The Largest Collection of Cybersecurity Tools
Explore 3026 curated cybersecurity tools, with 14,601+ visitors searching for solutions
FEATURED
Password manager with end-to-end encryption and identity protection features
VPN service providing encrypted internet connections and privacy protection
Fractional CISO services for B2B companies to accelerate sales and compliance
Get Featured
Feature your product and reach thousands of professionals.
RECENTLY ADDED
A security tool for discovering and analyzing interesting files in AWS S3 buckets across multiple regions and bucket types.
A security tool for discovering and analyzing interesting files in AWS S3 buckets across multiple regions and bucket types.
A Burp Suite extension that formats GraphQL requests for easier reading
A Burp Suite extension that formats GraphQL requests for easier reading
ESC is an interactive .NET SQL console client with enhanced SQL Server discovery and data exfiltration features designed for penetration testing and red team engagements.
ESC is an interactive .NET SQL console client with enhanced SQL Server discovery and data exfiltration features designed for penetration testing and red team engagements.
A command-line tool for parsing, creating, and manipulating JWT tokens
A framework for testing and exploiting race condition vulnerabilities through concurrent request analysis and timing attack automation.
A framework for testing and exploiting race condition vulnerabilities through concurrent request analysis and timing attack automation.
A free and open-source tool for identifying vulnerabilities in Joomla-based websites.
A free and open-source tool for identifying vulnerabilities in Joomla-based websites.
A centralized dashboard for running and scheduling WordPress scans powered by wpscan utility.
A centralized dashboard for running and scheduling WordPress scans powered by wpscan utility.
A wordlist to bruteforce for Local File Inclusion (LFI) vulnerabilities
A toolkit for detecting and tracking Blind XSS, XXE, and SSRF vulnerabilities
A toolkit for detecting and tracking Blind XSS, XXE, and SSRF vulnerabilities
A domain reconnaissance tool that automates subdomain discovery, port scanning, and monitoring with support for multiple data sources and notification integrations.
A domain reconnaissance tool that automates subdomain discovery, port scanning, and monitoring with support for multiple data sources and notification integrations.
A collection of three tools for extracting, dumping, and scanning exposed .git repositories on websites to identify sensitive information and security vulnerabilities.
A collection of three tools for extracting, dumping, and scanning exposed .git repositories on websites to identify sensitive information and security vulnerabilities.
A tool for taking a list of resolved subdomains and outputting any corresponding CNAMES en masse.
A tool for taking a list of resolved subdomains and outputting any corresponding CNAMES en masse.
ParamPamPam is an open-source tool that detects and exploits web application vulnerabilities using fuzzing, SQL injection, and XSS techniques.
ParamPamPam is an open-source tool that detects and exploits web application vulnerabilities using fuzzing, SQL injection, and XSS techniques.
A Burp Suite extension that uses Shodan to discover cloud buckets and tests them for publicly accessible vulnerabilities through passive scanning.
A Burp Suite extension that uses Shodan to discover cloud buckets and tests them for publicly accessible vulnerabilities through passive scanning.
A command-line tool for capturing automated screenshots of websites and mobile applications with support for multiple browsers and device emulations.
A command-line tool for capturing automated screenshots of websites and mobile applications with support for multiple browsers and device emulations.
A collection of customizable automation scripts for Turbo Intruder that facilitate vulnerability scanning, exploitation, and data extraction in penetration testing workflows.
A collection of customizable automation scripts for Turbo Intruder that facilitate vulnerability scanning, exploitation, and data extraction in penetration testing workflows.
A tool for analyzing pentest screenshots using a convolutional neural network
A tool for analyzing pentest screenshots using a convolutional neural network
A DNS rebinding attack framework for security researchers and penetration testers.
A DNS rebinding attack framework for security researchers and penetration testers.
SSTImap is an automated detection tool that identifies Server-Side Template Injection vulnerabilities in web applications through systematic testing and analysis.
SSTImap is an automated detection tool that identifies Server-Side Template Injection vulnerabilities in web applications through systematic testing and analysis.
A tool to discover new target domains using Content Security Policy
A tool to discover new target domains using Content Security Policy
A malicious DNS server that executes DNS Rebinding attacks on-demand to bypass same-origin policy restrictions and access internal network resources.
A malicious DNS server that executes DNS Rebinding attacks on-demand to bypass same-origin policy restrictions and access internal network resources.
