Security Assessment
Explore 21 curated tools and resources
LATEST ADDITIONS
Zania is an AI-driven platform that automates security and compliance tasks using autonomous agents for security inquiries, compliance assessments, and privacy regulation adherence.
ScubaGear assesses Microsoft 365 tenant configurations against CISA Secure Configuration Baselines, using PowerShell and Open Policy Agent to compare settings and generate compliance reports.
An open source framework for security assessments of iOS apps, now decommissioned in favor of Objection.
Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.
Multi-cloud OSINT tool for enumerating public resources in AWS, Azure, and Google Cloud.
A reconnaissance tool that retrieves information from Office 365 and Azure Active Directory using a valid credential.
Sysreptor offers a customizable reporting solution for penetration testing and red teaming.
A Live CD and Live USB for penetration testing and security assessment
Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.
Sysreptor offers a customizable reporting solution for penetration testing and red teaming activities.
Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.
Sysreptor offers a customizable reporting solution for offensive security assessments.
SharpPrinter enables efficient discovery of network printers for security and management purposes.
SharpShares efficiently enumerates and maps network shares and resolves names within a domain.
Sysreptor offers a customizable reporting solution for offensive security assessments.
Sysreptor offers a customizable reporting solution for penetration testing and red teaming.
The Hacker News is a leading cybersecurity news platform providing updates, insights, and information to professionals and enthusiasts in the field.
Exploit that launches a process on the host from within a Docker container run with the --privileged flag by abusing the Linux cgroup v1 “notification on release” feature.
AWS IAM Security Assessment tool for identifying violations of least privilege and generating risk-prioritized reports.
Sysreptor offers a customizable reporting solution for penetration testers and red teamers to streamline their security assessments.
DNSDumpster is a domain research tool for discovering and analyzing DNS records to map an organization's attack surface.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Commercial
Resources
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Free
Security Operations
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Free
Blogs and News
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Commercial
Cloud Security
RoboShadow
A cybersecurity platform that offers vulnerability scanning, Windows Defender and 3rd party AV management, and MFA compliance reporting, among other features.
Commercial
Vulnerability Management
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.
Commercial
AI Security