. Chaos Monkey for failure testing. HTTP API to list, retrieve and delete messages. See APIv1 and APIv2 documentation for more information. HTTP basic authentication for MailHog UI and API. Multipart MIME support. Download individual MIME parts. In-memory message storage. MongoDB and file based storage for message persistence. Lightweight and portable. No installation required. -
15
The Software Testing Automation Framework (STAF) is a framework designed to improve the level of reuse and automation in test cases and test environments. The goal of STAF is to provide a complete end-to-end automation solution for testers.
-
16
Selenium IDE
Open Source record and playback test automation for the web
Open source record and playback test automation for the web. Simple, turn-key solution to quickly author reliable end-to-end tests. Works out of the box for any web app. Enjoy easier test debugging with rich IDE features like setting breakpoints and pausing on exceptions. Run your tests on any browser/OS combination in parallel using the Command-line Runner for Selenium IDE. Getting started with Selenium IDE requires no additional setup other than installing the extension on your browser. One of our driving philosophies is to provide an easy-to-use tool that will give instant feedback. We believe that the easier we can make it, the more likely people are to author tests, which in turn results in better-tested apps. Selenium IDE records multiple locators for each element it interacts with. If one locator fails during playback, the others will be tried until one is successful. -
17
DirBuster is a multi threaded java application designed to brute force directories and files names on web/application servers.
-
18
MiRoom
Localized MIUI ROMs
MIUI modifications with multi language based on clean chineese ROMs by MiRoom Portal Project. Dev blog: https://t.me/XiaomiSir -
19
Apache JMeter
Load testing tool for analyzing and measuring performance of services
The Apache JMeter™ application is open-source software, a 100% pure Java application designed to load test functional behavior and measure performance. It was originally designed for testing Web Applications but has since expanded to other test functions. Apache JMeter may be used to test performance both on static and dynamic resources, Web dynamic applications. It can be used to simulate a heavy load on a server, group of servers, network or object to test its strength or to analyze overall performance under different load types. -
20
k6
A modern load testing tool, using Go and JavaScript
The best developer experience for load testing. Open source and SaaS for engineering teams. Test early and continuously—break the QA silo in performance testing. Backend and frontend engineers prevent regressions when running performance tests. Test scalability to improve your reliability targets. Test SLOs and avoid SLA breaches. Shift left and collaborate with developers for effective and continuous testing. Use the same script for local, distributed, and cloud tests. Migrate from local tests to the cloud using the same script for both environments. Verify that applications can handle the expected traffic. Adapt your testing: stress tests, peak tests, soak tests, etc. Mix browser and API testing—interact with real browsers and collect frontend metrics to get a holistic user view. Simulate real-world traffic in your chaos experiments. Inject system failures in your k6 tests. -
21
sqlmap
Automatic SQL injection and database takeover tool
sqlmap is a powerful, feature-filled, open source penetration testing tool. It makes detecting and exploiting SQL injection flaws and taking over the database servers an automated process. sqlmap comes with a great range of features that along with its powerful detection engine make it the ultimate penetration tester. It offers full support for MySQL, Oracle, PostgreSQL, Microsoft SQL Server, Microsoft Access, IBM DB2, SQLite, Firebird, and many other database management systems. It also comes with a wide set of switches which include database fingerprinting, over data fetching from the database, accessing the underlying file system, and more. -
22
SecLists
The Pentester’s Companion
SecLists is the ultimate security tester’s companion. It is a collection of various types of lists commonly used during security assessments, all in one place. SecLists helps to increase efficiency and productivity in security testing by conveniently providing all the lists a security tester may need in one repository. List types include those for usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and many more. All the tester will have to do is pull this repo onto a new testing box and he’ll have access to every type of list he may require. -
23
PerfView
PerfView is a CPU and memory performance-analysis tool
PerfView is a free performance analysis tool that helps isolate CPU and memory-related performance issues. It is a Windows tool, but it also has some support for analyzing data collected on Linux machines. It works for a wide variety of scenarios, but has a number of special features for investigating performance issues in code written for the .NET runtime. If you are unfamiliar with PerfView, there are PerfView video tutorials. Also, Vance Morrison's blog gives an overview and getting started information. PerfView is built on a library called Microsoft.Diagnostics.Tracing.TraceEvent, which knows how to both collect and parse Event Tracing for Windows (ETW) data. Thus if there is any information that PerfView collects and processes that you would like to manipulate yourself programmatically, you would probably be interested in the TraceEvent Library Documentation. -
24
SocketTest - powerful and small software tool for socket testing. It can create both TCP and UDP client or server. It can be used to test any server or client that uses TCP or UDP protocol to communicate.
-
25
Catch2
A modern, C++-native, test framework for unit-tests, TDD and BDD
A modern, C++-native, test framework for unit-tests, TDD and BDD - using C++14, C++17 and later (C++11 support is in v2.x branch, and C++03 on the Catch1.x branch). Catch2 is mainly a unit testing framework for C++, but it also provides basic micro-benchmarking features and simple BDD macros. Catch2's main advantage is that using it is both simple and natural. Test names do not have to be valid identifiers, assertions look like normal C++ boolean expressions, and sections provide a nice and local way to share set-up and tear-down code in tests. You are on the devel branch, where the v3 version is being developed. v3 brings a bunch of significant changes, the big one being that Catch2 is no longer a single-header library. Catch2 now behaves as a normal library, with multiple headers and separately compiled implementation.
