Security Assessment

Open-source platform for pentest reporting and security team collaboration

Cybersecurity assessment platform for SMEs with maturity scoring and roadmaps

SOCRadar Attack Surface Management is an EASM platform that continuously discovers, monitors, and assesses internet-facing digital assets for vulnerabilities and security risks.

SOCRadar Digital Footprint provides comprehensive discovery and monitoring of an organization's external digital assets and attack surface from an attacker's perspective.

A Python script that scans file systems to identify hardcoded credentials, API keys, and other sensitive secrets using configurable regex patterns.

AI agent that autonomously discovers, exploits, and documents vulnerabilities.

A free online tool that tests email server security by evaluating server configurations, DNS security settings, encryption, blacklist status, and potential compromise indicators.

A free online service that scans the dark web for exposed credentials and sensitive data associated with specific domains or email addresses.

Panorays is a third-party cyber risk management platform that combines external attack surface monitoring with automated security questionnaires to assess, remediate, and continuously monitor vendor security postures.

Managed cybersecurity services provider offering vCISO, pentesting, and MSS

A risk management platform for banks and payment service providers that automates merchant onboarding, provides real-time monitoring, simplifies PCI-DSS compliance, and delivers actionable business intelligence.

A mapping tool that correlates MITRE ATT&CK techniques with atomic tests and detection rules to analyze security detection coverage.

Automated web scanner detecting vulnerabilities and HTTP security headers

Automated security design review platform for developers

Zania is an AI-driven platform that automates security and compliance tasks using autonomous agents for security inquiries, compliance assessments, and privacy regulation adherence.

ScubaGear is a PowerShell-based assessment tool that evaluates Microsoft 365 tenant configurations against CISA security baselines using Open Policy Agent and generates compliance reports.

AI security platform for red teaming AI agents, GenAI apps, and ML models

A storage exploration tool that provides unified access to view publicly accessible Amazon S3 buckets, Azure Blob storage, FTP servers, and HTTP directory listings.

A Python tool that tests multiple AWS S3 buckets for security misconfigurations including directory listing and upload permissions.

A specialized scanner that detects XSS vulnerabilities in older versions of Swagger-ui implementations.

A security scanner that identifies Cross-Origin Resource Sharing (CORS) misconfigurations in web applications to detect potential vulnerabilities.

A security tool that performs whitebox evaluation of S3 object permissions to identify publicly accessible files and generate reports on potential exposure risks.

A CLI tool that enhances Nmap with 31 modules containing 459 scan profiles for streamlined network reconnaissance and security assessments.

SSTImap is an automated detection tool that identifies Server-Side Template Injection vulnerabilities in web applications through systematic testing and analysis.