Vulnerability Management for Appsec

Tools for identifying, prioritizing, and remediating security vulnerabilities in systems and applications. Task: AppsecExplore 28 curated tools and resources

Search tools and resources by name, description, or purpose... (⌘+K)

All

Free

Commercial

Task

RELATED TASKS

ai (1)android-security (1)ansible (1)antivirus (1)api (1)api-metadata (1)api-security (2)app-security (10)apparmor (2)application-security (4)

PINNED

Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
5
Free
Resources
Security Education
Resources
Training
Security Information
Education
Security Community
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
5
Free
Resources
Security Education
Resources
Training
+3
OSINTLeak
OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.
3
Commercial
Digital Forensics
Osint
Information Security
Security Tools
Data Breach
Reconnaissance
Security Research
Threat Intelligence
Red Team
Blue Team
Vulnerability Assessment
OSINTLeak
OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.
3
Commercial
Digital Forensics
Osint
Information Security
Security Tools
+7
ImmuniWeb® Discovery
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
0
Commercial
Attack Surface Management
Attack Surface Management
Attack Surface
Continuous Monitoring
Dark Web Monitoring
Cloud Security
Vulnerability Management
Compliance
Third Party Risk
Threat Intelligence
Security Monitoring
ImmuniWeb® Discovery
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
0
Commercial
Attack Surface Management
Attack Surface Management
Attack Surface
Continuous Monitoring
+7
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
1
Commercial
Application Security
Application Security
Dependency Scanning
Vulnerability Management
Software Supply Chain
Open Source
Sbom
Security Scanning
Devsecops
Vulnerability Detection
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
1
Commercial
Application Security
Application Security
Dependency Scanning
Vulnerability Management
+6
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
0
Commercial
Cloud Security
Cloud Security
Cloud Native
Vulnerability Management
Compliance
Container Security
Cloud Compliance
Api Security
Kubernetes Security
Security Monitoring
Security Automation
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
0
Commercial
Cloud Security
Cloud Security
Cloud Native
Vulnerability Management
+7
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
1
Commercial
Application Security
Application Security
Github
Code Security
Static Analysis
Security Automation
Devsecops
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
1
Commercial
Application Security
Application Security
Github
Code Security
+3

