Malware Analysis for Penetration Testing

Tools and techniques for analyzing, reverse-engineering, and understanding malicious software. Task: Penetration TestingExplore 10 curated tools and resources

Search tools and resources by name, description, or purpose... (⌘+K)

All

Free

Commercial

Task

RELATED TASKS

ai (1)analysis (4)androguard (1)anti-forensic (1)antivirus (3)apk (4)apksigner (2)apktool (2)app-security (1)apparmor (1)

PINNED

OSINTLeak
OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.
2
Commercial
Digital Forensics
Osint
Information Security
Security Tools
Data Breach
Reconnaissance
Security Research
Threat Intelligence
Red Team
Blue Team
Vulnerability Assessment
OSINTLeak
OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.
2
Commercial
Digital Forensics
Osint
Information Security
Security Tools
+7
ImmuniWeb® Discovery
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
0
Commercial
Attack Surface Management
Attack Surface Management
Attack Surface
Continuous Monitoring
Dark Web Monitoring
Cloud Security
Vulnerability Management
Compliance
Third Party Risk
Threat Intelligence
Security Monitoring
ImmuniWeb® Discovery
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
0
Commercial
Attack Surface Management
Attack Surface Management
Attack Surface
Continuous Monitoring
+7
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
1
Commercial
Application Security
Application Security
Dependency Scanning
Vulnerability Management
Software Supply Chain
Open Source
Sbom
Security Scanning
Devsecops
Vulnerability Detection
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
1
Commercial
Application Security
Application Security
Dependency Scanning
Vulnerability Management
+6
Check Point CloudGuard WAF
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
1
Commercial
Application Security
Web App Security
Api Security
Cloud Security
Waf
Ddos
Bot Detection
Machine Learning
Api Discovery
Threat Prevention
Zero Day
Check Point CloudGuard WAF
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
1
Commercial
Application Security
Web App Security
Api Security
Cloud Security
+7
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
0
Commercial
Cloud Security
Cloud Security
Cloud Native
Vulnerability Management
Compliance
Container Security
Cloud Compliance
Api Security
Kubernetes Security
Security Monitoring
Security Automation
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
0
Commercial
Cloud Security
Cloud Security
Cloud Native
Vulnerability Management
+7
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
1
Commercial
Application Security
Application Security
Github
Code Security
Static Analysis
Security Automation
Devsecops
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
1
Commercial
Application Security
Application Security
Github
Code Security
+3

LATEST ADDITIONS

XSSCon
A simple XSS scanner tool for identifying Cross-Site Scripting vulnerabilities
0
Free
Malware Analysis
Xss
Xss Scanner
Web Security
Penetration Testing
Security Research
XSSCon
A simple XSS scanner tool for identifying Cross-Site Scripting vulnerabilities
0
Free
Malware Analysis
Xss
Xss Scanner
Web Security
+2
XXEinjector
Automate the exploitation of XXE vulnerabilities
0
Free
Malware Analysis
Xxe
Vulnerability Exploitation
Penetration Testing
Security Research
XXEinjector
Automate the exploitation of XXE vulnerabilities
0
Free
Malware Analysis
Xxe
Vulnerability Exploitation
Penetration Testing
+1
Blinder
A Python library for automating time-based blind SQL injection attacks
0
Free
Malware Analysis
Sql Injection
Penetration Testing
Security Research
Blinder
A Python library for automating time-based blind SQL injection attacks
0
Free
Malware Analysis
Sql Injection
Penetration Testing
Security Research
Femida
Automated blind-xss search for Burp Suite
0
Free
Malware Analysis
Appsec
Burp Suite
Blind Xss
Xss
Security Research
Penetration Testing
Python
Femida
Automated blind-xss search for Burp Suite
0
Free
Malware Analysis
Appsec
Burp Suite
Blind Xss
+4
Depix
A tool that recovers passwords from pixelized screenshots
0
Free
Malware Analysis
Password Recovery
Machine Learning
Security Research
Penetration Testing
Depix
A tool that recovers passwords from pixelized screenshots
0
Free
Malware Analysis
Password Recovery
Machine Learning
Security Research
+1
xxexploiter
A tool to help exploit XXE vulnerabilities by sending a crafted XML file to the server and parsing it to extract the data.
0
Free
Malware Analysis
Xxe
Exploit
Xml
Vulnerability
Penetration Testing
Educational
xxexploiter
A tool to help exploit XXE vulnerabilities by sending a crafted XML file to the server and parsing it to extract the data.
0
Free
Malware Analysis
Xxe
Exploit
Xml
+3
CRLF-Injection-Scanner
Command line tool for testing CRLF injection on a list of domains.
0
Free
Malware Analysis
Vulnerability Scanner
Security Testing
Penetration Testing
CRLF-Injection-Scanner
Command line tool for testing CRLF injection on a list of domains.
0
Free
Malware Analysis
Vulnerability Scanner
Security Testing
Penetration Testing
ESC
Interactive .NET SQL console client with enhanced SQL Server discovery, access, and data exfiltration features
0
Free
Malware Analysis
Appsec
Sql
Penetration Testing
Red Team
ESC
Interactive .NET SQL console client with enhanced SQL Server discovery, access, and data exfiltration features
0
Free
Malware Analysis
Appsec
Sql
Penetration Testing
+1
ghauri
An advanced cross-platform tool for detecting and exploiting SQL injection security flaws
0
Free
Malware Analysis
Sql Injection
Penetration Testing
Security Research
Web App Security
Vulnerability Detection
Exploitation
ghauri
An advanced cross-platform tool for detecting and exploiting SQL injection security flaws
0
Free
Malware Analysis
Sql Injection
Penetration Testing
Security Research
+3
Thinkst Canarytokens Detector and Diffuser/Nullifier
A script to detect and remove Canary Tokens with simple signature-based detections.
0
Free
Malware Analysis
Canary Token
Signature Based Detection
Penetration Testing
Thinkst Canarytokens Detector and Diffuser/Nullifier
A script to detect and remove Canary Tokens with simple signature-based detections.
0
Free
Malware Analysis
Canary Token
Signature Based Detection
Penetration Testing

Malware Analysis for Penetration Testing

RELATED TASKS

PINNED

OSINTLeak

OSINTLeak

ImmuniWeb® Discovery

ImmuniWeb® Discovery

Checkmarx SCA

Checkmarx SCA

Check Point CloudGuard WAF

Check Point CloudGuard WAF

Orca Security

Orca Security

DryRun

DryRun

LATEST ADDITIONS

XSSCon

XSSCon

XXEinjector

XXEinjector

Blinder

Blinder

Femida

Femida

Depix

Depix

xxexploiter

xxexploiter

CRLF-Injection-Scanner

CRLF-Injection-Scanner

ESC

ESC

ghauri

ghauri

Thinkst Canarytokens Detector and Diffuser/Nullifier

Thinkst Canarytokens Detector and Diffuser/Nullifier