Vulnerability Management

Tools for identifying, prioritizing, and remediating security vulnerabilities in systems and applications.Explore 168 curated tools and resources

Search tools and resources by name, description, or purpose... (⌘+K)

All

Free

Commercial

Task

RELATED TASKS

ai (1)android-security (1)ansible (1)antivirus (1)api (1)api-metadata (1)api-security (2)app-security (10)apparmor (2)application-security (4)

PINNED

PTJunior
An AI-powered penetration testing platform that autonomously discovers, exploits, and documents vulnerabilities while generating NIST-compliant reports.
1
Commercial
Offensive Security
Ai
Penetration Testing
Automation
Security Testing
Exploitation
Reconnaissance
Reporting
Security Assessment
Offensive Security
Vulnerability Exploitation
PTJunior
An AI-powered penetration testing platform that autonomously discovers, exploits, and documents vulnerabilities while generating NIST-compliant reports.
1
Commercial
Offensive Security
Ai
Penetration Testing
Automation
+7
CTIChef.com Detection Feeds
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
0
Commercial
Threat Management
Threat Intelligence
Detection Rules
Siem
Security Operations
Cti
Threat Detection
Security Monitoring
Rule Management
Threat Hunting
Security Information And Event Management
CTIChef.com Detection Feeds
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
0
Commercial
Threat Management
Threat Intelligence
Detection Rules
Siem
+7
ImmuniWeb® Discovery
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
0
Commercial
Attack Surface Management
Attack Surface Management
Attack Surface
Continuous Monitoring
Dark Web Monitoring
Cloud Security
Vulnerability Management
Compliance
Third Party Risk
Threat Intelligence
Security Monitoring
ImmuniWeb® Discovery
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
0
Commercial
Attack Surface Management
Attack Surface Management
Attack Surface
Continuous Monitoring
+7
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
1
Commercial
Application Security
Application Security
Dependency Scanning
Vulnerability Management
Software Supply Chain
Open Source
Sbom
Security Scanning
Devsecops
Vulnerability Detection
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
1
Commercial
Application Security
Application Security
Dependency Scanning
Vulnerability Management
+6
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
0
Commercial
Cloud Security
Cloud Security
Cloud Native
Vulnerability Management
Compliance
Container Security
Cloud Compliance
Api Security
Kubernetes Security
Security Monitoring
Security Automation
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
0
Commercial
Cloud Security
Cloud Security
Cloud Native
Vulnerability Management
+7
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
1
Commercial
Application Security
Application Security
Github
Code Security
Static Analysis
Security Automation
Devsecops
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
1
Commercial
Application Security
Application Security
Github
Code Security
+3