LATEST ADDITIONS

AWVS
A hosted web application security testing tool that enables security researchers to register, activate their accounts, and scan web applications for vulnerabilities.
0
Free
Vulnerability Management
Appsec
App Security
Web App Security
Vulnerability Scanning
Vulnerability Assessment
Web Application Security
AWVS
A hosted web application security testing tool that enables security researchers to register, activate their accounts, and scan web applications for vulnerabilities.
0
Free
Vulnerability Management
Appsec
App Security
Web App Security
+3
ParamPamPam
A tool for detecting and exploiting vulnerabilities in web applications
0
Free
Vulnerability Management
Appsec
App Security
Fuzzing
Sql Injection
Xss
Web App Security
ParamPamPam
A tool for detecting and exploiting vulnerabilities in web applications
0
Free
Vulnerability Management
Appsec
App Security
Fuzzing
+3
OWASP Bricks
Deliberately vulnerable web application for security professionals to practice attack techniques.
0
Free
Vulnerability Management
Appsec
Appsec Training
Vulnerable App
Web App Security
Penetration Testing
Security Training
OWASP Bricks
Deliberately vulnerable web application for security professionals to practice attack techniques.
0
Free
Vulnerability Management
Appsec
Appsec Training
Vulnerable App
+3
AuditJS
Audits JavaScript projects for known vulnerabilities and outdated package versions using OSS Index v3 REST API.
0
Free
Vulnerability Management
Appsec
Npm
Yarn
Vulnerability Scanning
Package Manager
AuditJS
Audits JavaScript projects for known vulnerabilities and outdated package versions using OSS Index v3 REST API.
0
Free
Vulnerability Management
Appsec
Npm
Yarn
+2
FuzzDB
A comprehensive open dictionary of fault injection patterns and predictable resource locations for dynamic application security testing
0
Free
Vulnerability Management
Appsec
Attack Paths
Binary Security
Security Testing
Vulnerability Detection
FuzzDB
A comprehensive open dictionary of fault injection patterns and predictable resource locations for dynamic application security testing
0
Free
Vulnerability Management
Appsec
Attack Paths
Binary Security
+2
Vuldroid
A vulnerable Android application demonstrating various security issues and vulnerabilities
0
Free
Vulnerability Management
Appsec
Appsec Tool
Vulnerable App
Security Testing
Penetration Testing
Vuldroid
A vulnerable Android application demonstrating various security issues and vulnerabilities
0
Free
Vulnerability Management
Appsec
Appsec Tool
Vulnerable App
+2
MCIR
A framework for building code injection vulnerability testbeds
0
Free
Vulnerability Management
Appsec
Appsec Testing
Code Injection
Vulnerability Testing
Security Testing
MCIR
A framework for building code injection vulnerability testbeds
0
Free
Vulnerability Management
Appsec
Appsec Testing
Code Injection
+2
Securibench Micro
A series of small test cases designed to exercise different parts of a static security analyzer
0
Free
Vulnerability Management
Appsec
Apparmor
Appsec Testing
Security Testing
Vulnerability Scanning
Penetration Testing
Securibench Micro
A series of small test cases designed to exercise different parts of a static security analyzer
0
Free
Vulnerability Management
Appsec
Apparmor
Appsec Testing
+3
Quick Android Review Kit
A tool for detecting and exploiting Android application vulnerabilities
0
Free
Vulnerability Management
Appsec
App Security
Vulnerability Scanning
Vulnerability Exploitation
Proof Of Concept
Quick Android Review Kit
A tool for detecting and exploiting Android application vulnerabilities
0
Free
Vulnerability Management
Appsec
App Security
Vulnerability Scanning
+2
OWASP Application Security Wiki
A comprehensive online resource for application security knowledge
0
Free
Vulnerability Management
Appsec
Application Security
Threat Modeling
Owasp
OWASP Application Security Wiki
A comprehensive online resource for application security knowledge
0
Free
Vulnerability Management
Appsec
Application Security
Threat Modeling
+1
Commix-Testbed
A collection of real-world scenarios to evaluate command injection detection and exploitation abilities
0
Free
Vulnerability Management
Appsec
Apparmor
Appsec Testing
Bug Bounty
Security Testing
Commix-Testbed
A collection of real-world scenarios to evaluate command injection detection and exploitation abilities
0
Free
Vulnerability Management
Appsec
Apparmor
Appsec Testing
+2
Cybersecurity Evaluation Tool (CSET)
CSET is a free software tool for identifying vulnerabilities in enterprise and industrial control cyber systems.
0
Free
Vulnerability Management
Appsec
Compliance
Cybersecurity
Vulnerability Assessment
Cybersecurity Evaluation Tool (CSET)
CSET is a free software tool for identifying vulnerabilities in enterprise and industrial control cyber systems.
0
Free
Vulnerability Management
Appsec
Compliance
Cybersecurity
+1
is-website-vulnerable
Finds publicly known security vulnerabilities in a website's frontend JavaScript libraries.
0
Free
Vulnerability Management
Appsec
Javascript
Vulnerability Scanning
Web Security
Nodejs
is-website-vulnerable
Finds publicly known security vulnerabilities in a website's frontend JavaScript libraries.
0
Free
Vulnerability Management
Appsec
Javascript
Vulnerability Scanning
+2
Damn Vulnerable iOS App (DVIA)
iOS application for testing iOS penetration testing skills in a legal environment.
0
Free
Vulnerability Management
Appsec
Ios
Penetration Testing
Vulnerability
Mobile Security
Damn Vulnerable iOS App (DVIA)
iOS application for testing iOS penetration testing skills in a legal environment.
0
Free
Vulnerability Management
Appsec
Ios
Penetration Testing
+2

Vulnerability Management for Appsec

RELATED TASKS

PINNED

Mandos Brief Newsletter

Mandos Brief Newsletter

OSINTLeak

OSINTLeak

ImmuniWeb® Discovery

ImmuniWeb® Discovery

Checkmarx SCA

Checkmarx SCA

Orca Security

Orca Security

DryRun

DryRun

LATEST ADDITIONS

AWVS

AWVS

ParamPamPam

ParamPamPam

OWASP Bricks

OWASP Bricks

AuditJS

AuditJS

FuzzDB

FuzzDB

Vuldroid

Vuldroid

MCIR

MCIR

Securibench Micro

Securibench Micro

Quick Android Review Kit

Quick Android Review Kit

OWASP Application Security Wiki

OWASP Application Security Wiki

Commix-Testbed

Commix-Testbed

Cybersecurity Evaluation Tool (CSET)

Cybersecurity Evaluation Tool (CSET)

is-website-vulnerable

is-website-vulnerable

Damn Vulnerable iOS App (DVIA)

Damn Vulnerable iOS App (DVIA)