Explore 25 curated tools and resources
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
A proof-of-concept tool that demonstrates automated MFA bypass techniques for Microsoft Outlook through browser automation and request interception.
A proof-of-concept tool that demonstrates automated MFA bypass techniques for Microsoft Outlook through browser automation and request interception.
Goof is a vulnerable Node.js demo application that includes a series of vulnerabilities and exploits
Goof is a vulnerable Node.js demo application that includes a series of vulnerabilities and exploits
An extensible, heuristic-based vulnerability scanning tool for installed npm packages.
An extensible, heuristic-based vulnerability scanning tool for installed npm packages.
Cybersecurity project for security monitoring of Node.js applications.
Exhaustive checklist for securing Node.js web services with a focus on error handling and custom error pages.
ElasticSearch honeypot to capture attempts to exploit CVE-2014-3120, with logging and daemon options.
A library for validating and accessing environment variables in Node.js programs
A library for validating and accessing environment variables in Node.js programs
Check for known vulnerabilities in your Node.js installation.
Check for known vulnerabilities in your Node.js installation.
Pac-resolver, a popular NPM package with 3 million weekly downloads, has a severe remote code execution flaw.
Pac-resolver, a popular NPM package with 3 million weekly downloads, has a severe remote code execution flaw.
The Node.js Bug Bounty Program is a program aimed at identifying and fixing security vulnerabilities in the Node.js ecosystem.
The Node.js Bug Bounty Program is a program aimed at identifying and fixing security vulnerabilities in the Node.js ecosystem.
A vulnerable web site in NodeJS for testing security source code analyzers.
A vulnerable web site in NodeJS for testing security source code analyzers.
Finds publicly known security vulnerabilities in a website's frontend JavaScript libraries.
Finds publicly known security vulnerabilities in a website's frontend JavaScript libraries.
Taxii2 server for interacting with taxii services.
DOMPurify is a fast XSS sanitizer for HTML, MathML, and SVG.
Web-based tool for browsing mobile applications sandbox and previewing SQLite databases.
Web-based tool for browsing mobile applications sandbox and previewing SQLite databases.
A honeypot tool to mimic the router backdoor 'TCP32764' found in various router firmwares, providing a way to test for vulnerabilities.
NodeGoat provides an environment to learn and address OWASP Top 10 security risks in Node.js web applications.
A list of disposable email domains to detect or block disposable accounts
A list of disposable email domains to detect or block disposable accounts
Static security code scanner (SAST) for Node.js applications with Docker support and integrations with Slack.
Static security code scanner (SAST) for Node.js applications with Docker support and integrations with Slack.
A Node.js Ebook by GENTILHOMME Thomas, covering Node.js development and resources
A Node.js Ebook by GENTILHOMME Thomas, covering Node.js development and resources
Gamma Ray is a software that helps developers to look for vulnerabilities on their Node.js applications with a pluggable infrastructure for integration with vulnerabilities databases.
Gamma Ray is a software that helps developers to look for vulnerabilities on their Node.js applications with a pluggable infrastructure for integration with vulnerabilities databases.