Vulnerability Management
Tools for identifying, prioritizing, and remediating security vulnerabilities in systems and applications.Explore 129 curated tools and resources
Search by name, description, or purpose... (⌘+K)
RELATED TASKS
PINNED
Promoted • 6 toolsCommercial
Data Protection
Commercial
Network Security
Commercial
Consulting
Commercial
Application Security
Commercial
Cloud Security
Commercial
Application Security
Want your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
Platform for users to test cybersecurity skills by exploiting vulnerabilities.
Platform for users to test cybersecurity skills by exploiting vulnerabilities.
An AI-powered Google Dorking tool that helps create effective search queries to uncover sensitive information on the internet.
An AI-powered Google Dorking tool that helps create effective search queries to uncover sensitive information on the internet.
A Capture The Flag (CTF) platform for testing computer security skills
A Capture The Flag (CTF) platform for testing computer security skills
Mana Security is a macOS-focused vulnerability management tool that continuously monitors 100+ applications for security vulnerabilities and tracks patching performance against community benchmarks.
Mana Security is a macOS-focused vulnerability management tool that continuously monitors 100+ applications for security vulnerabilities and tracks patching performance against community benchmarks.
Automates SQL injection detection and exploitation
A comprehensive guide to Android Security
iOS application for testing iOS penetration testing skills in a legal environment.
iOS application for testing iOS penetration testing skills in a legal environment.
Compares target's patch levels against Microsoft vulnerability database and detects missing patches.
Compares target's patch levels against Microsoft vulnerability database and detects missing patches.
A demonstration site for the Acunetix Web Vulnerability Scanner, featuring intentionally vulnerable PHP code to test web application security.
A demonstration site for the Acunetix Web Vulnerability Scanner, featuring intentionally vulnerable PHP code to test web application security.
A tool that automatically audits website security by crawling an entire website and identifying vulnerabilities
A tool that automatically audits website security by crawling an entire website and identifying vulnerabilities
A Docker security analysis tool that scans containers and networks to identify vulnerabilities and security weaknesses in Docker environments.
A Docker security analysis tool that scans containers and networks to identify vulnerabilities and security weaknesses in Docker environments.
A platform to learn SQL injection techniques and methods
A platform to learn SQL injection techniques and methods
Advanced email reconnaissance tool leveraging public data.
A community effort to compile security advisories for Ruby libraries with a detailed directory structure.
A community effort to compile security advisories for Ruby libraries with a detailed directory structure.
Powerful PowerShell script for identifying missing software patches for local privilege escalation vulnerabilities.
Powerful PowerShell script for identifying missing software patches for local privilege escalation vulnerabilities.
A VMware image for penetration testing purposes
A VMware image for penetration testing purposes
A free and open-source deliberately insecure web application for security enthusiasts, developers, and students to discover and prevent web vulnerabilities.
A free and open-source deliberately insecure web application for security enthusiasts, developers, and students to discover and prevent web vulnerabilities.
Open source security auditing tool to search and dump system configuration.
Open source security auditing tool to search and dump system configuration.
A Ruby script that scans networks for vulnerable third-party web applications and front-ends with known exploitable security flaws.
A Ruby script that scans networks for vulnerable third-party web applications and front-ends with known exploitable security flaws.
All-in-one vulnerability intelligence platform for prioritizing remediation efforts and driving security strategies.
All-in-one vulnerability intelligence platform for prioritizing remediation efforts and driving security strategies.
A Docker MultiStage build implementation that integrates CVE scanning into Alpine Linux container builds using Docker 17.05's build-time vulnerability assessment capabilities.
A Docker MultiStage build implementation that integrates CVE scanning into Alpine Linux container builds using Docker 17.05's build-time vulnerability assessment capabilities.
MetaHub is an open-source vulnerability management tool that provides impact-contextual analysis of security findings in AWS environments through automated contextualization, ownership identification, and prioritization scoring.
MetaHub is an open-source vulnerability management tool that provides impact-contextual analysis of security findings in AWS environments through automated contextualization, ownership identification, and prioritization scoring.
Automate software supply chain security by blocking malicious open source components
Automate software supply chain security by blocking malicious open source components