Vulnerability Management

Tools for identifying, prioritizing, and remediating security vulnerabilities in systems and applications.
Explore 166 curated tools and resources

All

Free

Commercial

Task

PINNED

InfoSecHired

An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.

Commercial

Resources

Checkmarx SCA

A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Commercial

Application Security

Check Point CloudGuard WAF

A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.

Commercial

Application Security

Orca Security

A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

Commercial

Cloud Security

DryRun

A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Commercial

Application Security

Wiz

Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.

Commercial

Cloud Security

LATEST ADDITIONS

Sherlock PowerShell Script
Powerful PowerShell script for identifying missing software patches for local privilege escalation vulnerabilities.
0
Free
Vulnerability Management
patch-management
vulnerability-scanning
+2
findmytakeover
A tool that detects dangling DNS records in a multi-cloud environment to prevent subdomain takeovers.
0
Free
Vulnerability Management
dns
cloud-security
+2
GoatseLinux: It's Wide Open [tm] GSL
A VMware image for penetration testing purposes
0
Free
Vulnerability Management
penetration-testing
binary-security
+1
bWAPP
A free and open-source deliberately insecure web application for security enthusiasts, developers, and students to discover and prevent web vulnerabilities.
0
Free
Vulnerability Management
appsec
bug-bounty
+5
Otseca
Open source security auditing tool to search and dump system configuration.
0
Free
Vulnerability Management
penetration-testing
security-audit
+2
Yasuo
A ruby script that scans for vulnerable 3rd-party web applications
0
Free
Vulnerability Management
appsec
appsec-tool
+4
w3af
Open source web application security scanner with 200+ vulnerability identification capabilities.
0
Free
Vulnerability Management
appsec
app-security
+5
CakeFuzzer
Automated vulnerability discovery tool for Cake PHP framework with limited false positives.
0
Free
Vulnerability Management
appsec
app-security
+2
Vulners
All-in-one vulnerability intelligence platform for prioritizing remediation efforts and driving security strategies.
0
Free
Vulnerability Management
vulnerability-management
security-advisories
+1
Yara-Scanner
Python-based extension for integrating a Yara scanner into Burp Suite for on-demand website scans based on custom rules.
0
Free
Vulnerability Management
appsec
burp-suite
+4
CVE Scanning of Alpine base images using Multi Stage builds in Docker 17.05
Scans Alpine base images for vulnerabilities using Multi Stage builds in Docker 17.05
0
Free
Vulnerability Management
docker
cve
+1
MetaHub
Automated contextual security findings enrichment and impact evaluation tool for vulnerability management.
0
Free
Vulnerability Management
aws
aws-security
+2
Sonatype Repository Firewall
Automate software supply chain security by blocking malicious open source components
0
Free
Vulnerability Management
appsec
open-source
+1
Metasploitable3
A virtual machine with numerous security vulnerabilities for testing exploits with Metasploit.
0
Free
Vulnerability Management
metasploit
vulnerability-testing
+2

Vulnerability Management

RELATED TASKS

PINNED

InfoSecHired

Checkmarx SCA

Check Point CloudGuard WAF

Orca Security

DryRun

Wiz

LATEST ADDITIONS

Sherlock PowerShell Script

findmytakeover

GoatseLinux: It's Wide Open [tm] GSL

bWAPP

Otseca

Yasuo

w3af

CakeFuzzer

Vulners

Yara-Scanner

CVE Scanning of Alpine base images using Multi Stage builds in Docker 17.05

MetaHub

Sonatype Repository Firewall

Metasploitable3