168 tools and resources
Showcase your innovative cybersecurity solution to our dedicated audience of security professionals.
Reach out!
Goof is a vulnerable Node.js demo application that includes a series of vulnerabilities and exploits
Scan files for viruses and malware with language-agnostic REST API
A developer-first, API-driven platform that provides development teams with a suite of tools to improve code quality, security, and engineering performance, seamlessly integrated into their existing development workflows.
WPRecon is a tool for recognizing vulnerabilities and blackbox information for WordPress.
InQL is a Burp Suite extension for advanced GraphQL testing and vulnerability detection
A Burp extension for scanning JavaScript files for endpoint links
A simple Swagger-ui scanner that detects old versions vulnerable to various XSS attacks
A python open source CMS scanner that automates the process of detecting security flaws of the most popular CMSs.
Automated web application testing tool
A tool for automated HTTP header injection
A tool for identifying and extracting parameters from HTTP requests and responses
Open Redirection Analyzer
A tool for brute-forcing GET and POST parameters to discover potential vulnerabilities in web applications.
A collection of Android security related resources
Pre-commit hook for validating outgoing changeset
A centralized dashboard for running and scheduling WordPress scans powered by wpscan utility.
A free online tool to scan for DOM-based XSS vulnerabilities in HTML, JavaScript, and CSS files.
Insider is a source code analysis tool focusing on OWASP Top 10 vulnerabilities with easy integration into DevOps pipelines.
Embeddable Yara library for Java with support for loading rules and scanning data.
IronBee is an open source project building a universal web application security sensor.