168 tools and resources
Showcase your innovative cybersecurity solution to our dedicated audience of security professionals.
Reach out!
A serverless application that demonstrates common serverless security flaws and weaknesses
A comprehensive toolkit for web application security testing, offering a range of products and solutions for identifying vulnerabilities and improving security posture.
A tool for dynamic analysis of mobile applications in a controlled environment.
Websecurify provides efficient ways to protect organizations with sophisticated technology and expert consultancy.
Protect your Fastify server against CSRF attacks with a series of utilities and recommendations for secure application development.
Reformat and re-indent bookmarklets, ugly JavaScript, and unpack scripts with options available via UI.
A script that implements Cognito attacks such as Account Oracle or Priviledge Escalation
Static code analyzer for Infrastructure as Code with 500+ security policies and support for various IaC tools and cloud platforms.
A web-based tool for instrumenting and analyzing Android applications using Flask, Jinja, and Redis.
Dynamic Java code instrumentation kit for Android applications.
Yaramod is a library for parsing YARA rules into AST and building new YARA rulesets with C++ programming interface.
A web security tool that scans for vulnerabilities and known attacks.
Kiterunner is a tool for lightning-fast traditional content discovery and bruteforcing API endpoints in modern applications.
A honeypot trap for Symfony2 forms to reduce spam submissions.
DOMPurify is a fast XSS sanitizer for HTML, MathML, and SVG.
Real-time, eBPF-based Security Observability and Runtime Enforcement component
A browser with XSS detection capabilities
SAST and malware analysis tool for Android APKs with detailed scan information.
DVTA is a Vulnerable Thick Client Application with various security vulnerabilities.
A vulnerable by design infrastructure on Azure featuring the latest released OWASP Top 10 web application security risks (2021) and other misconfigurations.
A security-focused general purpose memory allocator providing the malloc API with hardening against heap corruption vulnerabilities.
