Vulnerability Management and Penetration Testing Tools & Resources

4 reviews

RoboShadow

A cybersecurity platform that offers vulnerability scanning, Windows Defender and 3rd party AV management, and MFA compliance reporting, among other features.

13

Commercial

Windows

Antivirus

Asset Inventory

+7

awesome-vulnerable-apps

A list of vulnerable applications for testing and learning

0

awesome-vulnerable-apps

A list of vulnerable applications for testing and learning

0

Vulnerable Apps

Learning

+2

Arjun

HTTP parameter discovery suite

0

Http

Arjun

HTTP parameter discovery suite

0

Http

+1

Yar

A tool for scanning and identifying potential security risks in GitHub organizations, users, and repositories.

0

Yar

A tool for scanning and identifying potential security risks in GitHub organizations, users, and repositories.

0

Security Audit

Compliance

+2

OWASP Bricks

Deliberately vulnerable web application for security professionals to practice attack techniques.

0

OWASP Bricks

Deliberately vulnerable web application for security professionals to practice attack techniques.

0

Appsec Training

Vulnerable App

+3

OpenRedireX

A fuzzer for detecting open redirect vulnerabilities

0

Open Redirect

Vulnerability Scanner

Web Application Security

OpenRedireX

A fuzzer for detecting open redirect vulnerabilities

0

Open Redirect

Vulnerability Scanner

Web Application Security

+2

Acunetix Web Vulnerability Scanner Demonstration Site

A demonstration site for the Acunetix Web Vulnerability Scanner, intentionally vulnerable to various web-based attacks.

0

Acunetix Web Vulnerability Scanner Demonstration Site

A demonstration site for the Acunetix Web Vulnerability Scanner, intentionally vulnerable to various web-based attacks.

0

Web App Security

+3

Vuldroid

A vulnerable Android application demonstrating various security issues and vulnerabilities

0

Vuldroid

A vulnerable Android application demonstrating various security issues and vulnerabilities

0

Appsec Tool

Vulnerable App

+2

Flan

A vulnerability scanner that helps you identify and fix vulnerabilities in your code

0

Security Testing

Vulnerability Assessment

Flan

A vulnerability scanner that helps you identify and fix vulnerabilities in your code

0

Security Testing

+2

Securibench Micro

A series of small test cases designed to exercise different parts of a static security analyzer

0

Securibench Micro

A series of small test cases designed to exercise different parts of a static security analyzer

0

Apparmor

Appsec Testing

+3

Twitter's Vine Source Code Dump

A disclosure of a bug found in Twitter's Vine and the process of procuring the source code.

0

Twitter's Vine Source Code Dump

A disclosure of a bug found in Twitter's Vine and the process of procuring the source code.

0

Bug Bounty

Reconnaissance

Subdomain Scanning

+3

sqliv

A massive SQL injection vulnerability scanner

0

Scanner

Security Testing

sqliv

A massive SQL injection vulnerability scanner

0

Scanner

+2

Pagodo

Automate Google Hacking Database scraping and searching with Pagodo, a tool for finding vulnerabilities and sensitive information.

0

Pagodo

Automate Google Hacking Database scraping and searching with Pagodo, a tool for finding vulnerabilities and sensitive information.

0

Hack Yourself First

Platform for users to test cybersecurity skills by exploiting vulnerabilities.

0

Hack Yourself First

Platform for users to test cybersecurity skills by exploiting vulnerabilities.

0

Bug Bounty

Ctf

Hacking

+3

sqlmap

Automates SQL injection detection and exploitation

0

Database Security

sqlmap

Automates SQL injection detection and exploitation

0

Database Security

+1

Damn Vulnerable iOS App (DVIA)

iOS application for testing iOS penetration testing skills in a legal environment.

0

Damn Vulnerable iOS App (DVIA)

iOS application for testing iOS penetration testing skills in a legal environment.

0

Ios

+2

GoatseLinux: It's Wide Open [tm] GSL

A VMware image for penetration testing purposes

0

Binary Security

File Analysis

GoatseLinux: It's Wide Open [tm] GSL

A VMware image for penetration testing purposes

0

Binary Security

File Analysis

bWAPP

A free and open-source deliberately insecure web application for security enthusiasts, developers, and students to discover and prevent web vulnerabilities.

0

Web Application Security

Web Security

bWAPP

A free and open-source deliberately insecure web application for security enthusiasts, developers, and students to discover and prevent web vulnerabilities.

0