Explore 22 curated tools and resources
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
An email security platform that combines human intelligence from millions of trained employees with AI/ML to detect, report, analyze, and remediate phishing attacks that bypass traditional security gateways.
An email security platform that combines human intelligence from millions of trained employees with AI/ML to detect, report, analyze, and remediate phishing attacks that bypass traditional security gateways.
A human risk management platform that identifies, assesses, and mitigates security risks associated with employee behavior through monitoring, targeted interventions, and comprehensive reporting.
A human risk management platform that identifies, assesses, and mitigates security risks associated with employee behavior through monitoring, targeted interventions, and comprehensive reporting.
A security solution that protects email and collaboration tools in Microsoft 365 environments against advanced threats including phishing, business email compromise, ransomware, and malware.
A security solution that protects email and collaboration tools in Microsoft 365 environments against advanced threats including phishing, business email compromise, ransomware, and malware.
Network Intelligence is a cybersecurity services provider offering comprehensive security solutions through their ADVISE framework, including detection and response, compliance, data privacy, and secure digital transformation services across multiple industries.
Network Intelligence is a cybersecurity services provider offering comprehensive security solutions through their ADVISE framework, including detection and response, compliance, data privacy, and secure digital transformation services across multiple industries.
A security awareness platform that combines phishing simulations with employee training to reduce organizational risk from email-based attacks.
A security awareness platform that combines phishing simulations with employee training to reduce organizational risk from email-based attacks.
A list of vulnerable applications for testing and learning
A list of vulnerable applications for testing and learning
Deliberately vulnerable web application for security professionals to practice attack techniques.
Deliberately vulnerable web application for security professionals to practice attack techniques.
IT certification training for CompTIA exams with free resources.
IT certification training for CompTIA exams with free resources.
The best security training environment for Developers and AppSec Professionals.
The best security training environment for Developers and AppSec Professionals.
echoCTF is a computer security framework for running cybersecurity exercises and competitions like Capture the Flag, used for network penetration testing and security auditing.
echoCTF is a computer security framework for running cybersecurity exercises and competitions like Capture the Flag, used for network penetration testing and security auditing.
A wargame composed of 27 levels, with files needed in /vortex/ directory.
A wargame composed of 27 levels, with files needed in /vortex/ directory.
GRFICS is a graphical realism framework for industrial control simulations using Unity 3D game engine graphics to enhance ICS security training.
GRFICS is a graphical realism framework for industrial control simulations using Unity 3D game engine graphics to enhance ICS security training.
A series of vulnerable virtual machine images with documentation to teach Linux, Apache, PHP, MySQL security.
A series of vulnerable virtual machine images with documentation to teach Linux, Apache, PHP, MySQL security.
An open-source phishing toolkit for businesses and penetration testers.
An open-source phishing toolkit for businesses and penetration testers.
A wargame that challenges your hacking skills
Free training sessions on Reverse Engineering, Malware Analysis, and Exploit Development.
Free training sessions on Reverse Engineering, Malware Analysis, and Exploit Development.
King Phisher is a phishing campaign toolkit for testing and promoting user awareness through simulated attacks.
King Phisher is a phishing campaign toolkit for testing and promoting user awareness through simulated attacks.
CloudGoat is a 'Vulnerable by Design' AWS deployment tool for honing cloud cybersecurity skills through 'capture-the-flag' style scenarios.
CloudGoat is a 'Vulnerable by Design' AWS deployment tool for honing cloud cybersecurity skills through 'capture-the-flag' style scenarios.
NodeGoat provides an environment to learn and address OWASP Top 10 security risks in Node.js web applications.
A wargaming network for penetration testers to practice their skills in a realistic environment.
A wargaming network for penetration testers to practice their skills in a realistic environment.
A platform for creating and managing fake phishing campaigns to raise awareness and train users to identify suspicious emails.
A platform for creating and managing fake phishing campaigns to raise awareness and train users to identify suspicious emails.
SANS Institute provides cyber security training, certifications, and degrees to empower cyber security practitioners and teams.
SANS Institute provides cyber security training, certifications, and degrees to empower cyber security practitioners and teams.