Top Alternatives to off-by-slash
Vulnerability ManagementA Burp Suite extension that detects NGINX alias traversal vulnerabilities by analyzing HTTP traffic patterns to identify path traversal misconfigurations.
102 Alternatives to off-by-slash
A penetration testing framework for identifying and exploiting vulnerabilities.
A web application security testing platform that combines manual and automated testing tools for conducting comprehensive security assessments and penetration testing.
A web-based payload repository that generates and encodes ready-to-use exploits for SQL injection, XSS, file inclusion, and command injection vulnerabilities.
AI-powered autonomous penetration testing platform with multi-agent system
AI-powered PTaaS platform with continuous attack surface discovery and exploit validation
Open-source platform for pentest reporting and security team collaboration
A correlated injection proxy tool that integrates with XSS Hunter for automated cross-site scripting vulnerability testing and payload tracking.
AI-powered automated penetration testing platform for vulnerability discovery
AI-powered automated penetration testing platform for web apps, APIs & GraphQL
Platform for on-demand pentests & bug bounties via vetted security researchers
Human-guided continuous pentesting platform with attack surface management
AI-powered automated pen testing & continuous red teaming platform
PTaaS platform with continuous attack surface discovery and red teaming
Pentest management platform for reporting, project mgmt & client collaboration
Pentest reporting & exposure mgmt platform for vulnerability remediation
Automated pentesting for web apps & APIs with continuous vulnerability scanning
Penetration testing software for simulating attacks and validating vulnerabilities
Automated security validation platform for testing attack surfaces continuously
Continuous penetration testing platform with managed security researchers
Automated internal network penetration testing and security validation platform
Continuous pentesting service monitoring web apps & APIs for code changes
AI-powered automated penetration testing platform for web apps and networks
PTaaS platform for web, mobile, cloud app pentesting by global researchers
AI-powered automated penetration testing platform for on-demand security audits
Autonomous web app pentesting platform with exploit validation
AI-powered autonomous pentesting platform for continuous security validation
Modular offensive security platform for continuous monitoring and testing
Pen test management and reporting platform for manual assessments
Platform for managing offensive security tests including pentests and bug bounties
Platform for chip security testing and binary security analysis
AI-native multi-agent pentesting engine for autonomous vulnerability discovery
AI-driven autonomous pentesting platform for continuous vulnerability discovery
Automated attack simulation platform for continuous penetration testing
Continuous automated pentesting platform for ongoing security assessment
Autonomous AI system for continuous penetration testing and exploit validation
Penetration testing distro for IoT device security assessment
Cloud-based penetration testing platform for threat mgmt & remediation
Managed continuous penetration testing service for internal & external networks
Autonomous penetration testing platform identifying attack paths & vulnerabilities
Automated network penetration testing tool for internal and external attacks
Continuous penetration testing platform with attack surface discovery
Continuous pentesting platform with autonomous AI agents for web apps and APIs
AI-powered continuous pentesting platform with agentic automation
AI-powered pentest & VMDR platform for vulnerability scanning & management
Internal network penetration testing service for vulnerability identification
AI-powered continuous pentesting that finds and fixes vulnerabilities
AI-driven pentesting platform with white hat hacker community support
Autonomous pentesting platform for internal, external, cloud & K8s testing
Autonomous web application penetration testing platform by Horizon3.ai
Autonomous pentesting platform with threat-informed attack campaigns
Autonomous pentesting platform for data exfiltration testing & validation
AI-powered autonomous vulnerability hunter with CLI and platform interfaces
Pentest engagement management platform with continuous testing & real-time reporting.
PTaaS platform for managing pentests, DAST, and attack surface monitoring.
Pen testing platform with guided automation and certified exploit library.
Managed vulnerability scanning & pen testing service with PCI DSS support.
Automated pentest tool simulating hacker attacks on IP-addressable systems.
AI-powered continuous pentesting platform combining autonomous agents with human hackers.
Pentest platform combining automated scanning & manual VAPT with reporting.
Web app VAPT service with automated scanning, manual testing & verifiable cert.
PTaaS platform combining automated & manual pentesting for CI/CD teams.
AI-assisted pentest platform combining automated DAST with manual expert testing.
Annual subscription tool for replaying network traffic to test infra against threats.
Hardware appliance for network infra testing via traffic replay against known threats.
Expert-led PTaaS platform with continuous testing and vuln management.
Autonomous pentesting platform that discovers, exploits & maps attack paths.
Automated pen testing service simulating attacks to identify vulnerabilities.
SaaS penetration testing & automated red team platform with 200K+ vuln DB.
Automated fuzz & penetration testing tool for automotive ECUs and software.
Managed vuln scanning & pen testing service to identify & prioritize risks.
AI-driven platform for automated pentesting and security validation.
Centralized mgmt console for multiple RidgeBot deployments across MSSP clients.
Automated pentest tool validating web apps against OWASP Top 10 CWEs.
Hardware security testing tools for side-channel analysis & fault injection.
An open source network penetration testing framework with automatic recon and scanning capabilities.
Modular framework for web services penetration testing with support for various attacks.
WackoPicko is an intentionally vulnerable web application used for security testing, penetration testing practice, and vulnerability scanner evaluation.
A collection of vulnerable web applications containing command injection flaws designed to test and evaluate detection and exploitation tools like commix.
FuzzDB is an open-source dictionary of attack patterns and predictable resource locations for dynamic application security testing and vulnerability discovery.
OWASP OWTF is a penetration testing framework focused on efficiency and alignment with security standards.
A Python script that performs security testing attacks against AWS Cognito services including account creation, user enumeration, and privilege escalation vulnerabilities.
A Python script for creating a cohesive and up-to-date penetration testing framework.
A free and open-source deliberately insecure web application for security enthusiasts, developers, and students to discover and prevent web vulnerabilities.
Automatic tool for pentesting XSS attacks against different applications
Educational repository containing materials on advanced subdomain enumeration techniques from Bugcrowd LevelUp 2017 conference.
A tool for analyzing pentest screenshots using a convolutional neural network
A directory traversal fuzzer for finding and exploiting directory traversal vulnerabilities.
A scripting engine for interacting with GraphQL endpoints for pentesting purposes.
A Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.
A collection of customizable automation scripts for Turbo Intruder that facilitate vulnerability scanning, exploitation, and data extraction in penetration testing workflows.
SQLi-Hunter is an HTTP/HTTPS proxy server and SQLMAP API wrapper that simplifies the identification and exploitation of SQL injection vulnerabilities in web applications.
A command-line tool for identifying NoSQL injection vulnerabilities in MongoDB databases through automated scanning and reporting.
An advanced cross-platform tool for detecting and exploiting SQL injection security flaws
A tool to help exploit XXE vulnerabilities by sending a crafted XML file to the server and parsing it to extract the data.
A tool to easily automate and multithread your pentesting and bug bounty workflow without any coding
Stay Updated with Mandos Brief
Get strategic cybersecurity insights in your inbox
