Loading...

Popular Free Commercial Categories Tasks Blog

CyberSecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Copyright © 2025 - All rights reserved

LINKS

LEGAL

Terms of services Privacy policy

Offensive Security for Web App Security

Ethical hacking tools and resources for penetration testing and red team operations. Task: Web App Security
Explore 10 curated tools and resources

Search tools and resources by name, description, or purpose... (⌘+K)

All

Free

Commercial

Task

Home
Categories
Offensive Security
Web App Security

RELATED TASKS

analytics (1)anti-forensics (1)antivirus (1)apache (3)api-metadata (1)api-security (2)apktool (1)app-security (1)apparmor (6)applocker (1)

PINNED

ImmuniWeb® Discovery
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
1
Commercial
Attack Surface Management
Attack Surface Management
Attack Surface
Continuous Monitoring
Dark Web Monitoring
Cloud Security
Vulnerability Management
Compliance
Third Party Risk
Threat Intelligence
Security Monitoring
ImmuniWeb® Discovery
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
1
Commercial
Attack Surface Management
Attack Surface Management
Attack Surface
Continuous Monitoring
+7
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
2
Commercial
Resources
Resources
Cybersecurity
Education
Training
Security Professionals
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
2
Commercial
Resources
Resources
Cybersecurity
Education
+2
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
1
Commercial
Application Security
Application Security
Dependency Scanning
Vulnerability Management
Software Supply Chain
Open Source
Sbom
Security Scanning
Devsecops
Vulnerability Detection
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
1
Commercial
Application Security
Application Security
Dependency Scanning
Vulnerability Management
+6
Check Point CloudGuard WAF
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
1
Commercial
Application Security
Web App Security
Api Security
Cloud Security
Waf
Ddos
Bot Detection
Machine Learning
Api Discovery
Threat Prevention
Zero Day
Check Point CloudGuard WAF
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
1
Commercial
Application Security
Web App Security
Api Security
Cloud Security
+7
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
0
Commercial
Cloud Security
Cloud Security
Cloud Native
Vulnerability Management
Compliance
Container Security
Cloud Compliance
Api Security
Kubernetes Security
Security Monitoring
Security Automation
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
0
Commercial
Cloud Security
Cloud Security
Cloud Native
Vulnerability Management
+7
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
1
Commercial
Application Security
Application Security
Github
Code Security
Static Analysis
Security Automation
Devsecops
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
1
Commercial
Application Security
Application Security
Github
Code Security
+3

LATEST ADDITIONS

Burp Suite Professional
A web application security testing platform that combines manual and automated testing tools for conducting comprehensive security assessments and penetration testing.
1
Commercial
Offensive Security
Penetration Testing
Web Security
Scanner
Proxy
Security Testing
Vulnerability Assessment
Api Security
Burp Suite
Web App Security
Security Automation
Burp Suite Professional
A web application security testing platform that combines manual and automated testing tools for conducting comprehensive security assessments and penetration testing.
1
Commercial
Offensive Security
Penetration Testing
Web Security
Scanner
+7
XAHICO Platform
XAHICO Web Platform is a cloud-based solution for vulnerability detection, penetration testing, and adversary simulation, accessible through web browsers and suitable for various user levels.
0
Commercial
Offensive Security
Cloud
Penetration Testing
Vulnerability Detection
Command And Control
Web App Security
XAHICO Platform
XAHICO Web Platform is a cloud-based solution for vulnerability detection, penetration testing, and adversary simulation, accessible through web browsers and suitable for various user levels.
0
Commercial
Offensive Security
Cloud
Penetration Testing
Vulnerability Detection
+2
requests-racer
A Python library for exploiting race conditions in web apps
0
Free
Offensive Security
Appsec
Web App Security
Web Security
Exploit
requests-racer
A Python library for exploiting race conditions in web apps
0
Free
Offensive Security
Appsec
Web App Security
Web Security
+1
WS-Attacker
Modular framework for web services penetration testing with support for various attacks.
0
Free
Offensive Security
Web App Security
WS-Attacker
Modular framework for web services penetration testing with support for various attacks.
0
Free
Offensive Security
Web App Security
Browser Exploitation Framework (BeEF)
A penetration testing tool that focuses on web browser exploitation
0
Free
Offensive Security
Web App Security
Penetration Testing
Attack Platform
Browser Exploitation Framework (BeEF)
A penetration testing tool that focuses on web browser exploitation
0
Free
Offensive Security
Web App Security
Penetration Testing
Attack Platform
SecGame #1: Sauron
A Linux-based environment for penetration testing and vulnerability exploitation
0
Free
Offensive Security
Penetration Testing
Vulnerable Apps
Web App Security
Privilege Escalation
SecGame #1: Sauron
A Linux-based environment for penetration testing and vulnerability exploitation
0
Free
Offensive Security
Penetration Testing
Vulnerable Apps
Web App Security
+1
Penetration Testing Practice Lab - Vulnerable Apps/Systems
Collection of URLs for vulnerable web applications and systems for cybersecurity practice.
0
Free
Offensive Security
Penetration Testing
Vulnerable Applications
Web App Security
Penetration Testing Practice Lab - Vulnerable Apps/Systems
Collection of URLs for vulnerable web applications and systems for cybersecurity practice.
0
Free
Offensive Security
Penetration Testing
Vulnerable Applications
Web App Security
Joi Security
CLI tool for offensive and defensive security assessments on the Joi validator library with a wide range of attacks.
0
Free
Offensive Security
Appsec
Scanner
Scanning
Security Scanning
Vulnerabilities
Web App Security
Web Security
Joi Security
CLI tool for offensive and defensive security assessments on the Joi validator library with a wide range of attacks.
0
Free
Offensive Security
Appsec
Scanner
Scanning
+4
The Absurdly Underestimated Dangers of CSV Injection
A blog post discussing the often overlooked dangers of CSV injection in applications.
0
Free
Offensive Security
Csv
Injection
Vulnerability
Security
Web App Security
Appsec
The Absurdly Underestimated Dangers of CSV Injection
A blog post discussing the often overlooked dangers of CSV injection in applications.
0
Free
Offensive Security
Csv
Injection
Vulnerability
+3
Grendel-Scan
A tool for automated security scanning of web applications and manual penetration testing.
0
Free
Offensive Security
Appsec
Appsecurity
Penetration Testing
Web App Security
Web Security
Grendel-Scan
A tool for automated security scanning of web applications and manual penetration testing.
0
Free
Offensive Security
Appsec
Appsecurity
Penetration Testing
+2

1