Vulnerability Management
Tools for identifying, prioritizing, and remediating security vulnerabilities in systems and applications.
Explore 159 curated tools and resources
RELATED TASKS
LATEST ADDITIONS
A guide to brute forcing DVWA on the high security level with anti-CSRF tokens
A non-profit organization focused on improving the security of software through resources and training.
Advanced vulnerability assessment tool for gaining visibility and preventing cyber attacks.
A vulnerability assessment and management tool that uses patented technology to accurately identify vulnerabilities and prioritize them by risk.
Amass by OWASP performs comprehensive attack surface mapping and asset discovery.
An OSINT tool that generates username lists for companies on LinkedIn for social engineering attacks or security testing purposes.
A categorized collection of bug bounty write-ups for various vulnerabilities.
A LinkedIn reconnaissance tool for gathering information about companies and individuals on the platform.
Dnscan is a DNS reconnaissance tool that performs DNS scans, DNS cache snooping, and DNS amplification attack detection.
A BloodHoundAD Report Engine for Security Teams to identify Active Directory security vulnerabilities and harden common configuration vulnerabilities and oversights.
List of publicly disclosed vulnerabilities with security filters and detailed advisories.
tfsec is being replaced by Trivy, a more comprehensive open-source security solution
An open source project for static analysis of vulnerabilities in application containers
Simple script to check a domain's email protections and identify vulnerabilities.
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Free
Security Operations
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Free
Blogs and News
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Commercial
Cloud Security
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.
Commercial
AI Security