LATEST ADDITIONS

VHostScan
A virtual host scanner with the ability to detect catch-all scenarios, aliases, and dynamic default pages, presented at SecTalks BNE in September 2017.
0
Free
Vulnerability Management
Http
Https
VHostScan
A virtual host scanner with the ability to detect catch-all scenarios, aliases, and dynamic default pages, presented at SecTalks BNE in September 2017.
0
Free
Vulnerability Management
Http
Https
Allstar
A GitHub App that monitors GitHub organizations or repositories for adherence to security best practices and detects policy violations.
0
Free
Vulnerability Management
Github
Security Policies
Compliance
Security Monitoring
Devsecops
Allstar
A GitHub App that monitors GitHub organizations or repositories for adherence to security best practices and detects policy violations.
0
Free
Vulnerability Management
Github
Security Policies
Compliance
+2
kube-hunter
kube-hunter hunts for security weaknesses in Kubernetes clusters.
0
Free
Vulnerability Management
Kubernetes
Kubernetes Security
Container Security
Cloud Security
Vulnerability Scanning
kube-hunter
kube-hunter hunts for security weaknesses in Kubernetes clusters.
0
Free
Vulnerability Management
Kubernetes
Kubernetes Security
Container Security
+2
OWASP Bricks
Deliberately vulnerable web application for security professionals to practice attack techniques.
0
Free
Vulnerability Management
Appsec
Appsec Training
Vulnerable App
Web App Security
Penetration Testing
Security Training
OWASP Bricks
Deliberately vulnerable web application for security professionals to practice attack techniques.
0
Free
Vulnerability Management
Appsec
Appsec Training
Vulnerable App
+3
OpenRedireX
A fuzzer for detecting open redirect vulnerabilities
0
Free
Vulnerability Management
Open Redirect
Vulnerability Scanner
Web Application Security
Penetration Testing
Security Research
OpenRedireX
A fuzzer for detecting open redirect vulnerabilities
0
Free
Vulnerability Management
Open Redirect
Vulnerability Scanner
Web Application Security
+2
Linux Soft Exploit Suggester
Script to find exploits for vulnerable software packages on Linux systems using an exploit database.
0
Free
Vulnerability Management
Exploit
Exploit Database
Privilege Escalation
Package Management
Linux Soft Exploit Suggester
Script to find exploits for vulnerable software packages on Linux systems using an exploit database.
0
Free
Vulnerability Management
Exploit
Exploit Database
Privilege Escalation
+1
dom-based-xss-finder
DOM-based XSS vulnerability scanner
0
Free
Vulnerability Management
Xss
Web Application Security
Vulnerability Scanning
Chrome Extension
dom-based-xss-finder
DOM-based XSS vulnerability scanner
0
Free
Vulnerability Management
Xss
Web Application Security
Vulnerability Scanning
+1
Nikto
Web server scanner for identifying security vulnerabilities.
0
Free
Vulnerability Management
Web App Security
Web Server
Scanner
Vulnerability Detection
Security Audit
Nikto
Web server scanner for identifying security vulnerabilities.
0
Free
Vulnerability Management
Web App Security
Web Server
Scanner
+2
DefectDojo
OWASP Project for making vulnerability management easier.
0
Free
Vulnerability Management
Vulnerability Management
Vulnerability Assessment
Vulnerability Detection
Collaboration
Owasp
DefectDojo
OWASP Project for making vulnerability management easier.
0
Free
Vulnerability Management
Vulnerability Management
Vulnerability Assessment
Vulnerability Detection
+2
Krypton
A wargame designed to test your hacking skills and knowledge
0
Free
Vulnerability Management
Wargames
Krypton
A wargame designed to test your hacking skills and knowledge
0
Free
Vulnerability Management
Wargames
AuditJS
Audits JavaScript projects for known vulnerabilities and outdated package versions using OSS Index v3 REST API.
0
Free
Vulnerability Management
Appsec
Npm
Yarn
Vulnerability Scanning
Package Manager
AuditJS
Audits JavaScript projects for known vulnerabilities and outdated package versions using OSS Index v3 REST API.
0
Free
Vulnerability Management
Appsec
Npm
Yarn
+2
Linux Exploit Suggester (LES)
Linux privilege escalation auditing tool for detecting security deficiencies in Linux kernels.
0
Free
Vulnerability Management
Linux
Privilege Escalation
Auditing
Cve
Linux Exploit Suggester (LES)
Linux privilege escalation auditing tool for detecting security deficiencies in Linux kernels.
0
Free
Vulnerability Management
Linux
Privilege Escalation
Auditing
+1
Censys
A search engine for the Internet of Things (IoT) that provides real-time information about connected devices.
0
Free
Vulnerability Management
Iot
Search Engine
Device Discovery
Port Scanning
Censys
A search engine for the Internet of Things (IoT) that provides real-time information about connected devices.
0
Free
Vulnerability Management
Iot
Search Engine
Device Discovery
+1
npm-scan
An extensible, heuristic-based vulnerability scanning tool for installed npm packages.
0
Free
Vulnerability Management
Npm
Vulnerability Scanning
Security Audit
Nodejs
npm-scan
An extensible, heuristic-based vulnerability scanning tool for installed npm packages.
0
Free
Vulnerability Management
Npm
Vulnerability Scanning
Security Audit
+1

Vulnerability Management

RELATED TASKS

PINNED

PTJunior

PTJunior

CTIChef.com Detection Feeds

CTIChef.com Detection Feeds

ImmuniWeb® Discovery

ImmuniWeb® Discovery

Checkmarx SCA

Checkmarx SCA

Orca Security

Orca Security

DryRun

DryRun

LATEST ADDITIONS

VHostScan

VHostScan

Allstar

Allstar

kube-hunter

kube-hunter

OWASP Bricks

OWASP Bricks

OpenRedireX

OpenRedireX

Linux Soft Exploit Suggester

Linux Soft Exploit Suggester

dom-based-xss-finder

dom-based-xss-finder

Nikto

Nikto

DefectDojo

DefectDojo

Krypton

Krypton

AuditJS

AuditJS

Linux Exploit Suggester (LES)

Linux Exploit Suggester (LES)

Censys

Censys

npm-scan

npm-scan