Security Testing
Explore 250 curated cybersecurity tools, with 14,237+ visitors searching for solutions
FEATURED
Password manager with end-to-end encryption and identity protection features
VPN service providing encrypted internet connections and privacy protection
Fractional CISO services for B2B companies to accelerate sales and compliance
Get Featured
Feature your product and reach thousands of professionals.
High-interaction SSH honeypot for logging SSH proxy with ongoing development.
High-interaction SSH honeypot for logging SSH proxy with ongoing development.
Create a vulnerable active directory for testing various Active Directory attacks.
Create a vulnerable active directory for testing various Active Directory attacks.
A collection of scripts and guidance for generating proof-of-concept Amazon GuardDuty findings to help users understand and test AWS security detection capabilities.
A collection of scripts and guidance for generating proof-of-concept Amazon GuardDuty findings to help users understand and test AWS security detection capabilities.
A vulnerable web site in NodeJS for testing security source code analyzers.
A vulnerable web site in NodeJS for testing security source code analyzers.
HoneyDrive is the premier honeypot Linux distro with over 10 pre-installed honeypot software packages and numerous analysis tools.
HoneyDrive is the premier honeypot Linux distro with over 10 pre-installed honeypot software packages and numerous analysis tools.
DET (extensible) Data Exfiltration Toolkit is a proof of concept tool for performing Data Exfiltration using multiple channels simultaneously.
DET (extensible) Data Exfiltration Toolkit is a proof of concept tool for performing Data Exfiltration using multiple channels simultaneously.
An easy to set up SSH honeypot for logging SSH connections and activity.
An easy to set up SSH honeypot for logging SSH connections and activity.
Snort 3 is the next generation Snort IPS with enhanced features and improved cross-platform support.
Snort 3 is the next generation Snort IPS with enhanced features and improved cross-platform support.
Introspy-Android is a dynamic analysis framework that hooks Android APIs at runtime to monitor application behavior and identify security vulnerabilities on rooted devices.
Introspy-Android is a dynamic analysis framework that hooks Android APIs at runtime to monitor application behavior and identify security vulnerabilities on rooted devices.
APKiD is a tool that identifies compilers, packers, obfuscators, and other weird stuff in APK files.
APKiD is a tool that identifies compilers, packers, obfuscators, and other weird stuff in APK files.
A penetration testing tool that intercepts SSH connections by patching OpenSSH source code to act as a proxy and log plaintext passwords and sessions.
A penetration testing tool that intercepts SSH connections by patching OpenSSH source code to act as a proxy and log plaintext passwords and sessions.
An open-source tool for detecting and analyzing Android apps' vulnerabilities and security issues.
An open-source tool for detecting and analyzing Android apps' vulnerabilities and security issues.
OWASP OWTF is a penetration testing framework focused on efficiency and alignment with security standards.
OWASP OWTF is a penetration testing framework focused on efficiency and alignment with security standards.
FeatherDuster is a cryptanalysis tool that automatically identifies and exploits weaknesses in cryptographic systems by analyzing ciphertext files.
FeatherDuster is a cryptanalysis tool that automatically identifies and exploits weaknesses in cryptographic systems by analyzing ciphertext files.
A comprehensive repository of payloads and bypass techniques for web application security testing and penetration testing across multiple platforms and attack vectors.
A comprehensive repository of payloads and bypass techniques for web application security testing and penetration testing across multiple platforms and attack vectors.
A platform offering hacking missions to test and enhance skills.
Platform for users to test cybersecurity skills by exploiting vulnerabilities.
Platform for users to test cybersecurity skills by exploiting vulnerabilities.
A collection of YARA rules designed to identify files containing sensitive information such as usernames, passwords, and credit card numbers for penetration testing and forensic analysis.
A collection of YARA rules designed to identify files containing sensitive information such as usernames, passwords, and credit card numbers for penetration testing and forensic analysis.
A modified version of OpenSSH deamon forwarding commands to Cowrie for logging brute force attacks and shell interactions.
A modified version of OpenSSH deamon forwarding commands to Cowrie for logging brute force attacks and shell interactions.
King Phisher is a phishing campaign toolkit for testing and promoting user awareness through simulated attacks.
King Phisher is a phishing campaign toolkit for testing and promoting user awareness through simulated attacks.
AHHHZURE is an automated deployment script that creates vulnerable Azure cloud lab environments for offensive security training and cloud penetration testing practice.
AHHHZURE is an automated deployment script that creates vulnerable Azure cloud lab environments for offensive security training and cloud penetration testing practice.
A Python script that performs security testing attacks against AWS Cognito services including account creation, user enumeration, and privilege escalation vulnerabilities.
A Python script that performs security testing attacks against AWS Cognito services including account creation, user enumeration, and privilege escalation vulnerabilities.
Medium interaction SSH Honeypot with multiple virtual hosts and sandboxed filesystems.
Medium interaction SSH Honeypot with multiple virtual hosts and sandboxed filesystems.
NoSQLMap is an open source Python tool that automates NoSQL injection attacks and exploits configuration weaknesses in NoSQL databases to disclose or clone data.
NoSQLMap is an open source Python tool that automates NoSQL injection attacks and exploits configuration weaknesses in NoSQL databases to disclose or clone data.
